/** * Import the default robots.txt * @param \DataContainer */ public function importRobotsTxt(\DataContainer $dc) { if (\Input::get('key') != 'importRobotsTxt') { return ''; } if (!file_exists(TL_ROOT . "/" . FILE_ROBOTS_TXT_DEFAULT)) { \Message::addError($GLOBALS['TL_LANG']['ERR']['no_robotstxt_default']); $this->redirect(str_replace('&key=importRobotsTxt', '', \Environment::get('request'))); } $objVersions = new \Versions($dc->table, \Input::get('id')); $objVersions->create(); $strFileContent = file_get_contents(TL_ROOT . "/" . FILE_ROBOTS_TXT_DEFAULT); \Database::getInstance()->prepare("UPDATE " . $dc->table . " SET robotsTxtContent=? WHERE id=?")->execute($strFileContent, \Input::get('id')); $this->redirect(str_replace('&key=importRobotsTxt', '', \Environment::get('request'))); }
/** * Execute AJAX post actions to toggle. * * @param string $action * @param \DataContainer $dc */ public function executePostActions($action, \DataContainer $dc) { if ($action !== 'hasteAjaxOperation') { return; } $id = $dc->id = \Input::post('id'); $currentValue = \Input::post('value'); $operation = \Input::post('operation'); $hasteAjaxOperationSettings = $GLOBALS['TL_DCA'][$dc->table]['list']['operations'][$operation]['haste_ajax_operation']; if (!isset($hasteAjaxOperationSettings)) { return; } // Check permissions if (!$this->checkPermission($dc->table, $hasteAjaxOperationSettings)) { \System::log(sprintf('Not enough permissions to toggle field %s::%s', $dc->table, $hasteAjaxOperationSettings['field']), __METHOD__, TL_ERROR); \Controller::redirect('contao/main.php?act=error'); } // Initialize versioning $versions = new \Versions($dc->table, $id); $versions->initialize(); // Determine next value and icon $options = $this->getOptions($hasteAjaxOperationSettings); $nextIndex = 0; foreach ($options as $k => $option) { if ($option['value'] == $currentValue) { $nextIndex = $k + 1; } } // Make sure that if $nextIndex does not exist it's the first if (!isset($options[$nextIndex])) { $nextIndex = 0; } $value = $options[$nextIndex]['value']; $value = $this->executeSaveCallback($dc, $value, $hasteAjaxOperationSettings); // Update DB \Database::getInstance()->prepare('UPDATE ' . $dc->table . ' SET ' . $hasteAjaxOperationSettings['field'] . '=? WHERE id=?')->execute($value, $id); $versions->create(); if ($GLOBALS['TL_DCA'][$dc->table]['config']['enableVersioning']) { \System::log(sprintf('A new version of record "%s.id=%s" has been created', $dc->table, $id), __METHOD__, TL_GENERAL); } $response = array('nextValue' => $options[$nextIndex]['value'], 'nextIcon' => $options[$nextIndex]['icon']); $response = new JsonResponse($response); $response->send(); }
/** * Publish/unpublish rule * @param integer * @param boolean * @param \DataContainer */ public function toggleVisibility($intId, $blnVisible, \DataContainer $dc = null) { $objVersions = new \Versions('tl_css_class_replacer', $intId); $objVersions->initialize(); // Trigger the save_callback if (is_array($GLOBALS['TL_DCA']['tl_css_class_replacer']['fields']['published']['save_callback'])) { foreach ($GLOBALS['TL_DCA']['tl_css_class_replacer']['fields']['published']['save_callback'] as $callback) { if (is_array($callback)) { $blnVisible = \System::importStatic($callback[0])->{$callback}[1]($blnVisible, $dc ?: $this); } elseif (is_callable($callback)) { $blnVisible = $callback($blnVisible, $dc ?: $this); } } } // Update the database \Database::getInstance()->prepare("UPDATE tl_css_class_replacer SET tstamp=" . time() . ", published='" . ($blnVisible ? 1 : '') . "' WHERE id=?")->execute($intId); $objVersions->create(); \System::log('A new version of record "tl_css_class_replacer.id=' . $intId . '" has been created', __METHOD__, TL_GENERAL); }
