/**
* The slot for the signal in DatabaseTreeDataProvider.
*
* @param DatabaseTreeDataProvider $dataProvider
* @param TreeNode $treeData
* @return void
*/
public function addUserPermissionsToCategoryTreeData(DatabaseTreeDataProvider $dataProvider, $treeData)
{
if (!$this->backendUserAuthentication->isAdmin() && $dataProvider->getTableName() === $this->categoryTableName) {
// Get User permissions related to category
$categoryMountPoints = $this->backendUserAuthentication->getCategoryMountPoints();
// Backup child nodes to be processed.
$treeNodeCollection = $treeData->getChildNodes();
if (!empty($categoryMountPoints) && !empty($treeNodeCollection)) {
// First, remove all child nodes which must be analysed to be considered as "secure".
// The nodes were backed up in variable $treeNodeCollection beforehand.
$treeData->removeChildNodes();
// Create an empty tree node collection to receive the secured nodes.
/** @var TreeNodeCollection $securedTreeNodeCollection */
$securedTreeNodeCollection = \TYPO3\CMS\Core\Utility\GeneralUtility::makeInstance('TYPO3\\CMS\\Backend\\Tree\\TreeNodeCollection');
foreach ($categoryMountPoints as $categoryMountPoint) {
$treeNode = $this->lookUpCategoryMountPointInTreeNodes((int) $categoryMountPoint, $treeNodeCollection);
if (!is_null($treeNode)) {
$securedTreeNodeCollection->append($treeNode);
}
}
// Reset child nodes.
$treeData->setChildNodes($securedTreeNodeCollection);
}
}
}
/**
* @test
*/
public function logoffCleansFormProtection()
{
$formProtection = $this->getMock('TYPO3\\CMS\\Core\\FormProtection\\BackendFormProtection', array('clean'));
$formProtection->expects($this->atLeastOnce())->method('clean');
\TYPO3\CMS\Core\FormProtection\FormProtectionFactory::set('TYPO3\\CMS\\Core\\FormProtection\\BackendFormProtection', $formProtection);
$this->fixture->logoff();
}
/**
* @test
*/
public function addDataWithInlineTypeAndModifyRightsWillAddChildren()
{
$input = ['processedTca' => ['columns' => ['aField' => ['config' => ['type' => 'inline', 'foreign_table' => 'aForeignTableName']]]]];
$this->beUserProphecy->check('tables_modify', $input['processedTca']['columns']['aField']['config']['foreign_table'])->shouldBeCalled()->willReturn(true);
$expected = $this->defaultConfig;
$expected['processedTca']['columns']['aField']['children'] = [];
$this->assertEquals($expected, $this->subject->addData($input));
}
/**
* Returns the session contents
*
* @param string $key
* @return mixed
*/
public function getSessionContents($key)
{
$sessionData = $this->backendUserAuthentication->getSessionData($key);
if ($sessionData !== null) {
$content = unserialize($sessionData);
if (isset($content['contents'])) {
return $content['contents'];
}
}
return false;
}
/**
* Adds file mounts from the user's file mount records
*
* @param ResourceStorage $storage
* @return void
*/
protected function addFileMountsToStorage(ResourceStorage $storage)
{
foreach ($this->backendUserAuthentication->getFileMountRecords() as $fileMountRow) {
if ((int) $fileMountRow['base'] === (int) $storage->getUid()) {
try {
$storage->addFileMount($fileMountRow['path'], $fileMountRow);
} catch (FolderDoesNotExistException $e) {
// That file mount does not seem to be valid, fail silently
}
}
}
}
/**
* Executes the modules configured via Extbase
*
* @param string $moduleName
* @return Response A PSR-7 response object
* @throws \RuntimeException
*/
protected function dispatchModule($moduleName)
{
$moduleConfiguration = $this->getModuleConfiguration($moduleName);
// Check permissions and exit if the user has no permission for entry
$this->backendUserAuthentication->modAccess($moduleConfiguration, true);
$id = isset($this->request->getQueryParams()['id']) ? $this->request->getQueryParams()['id'] : $this->request->getParsedBody()['id'];
if ($id && MathUtility::canBeInterpretedAsInteger($id)) {
// Check page access
$permClause = $this->backendUserAuthentication->getPagePermsClause(true);
$access = is_array(BackendUtility::readPageAccess((int) $id, $permClause));
if (!$access) {
throw new \RuntimeException('You don\'t have access to this page', 1289917924);
}
}
/** @var Response $response */
$response = GeneralUtility::makeInstance(Response::class);
// Use Core Dispatching
if (isset($moduleConfiguration['routeTarget'])) {
$dispatcher = GeneralUtility::makeInstance(Dispatcher::class);
$this->request = $this->request->withAttribute('target', $moduleConfiguration['routeTarget']);
$response = $dispatcher->dispatch($this->request, $response);
} else {
// extbase module
$configuration = array('extensionName' => $moduleConfiguration['extensionName'], 'pluginName' => $moduleName);
if (isset($moduleConfiguration['vendorName'])) {
$configuration['vendorName'] = $moduleConfiguration['vendorName'];
}
// Run Extbase
$bootstrap = GeneralUtility::makeInstance(\TYPO3\CMS\Extbase\Core\Bootstrap::class);
$content = $bootstrap->run('', $configuration);
$response->getBody()->write($content);
}
return $response;
}
/**
* Returns a comma-separeted list of mounts.
