Exemplo n.º 1
 * Main form rendering script
 * By sending certain parameters to this script you can bring up a form
 * which allows the user to edit the content of one or more database records.
 * @author Kasper Skårhøj <*****@*****.**>
call_user_func(function () {
    $classLoader = (require __DIR__ . '/contrib/vendor/autoload.php');
    (new \TYPO3\CMS\Backend\Http\Application($classLoader))->run(function () {
        \TYPO3\CMS\Core\Utility\GeneralUtility::deprecationLog('The entry point to FormEngine was moved to an own module. Please use BackendUtility::getModuleUrl(\'record_edit\') to link to alt_doc.php. This script will be removed in TYPO3 CMS 8.');
        /* @var $editDocumentController \TYPO3\CMS\Backend\Controller\EditDocumentController */
        $editDocumentController = \TYPO3\CMS\Core\Utility\GeneralUtility::makeInstance(\TYPO3\CMS\Backend\Controller\EditDocumentController::class);
        // Preprocessing, storing data if submitted to
        // Checks, if a save button has been clicked (or the doSave variable is sent)
        if ($editDocumentController->doProcessData()) {
            $formprotection = \TYPO3\CMS\Core\FormProtection\FormProtectionFactory::get();
            if ($formprotection->validateToken(\TYPO3\CMS\Core\Utility\GeneralUtility::_GP('formToken'), 'editRecord')) {
Exemplo n.º 2
  * Rendering the quick-edit view.
  * @return string
 public function renderQuickEdit()
     $databaseConnection = $this->getDatabaseConnection();
     $beUser = $this->getBackendUser();
     $lang = $this->getLanguageService();
     // Set the edit_record value for internal use in this function:
     $edit_record = $this->edit_record;
     // If a command to edit all records in a column is issue, then select all those elements, and redirect to FormEngine
     if (substr($edit_record, 0, 9) == '_EDIT_COL') {
         $res = $databaseConnection->exec_SELECTquery('*', 'tt_content', 'pid=' . (int) $this->id . ' AND colPos=' . (int) substr($edit_record, 10) . ' AND sys_language_uid=' . (int) $this->current_sys_language . ($this->MOD_SETTINGS['tt_content_showHidden'] ? '' : BackendUtility::BEenableFields('tt_content')) . BackendUtility::deleteClause('tt_content') . BackendUtility::versioningPlaceholderClause('tt_content'), '', 'sorting');
         $idListA = array();
         while ($cRow = $databaseConnection->sql_fetch_assoc($res)) {
             $idListA[] = $cRow['uid'];
         $url = BackendUtility::getModuleUrl('record_edit', array('edit[tt_content][' . implode(',', $idListA) . ']' => 'edit', 'returnUrl' => $this->local_linkThisScript(array('edit_record' => ''))));
     // If the former record edited was the creation of a NEW record, this will look up the created records uid:
     if ($this->new_unique_uid) {
         $res = $databaseConnection->exec_SELECTquery('*', 'sys_log', 'userid=' . (int) $beUser->user['uid'] . ' AND NEWid=' . $databaseConnection->fullQuoteStr($this->new_unique_uid, 'sys_log'));
         $sys_log_row = $databaseConnection->sql_fetch_assoc($res);
         if (is_array($sys_log_row)) {
             $edit_record = $sys_log_row['tablename'] . ':' . $sys_log_row['recuid'];
     $edit_record = $this->makeQuickEditMenu($edit_record);
     // Splitting the edit-record cmd value into table/uid:
     $this->eRParts = explode(':', $edit_record);
     $tableName = $this->eRParts[0];
     // Delete-button flag?