public function toggleVisibility($intId, $blnVisible) { $objUser = \BackendUser::getInstance(); $objDatabase = \Database::getInstance(); // Check permissions to publish if (!$objUser->isAdmin && !$objUser->hasAccess('tl_entity_cleaner::published', 'alexf')) { \Controller::log('Not enough permissions to publish/unpublish item ID "' . $intId . '"', 'tl_entity_cleaner toggleVisibility', TL_ERROR); \Controller::redirect('contao/main.php?act=error'); } $objVersions = new Versions('tl_entity_cleaner', $intId); $objVersions->initialize(); // Trigger the save_callback if (is_array($GLOBALS['TL_DCA']['tl_entity_cleaner']['fields']['published']['save_callback'])) { foreach ($GLOBALS['TL_DCA']['tl_entity_cleaner']['fields']['published']['save_callback'] as $callback) { $this->import($callback[0]); $blnVisible = $this->{$callback}[0]->{$callback}[1]($blnVisible, $this); } } // Update the database $objDatabase->prepare("UPDATE tl_entity_cleaner SET tstamp=" . time() . ", published='" . ($blnVisible ? 1 : '') . "' WHERE id=?")->execute($intId); $objVersions->create(); \Controller::log('A new version of record "tl_entity_cleaner.id=' . $intId . '" has been created' . $this->getParentEntries('tl_entity_cleaner', $intId), 'tl_entity_cleaner toggleVisibility()', TL_GENERAL); }
/** * Disable/enable a user group * * @param integer $intId * @param boolean $blnVisible * @param DataContainer $dc * * @throws Contao\CoreBundle\Exception\AccessDeniedException */ public function toggleVisibility($intId, $blnVisible, DataContainer $dc = null) { // Set the ID and action Input::setGet('id', $intId); Input::setGet('act', 'toggle'); if ($dc) { $dc->id = $intId; // see #8043 } $this->checkPermission(); // Check the field access if (!$this->User->hasAccess('tl_faq::published', 'alexf')) { throw new Contao\CoreBundle\Exception\AccessDeniedException('Not enough permissions to publish/unpublish FAQ ID ' . $intId . '.'); } $objVersions = new Versions('tl_faq', $intId); $objVersions->initialize(); // Trigger the save_callback if (is_array($GLOBALS['TL_DCA']['tl_faq']['fields']['published']['save_callback'])) { foreach ($GLOBALS['TL_DCA']['tl_faq']['fields']['published']['save_callback'] as $callback) { if (is_array($callback)) { $this->import($callback[0]); $blnVisible = $this->{$callback[0]}->{$callback[1]}($blnVisible, $dc ?: $this); } elseif (is_callable($callback)) { $blnVisible = $callback($blnVisible, $dc ?: $this); } } } // Update the database $this->Database->prepare("UPDATE tl_faq SET tstamp=" . time() . ", published='" . ($blnVisible ? '1' : '') . "' WHERE id=?")->execute($intId); $objVersions->create(); }
/** * Disable/enable a user group * * @param integer $intId * @param boolean $blnVisible * @param DataContainer $dc */ public function toggleVisibility($intId, $blnVisible, DataContainer $dc = null) { // Set the ID and action Input::setGet('id', $intId); Input::setGet('act', 'toggle'); if ($dc) { $dc->id = $intId; // see #8043 } $this->checkPermission(); // Check the field access if (!