*
* @return string item1, item2, ..., itemN
*/
protected function getMounts()
{
$mounts = '';
// Set mount to 0 if the User is a admin
if (!$this->byGroup && $this->user->isAdmin()) {
$mounts = '0';
} else {
$database = $this->getDatabaseConnection();
// Read usermounts - if none are set, mounts are set to NULL
if (!$this->byGroup) {
$result = $database->exec_SELECTquery($this->field . ',' . $this->usergroupField, $this->table, 'uid = ' . $this->user_uid, $this->where);
$row = $database->sql_fetch_assoc($result);
$mounts = $row[$this->field];
// Read Usergroup mounts
$groups = \TYPO3\CMS\Core\Utility\GeneralUtility::uniqueList($row[$this->usergroupField]);
} else {
$groups = $this->group;
}
if (trim($groups)) {
$result = $database->exec_SELECTquery($this->field, $this->grouptable, 'uid IN (' . $groups . ')');
// Walk the groups and add the mounts
while ($row = $database->sql_fetch_assoc($result)) {
$mounts .= ',' . $row[$this->field];
}
// Make nicely formated list
$mounts = \TYPO3\CMS\Core\Utility\GeneralUtility::uniqueList($mounts);
}
}
return $mounts;
}
/**
* Returns TRUE if the internal BE_USER has access to the module $name with $MCONF (based on security level set for that module)
*
* @param string $name Module name
* @param array $MCONF MCONF array (module configuration array) from the modules conf.php file (contains settings about what access level the module has)
* @return boolean TRUE if access is granted for $this->BE_USER
* @todo Define visibility
*/
public function checkModAccess($name, $MCONF)
{
if ($MCONF['access']) {
$access = strtolower($MCONF['access']);
// Checking if admin-access is required
// If admin-permissions is required then return TRUE if user is admin
if (strstr($access, 'admin')) {
if ($this->BE_USER->isAdmin()) {
return TRUE;
}
}
// This will add modules to the select-lists of user and groups
if (strstr($access, 'user')) {
$this->modListUser[] = $name;
}
if (strstr($access, 'group')) {
$this->modListGroup[] = $name;
}
// This checks if a user is permitted to access the module
if ($this->BE_USER->isAdmin() || $this->BE_USER->check('modules', $name)) {
return TRUE;
}
} else {
return TRUE;
}
}
/**
* Check if given category is allowed by the access rights
*
* @param \TYPO3\CMS\Backend\Tree\TreeNode $child
* @return bool
*/
protected function isCategoryAllowed($child)
{
$mounts = $this->backendUserAuthentication->getCategoryMountPoints();
if (empty($mounts)) {
return TRUE;
}
return in_array($child->getId(), $mounts);
}
/**
* @test
*/
public function addDataThrowsExceptionForNewRecordsOnRootLevelWithoutAdminPermissions()
{
$input = ['tableName' => 'pages', 'command' => 'new', 'vanillaUid' => 123, 'parentPageRow' => null];
$this->beUserProphecy->isAdmin()->willReturn(false);
$this->beUserProphecy->check('tables_modify', $input['tableName'])->willReturn(true);
$this->setExpectedException(\RuntimeException::class, $this->anything(), 1437745221);
$this->subject->addData($input);
}
/**
* Adding CM element for Delete
*
* @param string $table Table name
* @param integer $uid UID for the current record.
* @param array $elInfo Label for including in the confirmation message, EXT:lang/locallang_core.php:mess.delete
* @return array Item array, element in $menuItems
* @internal
*/
function DB_delete($table, $uid, $elInfo)
{
$loc = 'top.content.list_frame';
if ($this->beUser->jsConfirmation(4)) {
$conf = "confirm(" . GeneralUtility::quoteJSvalue(sprintf($this->LANG->sL('LLL:EXT:lang/locallang_core.php:mess.delete'), $elInfo[0]) . BackendUtility::referenceCount($table, $uid, ' (There are %s reference(s) to this record!)')) . ")";
} else {
$conf = '1==1';
}
$editOnClick = 'if(' . $loc . " && " . $conf . " ){" . $loc . ".location.href=top.TS.PATH_typo3+'tce_db.php?redirect='+top.rawurlencode(" . $this->backRef->frameLocation($loc . '.document') . ")+'" . "&cmd[" . $table . '][' . $uid . '][DDdelete]=1&prErr=1&vC=' . $this->beUser->veriCode() . BackendUtility::getUrlToken('tceAction') . "';hideCM();}";
return $this->backRef->linkItem($this->LANG->getLLL('delete', $this->LL), $this->backRef->excludeIcon(IconUtility::getSpriteIcon('actions-edit-delete')), $editOnClick . 'return false;');
}
/**
* Switch backen user session
*
* @param array $params
* @param \TYPO3\CMS\Core\Authentication\AbstractUserAuthentication $that
* @see t3lib_userauth::logoff()
* @todo Define visibility
*/
public function switchBack($params, $that)
{
// Is a backend session handled?
if ($that->session_table !== 'be_sessions' || !$that->user['uid'] || !$that->user['ses_backuserid']) {
return;
}
// @TODO: Move update functionality to Tx_Beuser_Domain_Repository_BackendUserSessionRepository
$updateData = array('ses_userid' => $that->user['ses_backuserid'], 'ses_backuserid' => 0);
$GLOBALS['TYPO3_DB']->exec_UPDATEquery('be_sessions', 'ses_id = ' . $GLOBALS['TYPO3_DB']->fullQuoteStr($GLOBALS['BE_USER']->id, 'be_sessions') . ' AND ses_name = ' . $GLOBALS['TYPO3_DB']->fullQuoteStr(\TYPO3\CMS\Core\Authentication\BackendUserAuthentication::getCookieName(), 'be_sessions') . ' AND ses_userid=' . intval($GLOBALS['BE_USER']->user['uid']), $updateData);
$redirectUrl = $GLOBALS['BACK_PATH'] . 'index.php' . ($GLOBALS['TYPO3_CONF_VARS']['BE']['interfaces'] ? '' : '?commandLI=1');
\TYPO3\CMS\Core\Utility\HttpUtility::redirect($redirectUrl);
}
/**
* Create the panel of buttons for submitting the form or otherwise perform operations.
*
* @return array All available buttons as an assoc. array
*/
protected function getButtons()
{
$buttons = array('csh' => '', 'view' => '', 'shortcut' => '');
// CSH
$buttons['csh'] = BackendUtility::cshItem('_MOD_web_info', '');
// View page
$buttons['view'] = '<a href="#" ' . 'onclick="' . htmlspecialchars(BackendUtility::viewOnClick($this->pageinfo['uid'], $GLOBALS['BACK_PATH'], BackendUtility::BEgetRootLine($this->pageinfo['uid']))) . '" ' . 'title="' . $this->languageService->sL('LLL:EXT:lang/locallang_core.xlf:labels.showPage', TRUE) . '">' . IconUtility::getSpriteIcon('actions-document-view') . '</a>';
// Shortcut
if ($this->backendUser->mayMakeShortcut()) {
$buttons['shortcut'] = $this->doc->makeShortcutIcon('id, edit_record, pointer, new_unique_uid, search_field, search_levels, showLimit', implode(',', array_keys($this->MOD_MENU)), $this->moduleName);
}
return $buttons;
}
/**
* Calls traditional modules which are identified by having a index.php in their directory
* and were previously located within the global scope.
