/**
* General processor for AJAX requests.
* (called by typo3/ajax.php)
*
* @param array $params: additional parameters (not used here)
* @param TYPO3AJAX &$ajaxObj: the TYPO3AJAX object of this request
* @return void
* @author Oliver Hader <*****@*****.**>
*/
public function processAjaxRequest($params, TYPO3AJAX &$ajaxObj)
{
$this->ajaxObj = $ajaxObj;
// Load the TSref XML information:
$this->loadFile(t3lib_extMgm::extPath('t3editor') . 'res/tsref/tsref.xml');
$ajaxIdParts = explode('::', $ajaxObj->getAjaxID(), 2);
$ajaxMethod = $ajaxIdParts[1];
$response = array();
// Process the AJAX requests:
if ($ajaxMethod == 'getTypes') {
$ajaxObj->setContent($this->getTypes());
$ajaxObj->setContentFormat('jsonbody');
} elseif ($ajaxMethod == 'getDescription') {
$ajaxObj->addContent('', $this->getDescription(t3lib_div::_GP('typeId'), t3lib_div::_GP('parameterName')));
$ajaxObj->setContentFormat('plain');
}
}
/**
* Dispatches the incoming calls to methods about the ExtDirect API.
*
* @param aray $ajaxParams ajax parameters
* @param TYPO3AJAX $ajaxObj typo3ajax instance
* @return void
*/
public function route($ajaxParams, TYPO3AJAX $ajaxObj)
{
try {
$isForm = FALSE;
$isUpload = FALSE;
$rawPostData = file_get_contents('php://input');
$postParameters = t3lib_div::_POST();
$namespace = t3lib_div::_GET('namespace');
if (!empty($postParameters['extAction'])) {
$isForm = TRUE;
$isUpload = $postParameters['extUpload'] === 'true';
$request->action = $postParameters['extAction'];
$request->method = $postParameters['extMethod'];
$request->tid = $postParameters['extTID'];
$request->data = array($_POST + $_FILES);
} elseif (!empty($rawPostData)) {
$request = json_decode($rawPostData);
} else {
throw new t3lib_error_Exception('ExtDirect: Missing Parameters!');
}
$response = NULL;
if (is_array($request)) {
$response = array();
foreach ($request as $singleRequest) {
$response[] = $this->processRpc($singleRequest, $namespace);
}
} else {
$response = $this->processRpc($request, $namespace);
}
if ($isForm && $isUpload) {
$ajaxObj->setContentFormat('plain');
$response = json_encode($response);
$response = preg_replace('/"/', '\\"', $response);
$response = array('<html><body><textarea>' . $response . '</textarea></body></html>');
} else {
$ajaxObj->setContentFormat('jsonbody');
}
} catch (t3lib_error_Exception $exception) {
$response = array('type' => 'exception', 'message' => $exception->getMessage(), 'where' => $exception->getTraceAsString());
}
$ajaxObj->setContent($response);
}
/**
* General processor for AJAX requests.
* (called by typo3/ajax.php)
*
* @param array $params: additional parameters (not used here)
* @param TYPO3AJAX &$ajaxObj: the TYPO3AJAX object of this request
* @return void
* @author Oliver Hader <*****@*****.**>
*/
public function processAjaxRequest($params, TYPO3AJAX &$ajaxObj)
{
$this->ajaxObj = $ajaxObj;
$ajaxIdParts = explode('::', $ajaxObj->getAjaxID(), 2);
$ajaxMethod = $ajaxIdParts[1];
$response = array();
// Process the AJAX requests:
if ($ajaxMethod == 'loadTemplates') {
$ajaxObj->setContent($this->loadTemplates(intval(t3lib_div::_GP('pageId'))));
$ajaxObj->setContentFormat('jsonbody');
}
}
/**
* Create a tag
*
* @param array $params
* @param TYPO3AJAX $ajaxObj
* @return void
* @throws Exception
*/
public function createTag(array $params, TYPO3AJAX $ajaxObj)
{
$request = t3lib_div::_POST();
try {
// Check if a tag is submitted
if (!isset($request['item']) || empty($request['item'])) {
throw new Exception('error_no-tag');
}
$newsUid = $request['newsid'];
if ((int) $newsUid === 0 && (strlen($newsUid) == 16 && !t3lib_div::isFirstPartOfStr($newsUid, 'NEW'))) {
throw new Exception('error_no-newsid');
}
// Get tag uid
$newTagId = $this->getTagUid($request);
$ajaxObj->setContentFormat('javascript');
$ajaxObj->setContent('');
$response = array($newTagId, $request['item'], self::TAG, self::NEWS, 'tags', 'data[tx_news_domain_model_news][' . $newsUid . '][tags]', $newsUid);
$ajaxObj->setJavascriptCallbackWrap(implode('-', $response));
} catch (Exception $e) {
$errorMsg = $GLOBALS['LANG']->sL(self::LLPATH . $e->getMessage());
$ajaxObj->setError($errorMsg);
}
}
/**
* Gets plugins that are defined at $TYPO3_CONF_VARS['EXTCONF']['t3editor']['plugins']
* (called by typo3/ajax.php)
*
* @param array $params: additional parameters (not used here)
* @param TYPO3AJAX &$ajaxObj: the TYPO3AJAX object of this request
* @return void
* @author Oliver Hader <*****@*****.**>
*/
public function getPlugins($params, TYPO3AJAX &$ajaxObj)
{
$result = array();
$plugins =& $GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['t3editor']['plugins'];
if (is_array($plugins)) {
$result = array_values($plugins);
}
$ajaxObj->setContent($result);
$ajaxObj->setContentFormat('jsonbody');
}
/**
* Parses the ExtDirect configuration array "$GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['ExtDirect']"
* and feeds the given typo3ajax instance with the resulting information. The get parameter
* "namespace" will be used to filter the configuration.