$this->User->hasAccess('tl_comments::published', 'alexf')) { $this->log('Not enough permissions to publish/unpublish comment ID "' . $intId . '"', __METHOD__, TL_ERROR); $this->redirect('contao/main.php?act=error'); } $objVersions = new Versions('tl_comments', $intId); $objVersions->initialize(); // Trigger the save_callback if (is_array($GLOBALS['TL_DCA']['tl_comments']['fields']['published']['save_callback'])) { foreach ($GLOBALS['TL_DCA']['tl_comments']['fields']['published']['save_callback'] as $callback) { if (is_array($callback)) { $this->import($callback[0]); $blnVisible = $this->{$callback[0]}->{$callback[1]}($blnVisible, $dc ?: $this); } elseif (is_callable($callback)) { $blnVisible = $callback($blnVisible, $dc ?: $this); } } } // Update the database $this->Database->prepare("UPDATE tl_comments SET tstamp=" . time() . ", published='" . ($blnVisible ? '1' : '') . "' WHERE id=?")->execute($intId); $objVersions->create(); }
/** * Disable/enable a user group * * @param integer $intId * @param boolean $blnVisible * @param DataContainer $dc */ public function toggleVisibility($intId, $blnVisible, DataContainer $dc = null) { // Set the ID and action Input::setGet('id', $intId); Input::setGet('act', 'toggle'); if ($dc) { $dc->id = $intId; // see #8043 } $this->checkPermission(); // Check the field access if (!$this->User->hasAccess('tl_calendar_events::published', 'alexf')) { $this->log('Not enough permissions to publish/unpublish event ID "' . $intId . '"', __METHOD__, TL_ERROR); $this->redirect('contao/main.php?act=error'); } $objVersions = new Versions('tl_calendar_events', $intId); $objVersions->initialize(); // Trigger the save_callback if (is_array($GLOBALS['TL_DCA']['tl_calendar_events']['fields']['published']['save_callback'])) { foreach ($GLOBALS['TL_DCA']['tl_calendar_events']['fields']['published']['save_callback'] as $callback) { if (is_array($callback)) { $this->import($callback[0]); $blnVisible = $this->{$callback[0]}->{$callback[1]}($blnVisible, $dc ?: $this); } elseif (is_callable($callback)) { $blnVisible = $callback($blnVisible, $dc ?: $this); } } } // Update the database $this->Database->prepare("UPDATE tl_calendar_events SET tstamp=" . time() . ", published='" . ($blnVisible ? '1' : '') . "' WHERE id=?")->execute($intId); $objVersions->create(); $this->log('A new version of record "tl_calendar_events.id=' . $intId . '" has been created' . $this->getParentEntries('tl_calendar_events', $intId), __METHOD__, TL_GENERAL); // Update the RSS feed (for some reason it does not work without sleep(1)) sleep(1); $this->import('Calendar'); $this->Calendar->generateFeedsByCalendar(CURRENT_ID); }
/** * Disable/enable a user group * @param integer * @param boolean * @param \DataContainer */ public function toggleVisibility($intId, $blnVisible, DataContainer $dc = null) { // Check permissions to edit Input::setGet('id', $intId); Input::setGet('act', 'toggle'); $this->checkPermission(); // Check permissions to publish if (!$this->User->hasAccess('tl_product_price::published', 'alexf')) { $this->log('Not enough permissions to publish/unpublish price item ID "' . $intId . '"', __METHOD__, TL_ERROR); $this->redirect('contao/main.php?act=error'); } $objVersions = new Versions('tl_product_price', $intId); $objVersions->initialize(); // Trigger the save_callback if (is_array($GLOBALS['TL_DCA']['tl_product_price']['fields']['published']['save_callback'])) { foreach ($GLOBALS['TL_DCA']['tl_product_price']['fields']['published']['save_callback'] as $callback) { if (is_array($callback)) { $this->import($callback[0]); $blnVisible = $this->{$callback}[0]->{$callback}[1]($blnVisible, $dc ?: $this); } elseif (is_callable($callback)) { $blnVisible = $callback($blnVisible, $dc ?: $this); } } } // Update the database $this->Database->prepare("UPDATE tl_product_price SET tstamp=" . time() . ", published='" . ($blnVisible ? 1 : '') . "' WHERE id=?")->execute($intId); $objVersions->create(); $this->log('A new version of record "tl_product_price.id=' . $intId . '" has been created' . $this->getParentEntries('tl_product_price', $intId), __METHOD__, TL_GENERAL); }