*
* @param string $moduleName
* @return bool
*/
protected function callTraditionalModule($moduleName)
{
$moduleBasePath = $this->moduleRegistry['_PATHS'][$moduleName];
$GLOBALS['MCONF'] = $moduleConfiguration = $this->getModuleConfiguration($moduleName);
if (!empty($moduleConfiguration['access'])) {
$this->backendUserAuthentication->modAccess($moduleConfiguration, TRUE);
}
if (file_exists($moduleBasePath . 'index.php')) {
global $SOBE;
require $moduleBasePath . 'index.php';
return TRUE;
}
return FALSE;
}
/**
* @test
*/
public function addDataSetsValuesAndStructureForSectionContainerElements()
{
$input = ['tableName' => 'aTable', 'databaseRow' => ['aField' => ['data' => ['sDEF' => ['lDEF' => ['section_1' => ['el' => ['1' => ['container_1' => ['el' => []]], '2' => ['container_1' => ['el' => ['aFlexField' => ['vDEF' => 'dbValue']]]]]]], 'lEN' => ['section_1' => ['el' => ['1' => ['container_1' => []]]]]]], 'meta' => []]], 'processedTca' => ['columns' => ['aField' => ['config' => ['type' => 'flex', 'ds' => ['sheets' => ['sDEF' => ['ROOT' => ['type' => 'array', 'el' => ['section_1' => ['section' => '1', 'type' => 'array', 'el' => ['container_1' => ['type' => 'array', 'el' => ['aFlexField' => ['label' => 'aFlexFieldLabel', 'config' => ['type' => 'input', 'default' => 'defaultValue']]]]]]]]]]]]]]], 'pageTsConfig' => []];
$GLOBALS['TYPO3_CONF_VARS']['SYS']['formEngine']['formDataGroup']['flexFormSegment'] = [\TYPO3\CMS\Backend\Form\FormDataProvider\DatabaseRowDefaultValues::class => []];
/** @var LanguageService|ObjectProphecy $languageService */
$languageService = $this->prophesize(LanguageService::class);
$GLOBALS['LANG'] = $languageService->reveal();
$languageService->sL(Argument::cetera())->willReturnArgument(0);
$this->backendUserProphecy->isAdmin()->willReturn(true);
$this->backendUserProphecy->checkLanguageAccess(Argument::cetera())->willReturn(true);
$expected = $input;
// A default value for existing container field aFlexField should have been set
$expected['databaseRow']['aField']['data']['sDEF']['lDEF']['section_1']['el']['1']['container_1']['el']['aFlexField']['vDEF'] = 'defaultValue';
// Dummy row values for container_1 on lDEF sheet
$expected['databaseRow']['aField']['data']['sDEF']['lDEF']['section_1']['templateRows']['container_1']['el']['aFlexField']['vDEF'] = 'defaultValue';
$this->assertEquals($expected, $this->subject->addData($input));
}
/**
* Calls traditional modules which are identified by having an index.php in their directory
* and were previously located within the global scope.
*
* @param string $moduleName
* @return bool Returns TRUE if the module was executed
*/
protected function callTraditionalModule($moduleName)
{
$moduleBasePath = $this->moduleRegistry['_PATHS'][$moduleName];
// Some modules still rely on this global configuration array in a conf.php file
// load configuration from an existing conf.php file inside the same directory
if (file_exists($moduleBasePath . 'conf.php')) {
require $moduleBasePath . 'conf.php';
$moduleConfiguration = $MCONF;
} else {
$moduleConfiguration = $this->getModuleConfiguration($moduleName);
}
$GLOBALS['MCONF'] = $moduleConfiguration;
if (!empty($moduleConfiguration['access'])) {
$this->backendUserAuthentication->modAccess($moduleConfiguration, true);
}
if (file_exists($moduleBasePath . 'index.php')) {
global $SOBE;
require $moduleBasePath . 'index.php';
return true;
}
return false;
}
/**
* @test
*/
public function addDataSetsValuesAndStructureForSectionContainerElementsWithLangChildren()
{
$input = ['tableName' => 'aTable', 'databaseRow' => ['aField' => ['data' => ['sDEF' => ['lDEF' => ['section_1' => ['el' => ['1' => ['container_1' => ['el' => []]], '2' => ['container_1' => ['el' => ['aFlexField' => ['vDEF' => 'dbValue']]]]]]]]], 'meta' => []]], 'systemLanguageRows' => [0 => ['uid' => 0, 'iso' => 'DEF'], 1 => ['uid' => 1, 'iso' => 'EN']], 'processedTca' => ['columns' => ['aField' => ['config' => ['type' => 'flex', 'ds' => ['meta' => ['langChildren' => 1], 'sheets' => ['sDEF' => ['ROOT' => ['type' => 'array', 'el' => ['section_1' => ['section' => '1', 'type' => 'array', 'el' => ['container_1' => ['type' => 'array', 'el' => ['aFlexField' => ['label' => 'aFlexFieldLabel', 'config' => ['type' => 'input', 'default' => 'defaultValue']]]]]]]]]]]]]]], 'pageTsConfig' => []];
$GLOBALS['TYPO3_CONF_VARS']['SYS']['formEngine']['formDataGroup']['flexFormSegment'] = [\TYPO3\CMS\Backend\Form\FormDataProvider\DatabaseRowDefaultValues::class => []];
/** @var LanguageService|ObjectProphecy $languageService */
$languageService = $this->prophesize(LanguageService::class);
$GLOBALS['LANG'] = $languageService->reveal();
$languageService->sL(Argument::cetera())->willReturnArgument(0);
$this->backendUserProphecy->isAdmin()->willReturn(true);
$this->backendUserProphecy->checkLanguageAccess(Argument::cetera())->willReturn(true);
$expected = $input;
$expected['processedTca']['columns']['aField']['config']['ds']['meta'] = ['availableLanguageCodes' => [0 => 'DEF', 1 => 'EN'], 'langDisable' => false, 'langChildren' => true, 'languagesOnSheetLevel' => [0 => 'DEF'], 'languagesOnElement' => [0 => 'DEF', 1 => 'EN']];
// A default value for existing container field aFlexField should have been set
$expected['databaseRow']['aField']['data']['sDEF']['lDEF']['section_1']['el']['1']['container_1']['el']['aFlexField']['vDEF'] = 'defaultValue';
$expected['databaseRow']['aField']['data']['sDEF']['lDEF']['section_1']['el']['1']['container_1']['el']['aFlexField']['vEN'] = 'defaultValue';
// Also for the other defined language
$expected['databaseRow']['aField']['data']['sDEF']['lDEF']['section_1']['el']['2']['container_1']['el']['aFlexField']['vEN'] = 'defaultValue';
// There should be a templateRow for container_1 with defaultValue set for both languages
$expected['databaseRow']['aField']['data']['sDEF']['lDEF']['section_1']['templateRows']['container_1']['el']['aFlexField']['vDEF'] = 'defaultValue';
$expected['databaseRow']['aField']['data']['sDEF']['lDEF']['section_1']['templateRows']['container_1']['el']['aFlexField']['vEN'] = 'defaultValue';
$this->assertEquals($expected, $this->subject->addData($input));
}
/**
* Creates the backend user object and returns it.