*
* This method makes usage of the reflection mechanism to fetch the methods inside the
* defined classes together with their amount of parameters. This information are building
* the API and are required by ExtDirect. The result is cached to improve the overall
* performance.
*
* @param array $ajaxParams ajax parameters
* @param TYPO3AJAX $ajaxObj typo3ajax instance
* @return void
*/
public function getAPI($ajaxParams, TYPO3AJAX $ajaxObj)
{
$filterNamespace = t3lib_div::_GET('namespace');
// Check GET-parameter no_cache and extCache setting
$extCache = isset($GLOBALS['TYPO3_CONF_VARS']['SYS']['extCache']) && ($GLOBALS['TYPO3_CONF_VARS']['SYS']['extCache'] === 0 || $GLOBALS['TYPO3_CONF_VARS']['SYS']['extCache'] === '0');
$noCache = t3lib_div::_GET('no_cache') ? TRUE : $extCache;
// look up into the cache
$cacheIdentifier = 'ExtDirectApi';
$cacheHash = md5($cacheIdentifier . $filterNamespace . serialize($this->settings));
// with no_cache always generate the javascript content
$cacheContent = $noCache ? '' : t3lib_pageSelect::getHash($cacheHash);
// generate the javascript content if it wasn't found inside the cache and cache it!
if (!$cacheContent) {
$javascriptNamespaces = $this->generateAPI($filterNamespace);
if (!empty($javascriptNamespaces)) {
t3lib_pageSelect::storeHash($cacheHash, serialize($javascriptNamespaces), $cacheIdentifier);
}
} else {
$javascriptNamespaces = unserialize($cacheContent);
}
// return the generated javascript API configuration
if (count($javascriptNamespaces)) {
$setup = '
if (typeof Ext.app.ExtDirectAPI !== "object") {
Ext.app.ExtDirectAPI = {};
}
if (typeof Object.extend !== "function") {
Object.extend = function(destination, source) {
for (var property in source) {
destination[property] = source[property];
}
return destination;
};
}
';
$ajaxObj->setContent($javascriptNamespaces);
$ajaxObj->setContentFormat('javascript');
$ajaxObj->setJavascriptCallbackWrap($setup . 'Ext.app.ExtDirectAPI = Object.extend(Ext.app.ExtDirectAPI, |);');
} else {
if ($filterNamespace) {
// namespace error
$errorMessage = sprintf($GLOBALS['LANG']->sL('LLL:EXT:lang/locallang_core.xml:ExtDirect.namespaceError'), __CLASS__, $filterNamespace);
} else {
// no namespace given
$errorMessage = sprintf($GLOBALS['LANG']->sL('LLL:EXT:lang/locallang_core.xml:ExtDirect.noNamespace'), __CLASS__);
}
// make js multiline message
$msg = t3lib_div::trimExplode(LF, str_replace('"', '\\"', $errorMessage), TRUE);
$errorMessage = '';
foreach ($msg as $line) {
$errorMessage .= '"' . $line . '" + ' . LF;
}
$errorMessage = substr(trim($errorMessage), 0, -1);
//generate the javascript
$ajaxObj->setContentFormat('javascript');
$ajaxObj->setJavascriptCallbackWrap('
errorMessage = ' . $errorMessage . ';
if (typeof console === "object") {
console.log(errorMessage);
} else {
alert(errorMessage);
}
');
}
}
/**
* Used to broker incoming requests to other calls.