/** * Toggle the visibility state. * * @param int $recordId Record id. * @param bool $newState New state. * * @return void * * @SuppressWarnings(PHPMD.Superglobals) */ private function toggleVisibility($recordId, $newState) { if (!$this->hasAccess()) { $this->log(sprintf('Not enough permission to show/shide record ID "%s"', $recordId), __METHOD__, TL_ERROR); $this->redirect('contao/main.php?act=error'); } $versions = new \Versions($this->table, $recordId); if (isset($GLOBALS['TL_DCA'][$this->table]['fields'][$this->column]['save_callback'])) { foreach ((array) $GLOBALS['TL_DCA'][$this->table]['fields'][$this->column]['save_callback'] as $callback) { $instance = new $callback[0](); $instance->{$callback}[1]($newState, $this); } } $this->database->prepare(sprintf('UPDATE %s %s WHERE id=?', $this->table, '%s'))->set(array('tstamp' => time(), $this->column => $newState ? '1' : ''))->execute($recordId); $versions->create(); }
/** * Toggle the visibility of an element * * @param integer $intId * @param boolean $blnVisible * @param DataContainer $dc */ public function toggleVisibility($intId, $blnVisible, DataContainer $dc = null) { // Check permissions to edit Input::setGet('id', $intId); Input::setGet('act', 'toggle'); // The onload_callbacks vary depending on the dynamic parent table (see #4894) if (is_array($GLOBALS['TL_DCA']['tl_content']['config']['onload_callback'])) { foreach ($GLOBALS['TL_DCA']['tl_content']['config']['onload_callback'] as $callback) { if (is_array($callback)) { $this->import($callback[0]); $this->{$callback}[0]->{$callback}[1]($dc ?: $this); } elseif (is_callable($callback)) { $callback($dc ?: $this); } } } // Check permissions to publish if (!$this->User->hasAccess('tl_content::invisible', 'alexf')) { $this->log('Not enough permissions to show/hide content element ID "' . $intId . '"', __METHOD__, TL_ERROR); $this->redirect('contao/main.php?act=error'); } $objVersions = new Versions('tl_content', $intId); $objVersions->initialize(); // Trigger the save_callback if (is_array($GLOBALS['TL_DCA']['tl_content']['fields']['invisible']['save_callback'])) { foreach ($GLOBALS['TL_DCA']['tl_content']['fields']['invisible']['save_callback'] as $callback) { if (is_array($callback)) { $this->import($callback[0]); $blnVisible = $this->{$callback}[0]->{$callback}[1]($blnVisible, $dc ?: $this); } elseif (is_callable($callback)) { $blnVisible = $callback($blnVisible, $dc ?: $this); } } } // Update the database $this->Database->prepare("UPDATE tl_content SET tstamp=" . time() . ", invisible='" . ($blnVisible ? '' : 1) . "' WHERE id=?")->execute($intId); $objVersions->create(); $this->log('A new version of record "tl_content.id=' . $intId . '" has been created' . $this->getParentEntries('tl_content', $intId), __METHOD__, TL_GENERAL); }