*
* @return \TYPO3\CMS\Backend\FrontendBackendUserAuthentication the backend user object
*/
public function initializeBackendUser()
{
// PRE BE_USER HOOK
if (is_array($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/index_ts.php']['preBeUser'])) {
foreach ($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/index_ts.php']['preBeUser'] as $_funcRef) {
$_params = array();
\TYPO3\CMS\Core\Utility\GeneralUtility::callUserFunction($_funcRef, $_params, $this);
}
}
/** @var $BE_USER \TYPO3\CMS\Backend\FrontendBackendUserAuthentication */
$BE_USER = NULL;
// If the backend cookie is set,
// we proceed and check if a backend user is logged in.
if ($_COOKIE[\TYPO3\CMS\Core\Authentication\BackendUserAuthentication::getCookieName()]) {
$GLOBALS['TYPO3_MISC']['microtime_BE_USER_start'] = microtime(TRUE);
$GLOBALS['TT']->push('Back End user initialized', '');
// TODO: validate the comment below: is this necessary? if so,
// formfield_status should be set to "" in t3lib_tsfeBeUserAuth
// which is a subclass of t3lib_beUserAuth
// ----
// the value this->formfield_status is set to empty in order to
// disable login-attempts to the backend account through this script
// New backend user object
$BE_USER = \TYPO3\CMS\Core\Utility\GeneralUtility::makeInstance('TYPO3\\CMS\\Backend\\FrontendBackendUserAuthentication');
$BE_USER->OS = TYPO3_OS;
$BE_USER->lockIP = $this->TYPO3_CONF_VARS['BE']['lockIP'];
// Object is initialized
$BE_USER->start();
$BE_USER->unpack_uc('');
if ($BE_USER->user['uid']) {
$BE_USER->fetchGroupData();
$this->beUserLogin = 1;
}
// Unset the user initialization.
if (!$BE_USER->checkLockToIP() || !$BE_USER->checkBackendAccessSettingsFromInitPhp() || !$BE_USER->user['uid']) {
$BE_USER = NULL;
$this->beUserLogin = 0;
$_SESSION['TYPO3-TT-start'] = FALSE;
}
$GLOBALS['TT']->pull();
$GLOBALS['TYPO3_MISC']['microtime_BE_USER_end'] = microtime(TRUE);
}
// POST BE_USER HOOK
if (is_array($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/index_ts.php']['postBeUser'])) {
$_params = array('BE_USER' => &$BE_USER);
foreach ($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/index_ts.php']['postBeUser'] as $_funcRef) {
\TYPO3\CMS\Core\Utility\GeneralUtility::callUserFunction($_funcRef, $_params, $this);
}
}
return $BE_USER;
}
/**
* Saves the content of ->stored (keeps track of expanded positions in the tree)
* $this->treeName will be used as key for BE_USER->uc[] to store it in
*
* @return void
* @access private
*/
public function savePosition()
{
$this->BE_USER->uc['browseTrees'][$this->treeName] = serialize($this->stored);
$this->BE_USER->writeUC();
}
/**
* Update current session to move back to the original user.
*
* @param \TYPO3\CMS\Core\Authentication\AbstractUserAuthentication $authentication
* @return void
*/
public function switchBackToOriginalUser(\TYPO3\CMS\Core\Authentication\AbstractUserAuthentication $authentication)
{
$updateData = array('ses_userid' => $authentication->user['ses_backuserid'], 'ses_backuserid' => 0);
$GLOBALS['TYPO3_DB']->exec_UPDATEquery('be_sessions', 'ses_id = ' . $GLOBALS['TYPO3_DB']->fullQuoteStr($GLOBALS['BE_USER']->id, 'be_sessions') . ' AND ses_name = ' . $GLOBALS['TYPO3_DB']->fullQuoteStr(\TYPO3\CMS\Core\Authentication\BackendUserAuthentication::getCookieName(), 'be_sessions') . ' AND ses_userid=' . (int) $GLOBALS['BE_USER']->user['uid'], $updateData);
}
/**
* Saves the tokens so that they can be used by a later incarnation of this
* class.
*
* @access private
* @return void
*/
public function persistSessionToken()
{
$this->backendUser->setAndSaveSessionData('formSessionToken', $this->sessionToken);
}
/**
* Make value list
*
* @param string $fieldName
* @param string $fieldValue
* @param array $conf
* @param string $table
* @param string $splitString
* @return string
*/
public function makeValueList($fieldName, $fieldValue, $conf, $table, $splitString)
{
$fieldSetup = $conf;
$out = '';
if ($fieldSetup['type'] == 'files') {
$d = dir(PATH_site . $fieldSetup['uploadfolder']);
while (false !== ($entry = $d->read())) {
if ($entry == '.' || $entry == '..') {
continue;
}
$fileArray[] = $entry;
}
$d->close();
natcasesort($fileArray);
foreach ($fileArray as $fileName) {
if (GeneralUtility::inList($fieldValue, $fileName) || $fieldValue == $fileName) {
if (!$out) {
$out = htmlspecialchars($fileName);
} else {
$out .= $splitString . htmlspecialchars($fileName);
}
}
}
}
if ($fieldSetup['type'] == 'multiple') {
foreach ($fieldSetup['items'] as $key => $val) {
if (substr($val[0], 0, 4) == 'LLL:') {
$value = $this->languageService->sL($val[0]);
} else {
$value = $val[0];
}
if (GeneralUtility::inList($fieldValue, $val[1]) || $fieldValue == $val[1]) {
if (!$out) {
$out = htmlspecialchars($value);
} else {
$out .= $splitString . htmlspecialchars($value);
}
}
}
}
if ($fieldSetup['type'] == 'binary') {
foreach ($fieldSetup['items'] as $Key => $val) {
if (substr($val[0], 0, 4) == 'LLL:') {
$value = $this->languageService->sL($val[0]);
} else {
$value = $val[0];
}
if (!$out) {
$out = htmlspecialchars($value);
} else {
$out .= $splitString . htmlspecialchars($value);
}
}
}
if ($fieldSetup['type'] == 'relation') {
$dontPrefixFirstTable = 0;
$useTablePrefix = 0;
if ($fieldSetup['items']) {
foreach ($fieldSetup['items'] as $key => $val) {
if (substr($val[0], 0, 4) == 'LLL:') {
$value = $this->languageService->sL($val[0]);
} else {
$value = $val[0];
}
if (GeneralUtility::inList($fieldValue, $value) || $fieldValue == $value) {