     $this->deleteButton = MathUtility::canBeInterpretedAsInteger($this->eRParts[1]) && $edit_record && ($tableName !== 'pages' && $this->EDIT_CONTENT || $tableName === 'pages' && $this->CALC_PERMS & Permission::PAGE_DELETE);
     // If undo-button should be rendered (depends on available items in sys_history)
     $this->undoButton = false;
     $undoRes = $databaseConnection->exec_SELECTquery('tstamp', 'sys_history', 'tablename=' . $databaseConnection->fullQuoteStr($tableName, 'sys_history') . ' AND recuid=' . (int) $this->eRParts[1], '', 'tstamp DESC', '1');
     if ($this->undoButtonR = $databaseConnection->sql_fetch_assoc($undoRes)) {
         $this->undoButton = true;
     // Setting up the Return URL for coming back to THIS script (if links take the user to another script)
     $R_URL_parts = parse_url(GeneralUtility::getIndpEnv('REQUEST_URI'));
     $R_URL_getvars = GeneralUtility::_GET();
     $R_URL_getvars['edit_record'] = $edit_record;
     $this->R_URI = $R_URL_parts['path'] . '?' . GeneralUtility::implodeArrayForUrl('', $R_URL_getvars);
     // Creating editing form:
     if ($edit_record) {
         // Splitting uid parts for special features, if new:
         list($uidVal, $neighborRecordUid, $ex_colPos) = explode('/', $this->eRParts[1]);
         if ($uidVal === 'new') {
             $command = 'new';
             // Page id of this new record
             $theUid = $this->id;
             if ($neighborRecordUid) {
                 $theUid = $neighborRecordUid;
         } else {
             $command = 'edit';
             $theUid = $uidVal;
             // Convert $uidVal to workspace version if any:
             $draftRecord = BackendUtility::getWorkspaceVersionOfRecord($beUser->workspace, $tableName, $theUid, 'uid');
             if ($draftRecord) {
                 $theUid = $draftRecord['uid'];
         // @todo: Hack because DatabaseInitializeNewRow reads from _GP directly
         $GLOBALS['_GET']['defVals'][$tableName] = array('colPos' => (int) $ex_colPos, 'sys_language_uid' => (int) $this->current_sys_language);
         /** @var TcaDatabaseRecord $formDataGroup */
         $formDataGroup = GeneralUtility::makeInstance(TcaDatabaseRecord::class);
         /** @var FormDataCompiler $formDataCompiler */
         $formDataCompiler = GeneralUtility::makeInstance(FormDataCompiler::class, $formDataGroup);
         /** @var NodeFactory $nodeFactory */
         $nodeFactory = GeneralUtility::makeInstance(NodeFactory::class);
         try {
             $formDataCompilerInput = ['tableName' => $tableName, 'vanillaUid' => (int) $theUid, 'command' => $command];
             $formData = $formDataCompiler->compile($formDataCompilerInput);
             if ($command !== 'new') {
                 BackendUtility::lockRecords($tableName, $formData['databaseRow']['uid'], $tableName === 'tt_content' ? $formData['databaseRow']['pid'] : 0);
             $formData['renderType'] = 'outerWrapContainer';
             $formResult = $nodeFactory->create($formData)->render();
             $panel = $formResult['html'];
             $formResult['html'] = '';
             /** @var FormResultCompiler $formResultCompiler */
             $formResultCompiler = GeneralUtility::makeInstance(FormResultCompiler::class);
             $row = $formData['databaseRow'];
             $new_unique_uid = '';
             if ($command === 'new') {
                 $new_unique_uid = $row['uid'];
             // Add hidden fields:
             if ($uidVal == 'new') {
                 $panel .= '<input type="hidden" name="data[' . $tableName . '][' . $row['uid'] . '][pid]" value="' . $row['pid'] . '" />';
             $redirect = $uidVal == 'new' ? BackendUtility::getModuleUrl($this->moduleName, ['id' => $this->id, 'new_unique_uid' => $new_unique_uid, 'returnUrl' => $this->returnUrl]) : $this->R_URI;
             $panel .= '
                 <input type="hidden" name="_serialNumber" value="' . md5(microtime()) . '" />
                 <input type="hidden" name="edit_record" value="' . $edit_record . '" />
                 <input type="hidden" name="redirect" value="' . htmlspecialchars($redirect) . '" />
             // Add JavaScript as needed around the form:
             $content = $formResultCompiler->JStop() . $panel . $formResultCompiler->printNeededJSFunctions();
             // Display "is-locked" message:
             if ($command === 'edit') {
                 $lockInfo = BackendUtility::isRecordLocked($tableName, $formData['databaseRow']['uid']);
                 if ($lockInfo) {
                     /** @var \TYPO3\CMS\Core\Messaging\FlashMessage $flashMessage */
                     $flashMessage = GeneralUtility::makeInstance(FlashMessage::class, htmlspecialchars($lockInfo['msg']), '', FlashMessage::WARNING);
                     /** @var $flashMessageService \TYPO3\CMS\Core\Messaging\FlashMessageService */
                     $flashMessageService = GeneralUtility::makeInstance(FlashMessageService::class);
                     /** @var $defaultFlashMessageQueue \TYPO3\CMS\Core\Messaging\FlashMessageQueue */