/** * Toggle the visibility of a form field * * @param integer $intId * @param boolean $blnVisible * @param DataContainer $dc */ public function toggleVisibility($intId, $blnVisible, DataContainer $dc = null) { // Set the ID and action Input::setGet('id', $intId); Input::setGet('act', 'toggle'); if ($dc) { $dc->id = $intId; // see #8043 } $this->checkPermission(); $objVersions = new Versions('tl_form_field', $intId); $objVersions->initialize(); // Reverse the logic (form fields have invisible=1) $blnVisible = !$blnVisible; // Trigger the save_callback if (is_array($GLOBALS['TL_DCA']['tl_form_field']['fields']['invisible']['save_callback'])) { foreach ($GLOBALS['TL_DCA']['tl_form_field']['fields']['invisible']['save_callback'] as $callback) { if (is_array($callback)) { $this->import($callback[0]); $blnVisible = $this->{$callback[0]}->{$callback[1]}($blnVisible, $dc ?: $this); } elseif (is_callable($callback)) { $blnVisible = $callback($blnVisible, $dc ?: $this); } } } // Update the database $this->Database->prepare("UPDATE tl_form_field SET tstamp=" . time() . ", invisible='" . ($blnVisible ? '1' : '') . "' WHERE id=?")->execute($intId); $objVersions->create(); }
/** * Generic method for automatically generating aliases * * @param array $arrButtons * @param \DataContainer $dc * * @return array */ public function doAddAliasButton($arrButtons, \DataContainer $dc) { // Generate the aliases if (\Input::post('FORM_SUBMIT') == 'tl_select' && isset($_POST['alias'])) { $objSessionData = \Session::getInstance()->getData(); $arrIds = $objSessionData['CURRENT']['IDS']; foreach ($arrIds as $intId) { $strItemClass = \Model::getClassFromTable($dc->table); $objItem = $strItemClass::findByPk($intId); if ($objItem === null) { continue; } $dc->id = $intId; $dc->activeRecord = $objItem; $strAlias = ''; // Generate new alias through save callbacks foreach ($GLOBALS['TL_DCA'][$dc->table]['fields']['alias']['save_callback'] as $callback) { if (is_array($callback)) { $this->import($callback[0]); $strAlias = $this->{$callback[0]}->{$callback[1]}($strAlias, $dc); } elseif (is_callable($callback)) { $strAlias = $callback($strAlias, $dc); } } // The alias has not changed if ($strAlias == $objItem->alias) { continue; } // Initialize the version manager $objVersions = new \Versions($dc->table, $intId); $objVersions->initialize(); // Store the new alias \Database::getInstance()->prepare("UPDATE {$dc->table} SET alias=? WHERE id=?")->execute($strAlias, $intId); // Create a new version $objVersions->create(); } \Controller::redirect($this->getReferer()); } // Add the button $arrButtons['alias'] = '<input type="submit" name="alias" id="alias" class="tl_submit" accesskey="a" value="' . specialchars($GLOBALS['TL_LANG']['MSC']['aliasSelected']) . '"> '; return $arrButtons; }
/** * Toggle the visibility of an element * * @param integer $intId * @param boolean $blnVisible * @param DataContainer $dc * * @throws Contao\CoreBundle\Exception\AccessDeniedException */ public function toggleVisibility($intId, $blnVisible, DataContainer $dc = null) { // Set the ID and action Input::setGet('id', $intId); Input::setGet('act', 'toggle'); if ($dc) { $dc->id = $intId; // see #8043 } $this->checkPermission(); // Check the field access if (!$this->User->hasAccess('tl_content::invisible', 'alexf')) { throw new Contao\CoreBundle\Exception\AccessDeniedException('Not enough permissions to show/hide content element ID ' . $intId . '.'); } // Reverse the logic (elements have invisible=1) $blnVisible = !