if (!$out) {
$out = htmlspecialchars($value);
} else {
$out .= $splitString . htmlspecialchars($value);
}
}
}
}
if (stristr($fieldSetup['allowed'], ',')) {
$from_table_Arr = explode(',', $fieldSetup['allowed']);
$useTablePrefix = 1;
if (!$fieldSetup['prepend_tname']) {
$queryBuilder = GeneralUtility::makeInstance(ConnectionPool::class)->getQueryBuilderForTable($table);
$queryBuilder->getRestrictions()->removeAll()->add(GeneralUtility::makeInstance(DeletedRestriction::class));
$statement = $queryBuilder->select($fieldName)->from($table)->execute();
while ($row = $statement->fetch()) {
if (stristr($row[$fieldName], ',')) {
$checkContent = explode(',', $row[$fieldName]);
foreach ($checkContent as $singleValue) {
if (!stristr($singleValue, '_')) {
$dontPrefixFirstTable = 1;
}
}
} else {
$singleValue = $row[$fieldName];
if ($singleValue !== '' && !stristr($singleValue, '_')) {
$dontPrefixFirstTable = 1;
}
}
}
}
} else {
$from_table_Arr[0] = $fieldSetup['allowed'];
}
if ($fieldSetup['prepend_tname']) {
$useTablePrefix = 1;
}
if ($fieldSetup['foreign_table']) {
$from_table_Arr[0] = $fieldSetup['foreign_table'];
}
$counter = 0;
$useSelectLabels = 0;
$useAltSelectLabels = 0;
$tablePrefix = '';
$labelFieldSelect = [];
foreach ($from_table_Arr as $from_table) {
if ($useTablePrefix && !$dontPrefixFirstTable && $counter != 1 || $counter == 1) {
$tablePrefix = $from_table . '_';
}
$counter = 1;
if (is_array($GLOBALS['TCA'][$from_table])) {
$labelField = $GLOBALS['TCA'][$from_table]['ctrl']['label'];
$altLabelField = $GLOBALS['TCA'][$from_table]['ctrl']['label_alt'];
if ($GLOBALS['TCA'][$from_table]['columns'][$labelField]['config']['items']) {
$items = $GLOBALS['TCA'][$from_table]['columns'][$labelField]['config']['items'];
foreach ($items as $labelArray) {
if (substr($labelArray[0], 0, 4) == 'LLL:') {
$labelFieldSelect[$labelArray[1]] = $this->languageService->sL($labelArray[0]);
} else {
$labelFieldSelect[$labelArray[1]] = $labelArray[0];
}
}
$useSelectLabels = 1;
}
if ($GLOBALS['TCA'][$from_table]['columns'][$altLabelField]['config']['items']) {
$items = $GLOBALS['TCA'][$from_table]['columns'][$altLabelField]['config']['items'];
foreach ($items as $altLabelArray) {
if (substr($altLabelArray[0], 0, 4) == 'LLL:') {
$altLabelFieldSelect[$altLabelArray[1]] = $this->languageService->sL($altLabelArray[0]);
} else {
$altLabelFieldSelect[$altLabelArray[1]] = $altLabelArray[0];
}
}
$useAltSelectLabels = 1;
}
if (!$this->tableArray[$from_table]) {
$queryBuilder = GeneralUtility::makeInstance(ConnectionPool::class)->getQueryBuilderForTable($from_table);
$queryBuilder->getRestrictions()->removeAll()->add(GeneralUtility::makeInstance(DeletedRestriction::class));
$selectFields = ['uid', $labelField];
if ($altLabelField) {
$selectFields[] = $altLabelField;
}
$queryBuilder->select(...$selectFields)->from($from_table)->orderBy('uid');
if (!$this->backendUserAuthentication->isAdmin() && $GLOBALS['TYPO3_CONF_VARS']['BE']['lockBeUserToDBmounts']) {
$webMounts = $this->backendUserAuthentication->returnWebmounts();
$perms_clause = $this->backendUserAuthentication->getPagePermsClause(1);
$webMountPageTree = '';
$webMountPageTreePrefix = '';
foreach ($webMounts as $webMount) {
if ($webMountPageTree) {
$webMountPageTreePrefix = ',';
}
$webMountPageTree .= $webMountPageTreePrefix . $this->getTreeList($webMount, 999, $begin = 0, $perms_clause);
}
if ($from_table === 'pages') {
$queryBuilder->where(QueryHelper::stripLogicalOperatorPrefix($perms_clause), $queryBuilder->expr()->in('uid', $queryBuilder->createNamedParameter(GeneralUtility::intExplode(',', $webMountPageTree), Connection::PARAM_INT_ARRAY)));
} else {
$queryBuilder->where($queryBuilder->expr()->in('pid', $queryBuilder->createNamedParameter(GeneralUtility::intExplode(',', $webMountPageTree), Connection::PARAM_INT_ARRAY)));
}
}
$statement = $queryBuilder->execute();
$this->tableArray[$from_table] = [];
while ($row = $statement->fetch()) {
$this->tableArray[$from_table][] = $row;
}
}
foreach ($this->tableArray[$from_table] as $key => $val) {
$GLOBALS['SOBE']->MOD_SETTINGS['labels_noprefix'] = $GLOBALS['SOBE']->MOD_SETTINGS['labels_noprefix'] == 1 ? 'on' : $GLOBALS['SOBE']->MOD_SETTINGS['labels_noprefix'];
$prefixString = $GLOBALS['SOBE']->MOD_SETTINGS['labels_noprefix'] == 'on' ? '' : ' [' . $tablePrefix . $val['uid'] . '] ';
if (GeneralUtility::inList($fieldValue, $tablePrefix . $val['uid']) || $fieldValue == $tablePrefix . $val['uid']) {
if ($useSelectLabels) {
if (!$out) {
$out = htmlspecialchars($prefixString . $labelFieldSelect[$val[$labelField]]);
} else {
$out .= $splitString . htmlspecialchars($prefixString . $labelFieldSelect[$val[$labelField]]);
}
} elseif ($val[$labelField]) {
if (!$out) {
$out = htmlspecialchars($prefixString . $val[$labelField]);
} else {
$out .= $splitString . htmlspecialchars($prefixString . $val[$labelField]);
}
} elseif ($useAltSelectLabels) {
if (!$out) {
$out = htmlspecialchars($prefixString . $altLabelFieldSelect[$val[$altLabelField]]);
} else {
$out .= $splitString . htmlspecialchars($prefixString . $altLabelFieldSelect[$val[$altLabelField]]);
}
} else {
if (!$out) {
$out = htmlspecialchars($prefixString . $val[$altLabelField]);
} else {
$out .= $splitString . htmlspecialchars($prefixString . $val[$altLabelField]);
}
}
}
}
}
}
}
return $out;
}
/**
* Switches to a given user (SU-mode) and then redirects to the start page of the backend to refresh the navigation etc.