                     $defaultFlashMessageQueue = $flashMessageService->getMessageQueueByIdentifier();
         } catch (AccessDeniedException $e) {
             // If no edit access, print error message:
             $content = '<h2>' . $lang->getLL('noAccess', true) . '</h2>';
             $content .= '<div>' . $lang->getLL('noAccess_msg') . '<br /><br />' . ($beUser->errorMsg ? 'Reason: ' . $beUser->errorMsg . '<br /><br />' : '') . '</div>';
     } else {
         // If no edit access, print error message:
         $content = '<h2>' . $lang->getLL('noAccess') . '</h2>';
         $content .= '<div>' . $lang->getLL('noAccess_msg') . '</div>';
     // Element selection matrix:
     if ($tableName === 'tt_content' && MathUtility::canBeInterpretedAsInteger($this->eRParts[1])) {
         $content .= '<h2>' . $lang->getLL('CEonThisPage') . '</h2>';
         // PositionMap
         $posMap = GeneralUtility::makeInstance(ContentLayoutPagePositionMap::class);
         $posMap->cur_sys_language = $this->current_sys_language;
         $content .= $posMap->printContentElementColumns($this->id, $this->eRParts[1], $this->colPosList, $this->MOD_SETTINGS['tt_content_showHidden'], $this->R_URI);
         // Toggle hidden ContentElements
         $numberOfHiddenElements = $this->getNumberOfHiddenElements();
         if ($numberOfHiddenElements) {
             $content .= '<div class="checkbox">';
             $content .= '<label for="checkTt_content_showHidden">';
             $content .= BackendUtility::getFuncCheck($this->id, 'SET[tt_content_showHidden]', $this->MOD_SETTINGS['tt_content_showHidden'], '', '', 'id="checkTt_content_showHidden"');
             $content .= !$numberOfHiddenElements ? '<span class="text-muted">' . $lang->getLL('hiddenCE', true) . '</span>' : $lang->getLL('hiddenCE', true) . ' (' . $numberOfHiddenElements . ')';
             $content .= '</label>';
             $content .= '</div>';
         // CSH
         $content .= BackendUtility::cshItem($this->descrTable, 'quickEdit_selElement');
     return $content;
Exemplo n.º 4
  * Injects the request object for the current request or subrequest
  * Simply calls main() and init() and outputs the content
  * @param ServerRequestInterface $request the current request
  * @param ResponseInterface $response
  * @return ResponseInterface the response with the content
 public function mainAction(ServerRequestInterface $request, ResponseInterface $response)
     $GLOBALS['SOBE'] = $this;
     return $response;
Exemplo n.º 5
  * Injects the request object for the current request or subrequest
  * @param ServerRequestInterface $request the current request
  * @param ResponseInterface $response
  * @return ResponseInterface the response with the content
 public function mainAction(ServerRequestInterface $request, ResponseInterface $response)
     // Preprocessing, storing data if submitted to
     // Checks, if a save button has been clicked (or the doSave variable is sent)
     if ($this->doProcessData()) {
     return $response;
  * Log out current user!
  * Removes the current session record, sets the internal ->user array to a blank string;
  * Thereby the current user (if any) is effectively logged out!
  * @return void
 public function logoff()
     if ($this->writeDevLog) {
         GeneralUtility::devLog('logoff: ses_id = ' . $this->id, AbstractUserAuthentication::class);
     // Release the locked records
     // Hook for pre-processing the logoff() method, requested and implemented by andreas.otto@dkd.de:
     if (is_array($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['t3lib/class.t3lib_userauth.php']['logoff_pre_processing'])) {
         $_params = array();
         foreach ($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['t3lib/class.t3lib_userauth.php']['logoff_pre_processing'] as $_funcRef) {
             if ($_funcRef) {
                 GeneralUtility::callUserFunction($_funcRef, $_params, $this);
     GeneralUtility::makeInstance(ConnectionPool::class)->getConnectionForTable($this->session_table)->delete($this->session_table, ['ses_id' => $this->id, 'ses_name' => $this->name]);
     $this->user = null;
     // Hook for post-processing the logoff() method, requested and implemented by andreas.otto@dkd.de:
     if (is_array($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['t3lib/class.t3lib_userauth.php']['logoff_post_processing'])) {
         $_params = array();
         foreach ($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['t3lib/class.t3lib_userauth.php']['logoff_post_processing'] as $_funcRef) {
             if ($_funcRef) {
                 GeneralUtility::callUserFunction($_funcRef, $_params, $this);
Exemplo n.º 7
  * Sets the lock for a record from table/id, IF $this->lockRecords is set!
  * @param string $table The table name
  * @param int $id The id of the record
  * @param int $pid The pid of the record
  * @return void
 public function lockRecord($table, $id, $pid = 0)
     if ($this->lockRecords) {
         BackendUtility::lockRecords($table, $id, $pid);
Exemplo n.º 8