$blnVisible; // The onload_callbacks vary depending on the dynamic parent table (see #4894) if (is_array($GLOBALS['TL_DCA']['tl_content']['config']['onload_callback'])) { foreach ($GLOBALS['TL_DCA']['tl_content']['config']['onload_callback'] as $callback) { if (is_array($callback)) { $this->import($callback[0]); $this->{$callback[0]}->{$callback[1]}($dc ?: $this); } elseif (is_callable($callback)) { $callback($dc ?: $this); } } } $objVersions = new Versions('tl_content', $intId); $objVersions->initialize(); // Trigger the save_callback if (is_array($GLOBALS['TL_DCA']['tl_content']['fields']['invisible']['save_callback'])) { foreach ($GLOBALS['TL_DCA']['tl_content']['fields']['invisible']['save_callback'] as $callback) { if (is_array($callback)) { $this->import($callback[0]); $blnVisible = $this->{$callback[0]}->{$callback[1]}($blnVisible, $dc ?: $this); } elseif (is_callable($callback)) { $blnVisible = $callback($blnVisible, $dc ?: $this); } } } // Update the database $this->Database->prepare("UPDATE tl_content SET tstamp=" . time() . ", invisible='" . ($blnVisible ? '1' : '') . "' WHERE id=?")->execute($intId); $objVersions->create(); }
/** * Disable/enable * @param integer * @param boolean */ public function toggleVisibility($intId, $blnVisible) { // Check permissions to edit Input::setGet('id', $intId); Input::setGet('act', 'toggle'); $objVersions = new Versions('tl_webfonts', $intId); $objVersions->initialize(); // Trigger the save_callback if (is_array($GLOBALS['TL_DCA']['tl_webfonts']['fields']['published']['save_callback'])) { foreach ($GLOBALS['TL_DCA']['tl_webfonts']['fields']['published']['save_callback'] as $callback) { $this->import($callback[0]); $blnVisible = $this->{$callback}[0]->{$callback}[1]($blnVisible, $this); } } // Update the database $this->Database->prepare("UPDATE tl_webfonts SET tstamp=" . time() . ", published='" . ($blnVisible ? 1 : '') . "' WHERE id=?")->execute($intId); $objVersions->create(); $this->log('A new version of record "tl_tiles.id=' . $intId . '" has been created' . $this->getParentEntries('tl_webfonts', $intId), 'tl_webfonts toggleVisibility()', TL_GENERAL); }
/** * Auto-generate a form to edit the current database record * @param integer * @param integer * @return string */ public function edit($intID = false, $ajaxId = false) { if ($GLOBALS['TL_DCA'][$this->strTable]['config']['notEditable']) { \System::log('Table ' . $this->strTable . ' is not editable', __METHOD__, TL_ERROR); \Controller::redirect('contao/main.php?act=error'); } if ($intID) { $this->intId = $intID; } // Get the current record $objRow = \Database::getInstance()->prepare("SELECT * FROM {$this->strTable} WHERE id=?")->limit(1)->execute($this->intId); // Redirect if there is no record with the given ID if ($objRow->numRows < 1) { \System::log('Could not load record "' . $this->strTable . '.id=' . $this->intId . '"', __METHOD__, TL_ERROR); \Controller::redirect('contao/main.php?act=error'); } elseif ($objRow->language != '') { \System::log('Cannot edit language record "' . $this->strTable . '.id=' . $this->intId . '"', __METHOD__, TL_ERROR); \Controller::redirect('contao/main.php?act=error'); } $this->objActiveRecord = $objRow; $return = ''; $this->values[] = $this->intId; $this->procedure[] = 'id=?'; $this->blnCreateNewVersion = false; $objVersions = new \Versions($this->strTable, $this->intId); // Compare versions if (\Input::get('versions')) { $objVersions->compare(); } // Restore a version if (\Input::post('FORM_SUBMIT') == 'tl_version' && \Input::post('version') != '') { $objVersions->restore(\Input::post('version')); $this->reload(); } $objVersions->initialize(); // Load and/or change language $this->blnEditLanguage = false; if (!empty($this->arrTranslations)) { $blnLanguageUpdated = false; $session = $this->Session->getData(); if (\Input::post('FORM_SUBMIT') == 'tl_language') { if (in_array(\Input::post('language'), $this->arrTranslations)) { $session['language'][$this->strTable][$this->intId] = \Input::post('language'); } else { unset($session['language'][$this->strTable][$this->intId]); } $blnLanguageUpdated = true; } elseif (\Input::post('FORM_SUBMIT') == $this->strTable && isset($_POST['deleteLanguage'])) { $this->Database->prepare("DELETE FROM {$this->strTable} WHERE pid=? AND language=?")