* Called by typo3/ajax.php
*
* @param array $unused additional parameters (not used)
* @param TYPO3AJAX $ajax the AJAX object for this request
*
* @return void
*/
public function ajaxBroker(array $unused, TYPO3AJAX $ajax)
{
$state = (bool) t3lib_div::_POST('state');
$checkbox = t3lib_div::_POST('checkbox');
if (in_array($checkbox, $this->validCheckboxKeys, TRUE)) {
$ajax->setContentFormat('json');
$this->userSettingsService->set($checkbox, $state);
$ajax->addContent('success', TRUE);
} else {
$ajax->setContentFormat('plain');
$ajax->setError('Illegal input parameters.');
}
}
/**
* sets the workspace for the backend
*
* @param unknown_type $params
* @param TYPO3AJAX $ajaxObj
*/
public function setWorkspace($parameters = array(), TYPO3AJAX &$ajaxObj = null)
{
$workspaceId = (int) t3lib_div::_POST('workspaceId');
$GLOBALS['BE_USER']->setWorkspace($workspaceId);
$ajaxObj->addContent('setWorkspaceId', $workspaceId);
$ajaxObj->setContentFormat('json');
}
/**
* gets called when a shortcut is changed, checks whether the user has
* permissions to do so and saves the changes if everything is ok
*
* @param array array of parameters from the AJAX interface, currently unused
* @param TYPO3AJAX object of type TYPO3AJAX
* @return void
*/
public function setAjaxShortcut($params = array(), TYPO3AJAX &$ajaxObj = null)
{
$shortcutId = (int) t3lib_div::_POST('shortcutId');
$shortcutName = strip_tags(t3lib_div::_POST('value'));
$shortcutGroupId = (int) t3lib_div::_POST('shortcut-group');
if ($shortcutGroupId > 0 || $GLOBALS['BE_USER']->isAdmin()) {
// users can delete only their own shortcuts (except admins)
$addUserWhere = !$GLOBALS['BE_USER']->isAdmin() ? ' AND userid=' . intval($GLOBALS['BE_USER']->user['uid']) : '';
$fieldValues = array('description' => $shortcutName, 'sc_group' => $shortcutGroupId);
if ($fieldValues['sc_group'] < 0 && !$GLOBALS['BE_USER']->isAdmin()) {
$fieldValues['sc_group'] = 0;
}
$GLOBALS['TYPO3_DB']->exec_UPDATEquery('sys_be_shortcuts', 'uid=' . $shortcutId . $addUserWhere, $fieldValues);
$affectedRows = $GLOBALS['TYPO3_DB']->sql_affected_rows();
if ($affectedRows == 1) {
$ajaxObj->addContent('shortcut', $shortcutName);
} else {
$ajaxObj->addContent('shortcut', 'failed');
}
}
$ajaxObj->setContentFormat('plain');
}
/**
* Handles the actual process from within the ajaxExec function
* therefore, it does exactly the same as the real typo3/tce_file.php
* but without calling the "finish" method, thus makes it simpler to deal with the
* actual return value
*
*
* @param string $params always empty.
* @param string $ajaxObj The Ajax object used to return content and set content types
* @return void
*/
public function processAjaxRequest(array $params, TYPO3AJAX $ajaxObj)
{
$this->init();
$this->main();
$errors = $this->fileProcessor->getErrorMessages();
if (count($errors)) {
$ajaxObj->setError(implode(',', $errors));
} else {
$ajaxObj->addContent('result', $this->fileData);
if ($this->redirect) {
$ajaxObj->addContent('redirect', $this->redirect);
}
$ajaxObj->setContentFormat('json');
}
}
/**
* Generates new tokens for the ones found in the DOM.