*
* @param string $switchUser BE-user record that will be switched to
* @param boolean $switchBack
* @return void
*/
protected function switchUser($switchUser, $switchBack = FALSE)
{
$targetUser = \TYPO3\CMS\Backend\Utility\BackendUtility::getRecord('be_users', $switchUser);
if (is_array($targetUser) && $GLOBALS['BE_USER']->isAdmin()) {
$updateData['ses_userid'] = $targetUser['uid'];
// User switchback or replace current session?
if ($switchBack) {
$updateData['ses_backuserid'] = (int) $GLOBALS['BE_USER']->user['uid'];
// Set backend user listing module as starting module for switchback
$GLOBALS['BE_USER']->uc['startModuleOnFirstLogin'] = '******';
$GLOBALS['BE_USER']->writeUC();
}
$whereClause = 'ses_id=' . $GLOBALS['TYPO3_DB']->fullQuoteStr($GLOBALS['BE_USER']->id, 'be_sessions');
$whereClause .= ' AND ses_name=' . $GLOBALS['TYPO3_DB']->fullQuoteStr(\TYPO3\CMS\Core\Authentication\BackendUserAuthentication::getCookieName(), 'be_sessions');
$whereClause .= ' AND ses_userid=' . (int) $GLOBALS['BE_USER']->user['uid'];
$GLOBALS['TYPO3_DB']->exec_UPDATEquery('be_sessions', $whereClause, $updateData);
$redirectUrl = $GLOBALS['BACK_PATH'] . 'index.php' . ($GLOBALS['TYPO3_CONF_VARS']['BE']['interfaces'] ? '' : '?commandLI=1');
\TYPO3\CMS\Core\Utility\HttpUtility::redirect($redirectUrl);
}
}
/**
* Adding CM element for Copying/Moving a Folder Into from a drag & drop action
*
* @param string $srcPath source path for the record to modify
* @param string $dstPath destination path for the records to modify
* @param string $action Action code: either "move" or "copy
* @return array Item array, element in $menuItems
* @internal
*/
public function dragDrop_copymovefolder($srcPath, $dstPath, $action)
{
$loc = 'top.content.list_frame';
$editOnClick = 'if(' . $loc . '){' . $loc . '.document.location=' . GeneralUtility::quoteJSvalue(BackendUtility::getModuleUrl('tce_file') . '&redirect=') . '+top.rawurlencode(' . $this->frameLocation($loc . '.document') . '.pathname+' . $this->frameLocation($loc . '.document') . '.search)+' . GeneralUtility::quoteJSvalue('&file[' . $action . '][0][data]=' . $srcPath . '&file[' . $action . '][0][target]=' . $dstPath . '&prErr=1&vC=' . $this->backendUser->veriCode()) . ';};top.nav.refresh();';
return $this->linkItem($this->label($action . 'Folder_into'), $this->iconFactory->getIcon('apps-pagetree-drag-move-into', Icon::SIZE_SMALL)->render(), $editOnClick . 'return false;');
}
/**
* Logging actions from TCEmain
*
* @param string $table Table name the log entry is concerned with. Blank if NA
* @param int $recuid Record UID. Zero if NA
* @param int $action Action number: 0=No category, 1=new record, 2=update record, 3= delete record, 4= move record, 5= Check/evaluate
* @param int $recpid Normally 0 (zero). If set, it indicates that this log-entry is used to notify the backend of a record which is moved to another location
* @param int $error The severity: 0 = message, 1 = error, 2 = System Error, 3 = security notice (admin)
* @param string $details Default error message in english
* @param int $details_nr This number is unique for every combination of $type and $action. This is the error-message number, which can later be used to translate error messages. 0 if not categorized, -1 if temporary
* @param array $data Array with special information that may go into $details by '%s' marks / sprintf() when the log is shown
* @param int $event_pid The page_uid (pid) where the event occurred. Used to select log-content for specific pages.
* @param string $NEWid NEW id for new records
* @return int Log entry UID (0 if no log entry was written or logging is disabled)
*/
public function log($table, $recuid, $action, $recpid, $error, $details, $details_nr = -1, $data = array(), $event_pid = -1, $NEWid = '')
{
if (!$this->enableLogging) {
return 0;
}
// Type value for tce_db.php
$type = 1;
if (!$this->storeLogMessages) {
$details = '';
}
if ($error > 0) {
$detailMessage = $details;
if (is_array($data)) {
$detailMessage = vsprintf($details, $data);
}
$this->errorLog[] = '[' . $type . '.' . $action . '.' . $details_nr . ']: ' . $detailMessage;
}
return $this->BE_USER->writelog($type, $action, $error, $details_nr, $details, $data, $table, $recuid, $recpid, $event_pid, $NEWid);
}
/**
* Check whether the user was already authorized or not
*
* @return boolean
*/
protected function hasLoginBeenProcessed()
{
$loginFormData = $GLOBALS['BE_USER']->getLoginFormData();
return $loginFormData['status'] == 'login' && isset($loginFormData['uname']) && isset($loginFormData['uident']) && isset($loginFormData['chalvalue']) && (string) $_COOKIE[\TYPO3\CMS\Core\Authentication\BackendUserAuthentication::getCookieName()] !== (string) $GLOBALS['BE_USER']->id;
}
/**
* Update current session to move back to the original user.