*
* @param array $parameters: Parameters (not used)
* @param TYPO3AJAX $parent: The calling parent AJAX object
*/
public function refreshTokens(array $parameters, TYPO3AJAX $parent)
{
$accessToken = (string) t3lib_div::_GP('accessToken');
$formprotection = t3lib_formprotection_Factory::get();
if ($formprotection->validateToken($accessToken, 'refreshTokens')) {
$oldTokens = json_decode((string) t3lib_div::_GP('tokens'));
$regeneratedTokens = new stdClass();
foreach ($oldTokens as $oldToken) {
$newToken = $this->generateNewToken($oldToken);
$regeneratedTokens->{$oldToken} = $newToken;
}
}
$parent->addContent('newTokens', $regeneratedTokens);
$parent->setContentFormat('json');
$formprotection->persistTokens();
}
/**
* Get the contacts for the given node for AJAX
*
* @param array $params
* @param TYPO3AJAX $ajaxObj
*/
public function ajaxGetNodeContacts($params, &$ajaxObj)
{
$node_id = t3lib_div::_GP('node');
$node_repository = tx_caretaker_NodeRepository::getInstance();
if ($node_id && ($node = $node_repository->id2node($node_id, true))) {
$count = 0;
$contacts = array();
$nodeContacts = $node->getContacts();
foreach ($nodeContacts as $nodeContact) {
if ($role = $nodeContact->getRole()) {
$role_assoc = array('uid' => $role->getUid(), 'id' => $role->getId(), 'name' => $role->getTitle(), 'description' => $role->getDescription());
} else {
$role_assoc = array('uid' => '', 'id' => '', 'name' => '', 'description' => '');
}
$address = $nodeContact->getAddress();
if ($address) {
$address['email_md5'] = md5($address['email']);
}
$contact = array('num' => $count++, 'id' => $node->getCaretakerNodeId() . '_role_' . $role_assoc['uid'] . '_address_' . $address['uid'], 'node_title' => $node->getTitle(), 'node_type' => $node->getType(), 'node_type_ll' => $node->getTypeDescription(), 'node_id' => $node->getCaretakerNodeId(), 'role' => $role_assoc, 'address' => $address);
foreach ($address as $key => $value) {
$contact['address_' . $key] = $value;
}
foreach ($role_assoc as $key => $value) {
$contact['role_' . $key] = $value;
}
$contacts[] = $contact;
}
$content = array();
$content['contacts'] = $contacts;
$content['totalCount'] = $count;
$ajaxObj->setContent($content);
$ajaxObj->setContentFormat('jsonbody');
}
}
/**
* Gets a MD5 challenge.
*
* @param array $parameters: Parameters (not used)
* @param TYPO3AJAX $parent: The calling parent AJAX object
* @return void
*/
public function getChallenge(array $parameters, TYPO3AJAX $parent)
{
session_start();
$_SESSION['login_challenge'] = md5(uniqid('') . getmypid());
session_commit();
$parent->addContent('challenge', $_SESSION['login_challenge']);
$parent->setContentFormat('json');
}
/**
* Dispatches the incoming calls to methods about the ExtDirect API.
*
* @param aray $ajaxParams ajax parameters
* @param TYPO3AJAX $ajaxObj typo3ajax instance
* @return void
*/
public function route($ajaxParams, TYPO3AJAX $ajaxObj)
{
$GLOBALS['error'] = t3lib_div::makeInstance('t3lib_extjs_ExtDirectDebug');
$isForm = FALSE;
$isUpload = FALSE;
$rawPostData = file_get_contents('php://input');
$postParameters = t3lib_div::_POST();
$namespace = t3lib_div::_GET('namespace');
$response = array();
$request = NULL;
$isValidRequest = TRUE;
if (!empty($postParameters['extAction'])) {
$isForm = TRUE;
$isUpload = $postParameters['extUpload'] === 'true';
$request = new stdClass();
$request->action = $postParameters['extAction'];
$request->method = $postParameters['extMethod'];
$request->tid = $postParameters['extTID'];
unset($_POST['securityToken']);
$request->data = array($_POST + $_FILES);
$request->data[] = $postParameters['securityToken'];
} elseif (!empty($rawPostData)) {
$request = json_decode($rawPostData);
} else {
$response[] = array('type' => 'exception', 'message' => 'Something went wrong with an ExtDirect call!', 'code' => 'router');
$isValidRequest = FALSE;
}
if (!is_array($request)) {
$request = array($request);
}
if ($isValidRequest) {
$validToken = FALSE;
$firstCall = TRUE;
foreach ($request as $index => $singleRequest) {
$response[$index] = array('tid' => $singleRequest->tid, 'action' => $singleRequest->action, 'method' => $singleRequest->method);
$token = array_pop($singleRequest->data);
if ($firstCall) {
$firstCall = FALSE;
$formprotection = t3lib_formprotection_Factory::get();
$validToken = $formprotection->validateToken($token, 'extDirect');
}
try {
if (!$validToken) {
throw new t3lib_formprotection_InvalidTokenException('ExtDirect: Invalid Security Token!');
}
$response[$index]['type'] = 'rpc';
$response[$index]['result'] = $this->processRpc($singleRequest, $namespace);
$response[$index]['debug'] = $GLOBALS['error']->toString();
} catch (Exception $exception) {
$response[$index]['type'] = 'exception';
$response[$index]['message'] = $exception->getMessage();
$response[$index]['code'] = 'router';
}
}
}
if ($isForm && $isUpload) {
$ajaxObj->setContentFormat('plain');
$response = json_encode($response);
$response = preg_replace('/"/', '\\"', $response);
$response = array('<html><body><textarea>' . $response . '</textarea></body></html>');
} else {
$ajaxObj->setContentFormat('jsonbody');
}
$ajaxObj->setContent($response);
}