*
* @param AbstractUserAuthentication $authentication
* @return void
*/
public function switchBackToOriginalUser(AbstractUserAuthentication $authentication)
{
$queryBuilder = GeneralUtility::makeInstance(ConnectionPool::class)->getQueryBuilderForTable('be_sessions');
$queryBuilder->update('be_sessions')->set('ses_userid', $authentication->user['ses_backuserid'])->set('ses_backuserid', 0)->where($queryBuilder->expr()->eq('ses_id', $queryBuilder->createNamedParameter($GLOBALS['BE_USER']->id, \PDO::PARAM_STR)), $queryBuilder->expr()->eq('ses_name', $queryBuilder->createNamedParameter(BackendUserAuthentication::getCookieName(), \PDO::PARAM_STR)), $queryBuilder->expr()->eq('ses_userid', $queryBuilder->createNamedParameter($GLOBALS['BE_USER']->user['uid'], \PDO::PARAM_INT)))->execute();
}
/**
* Make value list
*
* @param string $fieldName
* @param string $fieldValue
* @param array $conf
* @param string $table
* @param string $splitString
* @return string
*/
public function makeValueList($fieldName, $fieldValue, $conf, $table, $splitString)
{
$fieldSetup = $conf;
$out = '';
if ($fieldSetup['type'] == 'files') {
$d = dir(PATH_site . $fieldSetup['uploadfolder']);
while (false !== ($entry = $d->read())) {
if ($entry == '.' || $entry == '..') {
continue;
}
$fileArray[] = $entry;
}
$d->close();
natcasesort($fileArray);
foreach ($fileArray as $fileName) {
if (GeneralUtility::inList($fieldValue, $fileName) || $fieldValue == $fileName) {
if (!$out) {
$out = htmlspecialchars($fileName);
} else {
$out .= $splitString . htmlspecialchars($fileName);
}
}
}
}
if ($fieldSetup['type'] == 'multiple') {
foreach ($fieldSetup['items'] as $key => $val) {
if (substr($val[0], 0, 4) == 'LLL:') {
$value = $this->languageService->sL($val[0]);
} else {
$value = $val[0];
}
if (GeneralUtility::inList($fieldValue, $val[1]) || $fieldValue == $val[1]) {
if (!$out) {
$out = htmlspecialchars($value);
} else {
$out .= $splitString . htmlspecialchars($value);
}
}
}
}
if ($fieldSetup['type'] == 'binary') {
foreach ($fieldSetup['items'] as $Key => $val) {
if (substr($val[0], 0, 4) == 'LLL:') {
$value = $this->languageService->sL($val[0]);
} else {
$value = $val[0];
}
if (!$out) {
$out = htmlspecialchars($value);
} else {
$out .= $splitString . htmlspecialchars($value);
}
}
}
if ($fieldSetup['type'] == 'relation') {
$dontPrefixFirstTable = 0;
$useTablePrefix = 0;
if ($fieldSetup['items']) {
foreach ($fieldSetup['items'] as $key => $val) {
if (substr($val[0], 0, 4) == 'LLL:') {
$value = $this->languageService->sL($val[0]);
} else {
$value = $val[0];
}
if (GeneralUtility::inList($fieldValue, $value) || $fieldValue == $value) {
if (!$out) {
$out = htmlspecialchars($value);
} else {
$out .= $splitString . htmlspecialchars($value);
}
}
}
}
if (stristr($fieldSetup['allowed'], ',')) {
$from_table_Arr = explode(',', $fieldSetup['allowed']);
$useTablePrefix = 1;
if (!$fieldSetup['prepend_tname']) {
$checkres = $this->databaseConnection->exec_SELECTquery($fieldName, $table, 'uid ' . BackendUtility::deleteClause($table));
if ($checkres) {
while ($row = $this->databaseConnection->sql_fetch_assoc($checkres)) {
if (stristr($row[$fieldName], ',')) {
$checkContent = explode(',', $row[$fieldName]);
foreach ($checkContent as $singleValue) {
if (!stristr($singleValue, '_')) {
$dontPrefixFirstTable = 1;
}
}
} else {
$singleValue = $row[$fieldName];
if ($singleValue !== '' && !stristr($singleValue, '_')) {
$dontPrefixFirstTable = 1;
}
}
}
$this->databaseConnection->sql_free_result($checkres);
}
}
} else {
$from_table_Arr[0] = $fieldSetup['allowed'];
}
if ($fieldSetup['prepend_tname']) {
$useTablePrefix = 1;
}
if ($fieldSetup['foreign_table']) {
$from_table_Arr[0] = $fieldSetup['foreign_table'];
}
$counter = 0;
$useSelectLabels = 0;
$useAltSelectLabels = 0;
$tablePrefix = '';
$labelFieldSelect = [];
foreach ($from_table_Arr as $from_table) {
if ($useTablePrefix && !$dontPrefixFirstTable && $counter != 1 || $counter == 1) {
$tablePrefix = $from_table . '_';
}
$counter = 1;
if (is_array($GLOBALS['TCA'][$from_table])) {
$labelField = $GLOBALS['TCA'][$from_table]['ctrl']['label'];
$altLabelField = $GLOBALS['TCA'][$from_table]['ctrl']['label_alt'];
if ($GLOBALS['TCA'][$from_table]['columns'][$labelField]['config']['items']) {
$items = $GLOBALS['TCA'][$from_table]['columns'][$labelField]['config']['items'];
foreach ($items as $labelArray) {
if (substr($labelArray[0], 0, 4) == 'LLL:') {
$labelFieldSelect[$labelArray[1]] = $this->languageService->sL($labelArray[0]);
} else {
$labelFieldSelect[$labelArray[1]] = $labelArray[0];
}
}
$useSelectLabels = 1;
}
if ($GLOBALS['TCA'][$from_table]['columns'][$altLabelField]['config']['items']) {
$items = $GLOBALS['TCA'][$from_table]['columns'][$altLabelField]['config']['items'];
foreach ($items as $altLabelArray) {
if (substr($altLabelArray[0], 0, 4) == 'LLL:') {
$altLabelFieldSelect[$altLabelArray[1]] = $this->languageService->sL($altLabelArray[0]);
} else {
$altLabelFieldSelect[$altLabelArray[1]] = $altLabelArray[0];
}
}
$useAltSelectLabels = 1;
}
$altLabelFieldSelect = $altLabelField ? ',' . $altLabelField : '';
$select_fields = 'uid,' . $labelField . $altLabelFieldSelect;
if (!$this->backendUserAuthentication->isAdmin() && $GLOBALS['TYPO3_CONF_VARS']['BE']['lockBeUserToDBmounts']) {
$webMounts = $this->backendUserAuthentication->returnWebmounts();
$perms_clause = $this->backendUserAuthentication->getPagePermsClause(1);
$webMountPageTree = '';
$webMountPageTreePrefix = '';
foreach ($webMounts as $key => $val) {
if ($webMountPageTree) {
$webMountPageTreePrefix = ',';
}
$webMountPageTree .= $webMountPageTreePrefix . $this->getTreeList($val, 999, $begin = 0, $perms_clause);
}
if ($from_table == 'pages') {
$where_clause = 'uid IN (' . $webMountPageTree . ') ' . BackendUtility::deleteClause($from_table) . ' AND ' . $perms_clause;
} else {
$where_clause = 'pid IN (' . $webMountPageTree . ') ' . BackendUtility::deleteClause($from_table);
}
} else {
$where_clause = 'uid' . BackendUtility::deleteClause($from_table);
}
$orderBy = 'uid';
$res = null;
if (!$this->tableArray[$from_table]) {
$res = $this->databaseConnection->exec_SELECTquery($select_fields, $from_table, $where_clause, $groupBy = '', $orderBy);
$this->tableArray[$from_table] = array();
}
if ($res) {
while ($row = $this->databaseConnection->sql_fetch_assoc($res)) {
$this->tableArray[$from_table][] = $row;
}
$this->databaseConnection->sql_free_result($res);
}
foreach ($this->tableArray[$from_table] as $key => $val) {
$GLOBALS['SOBE']->MOD_SETTINGS['labels_noprefix'] = $GLOBALS['SOBE']->MOD_SETTINGS['labels_noprefix'] == 1 ? 'on' : $GLOBALS['SOBE']->MOD_SETTINGS['labels_noprefix'];
$prefixString = $GLOBALS['SOBE']->MOD_SETTINGS['labels_noprefix'] == 'on' ? '' : ' [' . $tablePrefix . $val['uid'] . '] ';
if (GeneralUtility::inList($fieldValue, $tablePrefix . $val['uid']) || $fieldValue == $tablePrefix . $val['uid']) {
if ($useSelectLabels) {
if (!$out) {
$out = htmlspecialchars($prefixString . $labelFieldSelect[$val[$labelField]]);
} else {
$out .= $splitString . htmlspecialchars($prefixString . $labelFieldSelect[$val[$labelField]]);
}
} elseif ($val[$labelField]) {
if (!$out) {
$out = htmlspecialchars($prefixString . $val[$labelField]);
} else {
$out .= $splitString . htmlspecialchars($prefixString . $val[$labelField]);
}
} elseif ($useAltSelectLabels) {
if (!$out) {
$out = htmlspecialchars($prefixString . $altLabelFieldSelect[$val[$altLabelField]]);
} else {
$out .= $splitString . htmlspecialchars($prefixString . $altLabelFieldSelect[$val[$altLabelField]]);
}
} else {
if (!$out) {
$out = htmlspecialchars($prefixString . $val[$altLabelField]);
} else {
$out .= $splitString . htmlspecialchars($prefixString . $val[$altLabelField]);
}
}
}
}
}
}
}
return $out;
}
/**
* Checking, if we should perform some sort of redirection OR closing of windows.
*
* Do redirect:
*
* If a user is logged in AND
* a) if either the login is just done (isLoginInProgress) or
* b) a loginRefresh is done
*
* @throws \RuntimeException
* @throws \UnexpectedValueException
*/
protected function checkRedirect()
{
if (empty($this->getBackendUserAuthentication()->user['uid']) && ($this->isLoginInProgress() || !$this->loginRefresh)) {
return;
}
/*
* If no cookie has been set previously, we tell people that this is a problem.
* This assumes that a cookie-setting script (like this one) has been hit at
* least once prior to this instance.
*/
if (!$_COOKIE[BackendUserAuthentication::getCookieName()]) {
if ($this->submitValue === 'setCookie') {
/*
* we tried it a second time but still no cookie
* 26/4 2005: This does not work anymore, because the saving of challenge values
* in $_SESSION means the system will act as if the password was wrong.
*/
throw new \RuntimeException('Login-error: Yeah, that\'s a classic. No cookies, no TYPO3. ' . 'Please accept cookies from TYPO3 - otherwise you\'ll not be able to use the system.', 1294586846);
} else {
// try it once again - that might be needed for auto login
$this->redirectToURL = 'index.php?commandLI=setCookie';
}
}
$redirectToUrl = (string) $this->getBackendUserAuthentication()->getTSConfigVal('auth.BE.redirectToURL');
if (empty($redirectToUrl)) {
// Based on the interface we set the redirect script
switch (GeneralUtility::_GP('interface')) {
case 'frontend':
$interface = 'frontend';
$this->redirectToURL = '../';
break;
case 'backend':
$interface = 'backend';
$this->redirectToURL = BackendUtility::getModuleUrl('main');
break;
default:
$interface = '';
}
} else {
$this->redirectToURL = $redirectToUrl;
$interface = '';
}
// store interface
$this->getBackendUserAuthentication()->uc['interfaceSetup'] = $interface;
$this->getBackendUserAuthentication()->writeUC();
$formProtection = FormProtectionFactory::get();
if (!$formProtection instanceof BackendFormProtection) {
throw new \RuntimeException('The Form Protection retrieved does not match the expected one.', 1432080411);
}
if ($this->loginRefresh) {
$formProtection->setSessionTokenFromRegistry();
$formProtection->persistSessionToken();
$this->getDocumentTemplate()->JScode .= $this->getDocumentTemplate()->wrapScriptTags('
if (parent.opener && parent.opener.TYPO3 && parent.opener.TYPO3.LoginRefresh) {
parent.opener.TYPO3.LoginRefresh.startTask();
parent.close();
}
');
} else {
$formProtection->storeSessionTokenInRegistry();
HttpUtility::redirect($this->redirectToURL);
}
}
/**
* Switches to a given user (SU-mode) and then redirects to the start page of the backend to refresh the navigation etc.
*
* @param array $switchUser BE-user record that will be switched to
* @param boolean $switchBack
* @return void
*/
protected function switchUser($switchUser, $switchBack = FALSE)
{
$targetUser = \TYPO3\CMS\Backend\Utility\BackendUtility::getRecord('be_users', $switchUser);
if (is_array($targetUser) && $GLOBALS['BE_USER']->isAdmin()) {
$updateData['ses_userid'] = $targetUser['uid'];
// User switchback or replace current session?
if ($switchBack) {
$updateData['ses_backuserid'] = intval($GLOBALS['BE_USER']->user['uid']);
}
$GLOBALS['TYPO3_DB']->exec_UPDATEquery('be_sessions', 'ses_id=' . $GLOBALS['TYPO3_DB']->fullQuoteStr($GLOBALS['BE_USER']->id, 'be_sessions') . ' AND ses_name=' . $GLOBALS['TYPO3_DB']->fullQuoteStr(\TYPO3\CMS\Core\Authentication\BackendUserAuthentication::getCookieName(), 'be_sessions') . ' AND ses_userid=' . intval($GLOBALS['BE_USER']->user['uid']), $updateData);
$redirectUrl = $GLOBALS['BACK_PATH'] . 'index.php' . ($GLOBALS['TYPO3_CONF_VARS']['BE']['interfaces'] ? '' : '?commandLI=1');
\TYPO3\CMS\Core\Utility\HttpUtility::redirect($redirectUrl);
}
}