->execute($this->intId, $session['language'][$this->strTable][$this->intId]); unset($session['language'][$this->strTable][$this->intId]); $blnLanguageUpdated = true; } if ($blnLanguageUpdated) { $this->Session->setData($session); $_SESSION['TL_INFO'] = ''; \Controller::reload(); } if ($_SESSION['BE_DATA']['language'][$this->strTable][$this->intId] != '' && in_array($_SESSION['BE_DATA']['language'][$this->strTable][$this->intId], $this->arrTranslations)) { $objRow = $this->Database->prepare("SELECT * FROM {$this->strTable} WHERE pid=? AND language=?")->execute($this->intId, $_SESSION['BE_DATA']['language'][$this->strTable][$this->intId]); if (!$objRow->numRows) { $intId = $this->Database->prepare("INSERT INTO {$this->strTable} (pid,tstamp,language) VALUES (?,?,?)")->execute($this->intId, time(), $_SESSION['BE_DATA']['language'][$this->strTable][$this->intId])->insertId; $objRow = $this->Database->prepare("SELECT * FROM {$this->strTable} WHERE id=?")->execute($intId); } $this->objActiveRecord = $objRow; $this->values = array($this->intId, $_SESSION['BE_DATA']['language'][$this->strTable][$this->intId]); $this->procedure = array('pid=?', 'language=?'); $this->blnEditLanguage = true; } } // Build an array from boxes and rows $this->strPalette = $this->getPalette(); $boxes = trimsplit(';', $this->strPalette); $legends = array(); if (!empty($boxes)) { foreach ($boxes as $k => $v) { $eCount = 1; $boxes[$k] = trimsplit(',', $v); foreach ($boxes[$k] as $kk => $vv) { if (preg_match('/^\\[.*\\]$/i', $vv)) { ++$eCount; continue; } if (preg_match('/^\\{.*\\}$/', $vv)) { $legends[$k] = substr($vv, 1, -1); unset($boxes[$k][$kk]); } elseif ($GLOBALS['TL_DCA'][$this->strTable]['fields'][$vv]['exclude'] || !is_array($GLOBALS['TL_DCA'][$this->strTable]['fields'][$vv])) { unset($boxes[$k][$kk]); } elseif ($this->blnEditLanguage && !$GLOBALS['TL_DCA'][$this->strTable]['fields'][$vv]['attributes']['multilingual']) { unset($boxes[$k][$kk]); } } // Unset a box if it does not contain any fields if (count($boxes[$k]) < $eCount) { unset($boxes[$k]); } } $class = 'tl_tbox'; $fs = $this->Session->get('fieldset_states'); $blnIsFirst = true; // Render boxes foreach ($boxes as $k => $v) { $strAjax = ''; $blnAjax = false; $key = ''; $cls = ''; $legend = ''; if (isset($legends[$k])) { list($key, $cls) = explode(':', $legends[$k]); $legend = "\n" . '<legend onclick="AjaxRequest.toggleFieldset(this,\'' . $key . '\',\'' . $this->strTable . '\')">' . (isset($GLOBALS['TL_LANG'][$this->strTable][$key]) ? $GLOBALS['TL_LANG'][$this->strTable][$key] : $key) . '</legend>'; } if (isset($fs[$this->strTable][$key])) { $class .= $fs[$this->strTable][$key] ? '' : ' collapsed'; } else { $class .= $cls && $legend ? ' ' . $cls : ''; } $return .= "\n\n" . '<fieldset' . ($key ? ' id="pal_' . $key . '"' : '') . ' class="' . $class . ($legend ? '' : ' nolegend') . '">' . $legend; // Build rows of the current box foreach ($v as $vv) { if ($vv == '[EOF]') { if ($blnAjax && \Environment::get('isAjaxRequest')) { return $strAjax . '<input type="hidden" name="FORM_FIELDS[]" value="' . specialchars($this->strPalette) . '">'; } $blnAjax = false; $return .= "\n" . '</div>'; continue; } if (preg_match('/^\\[.*\\]$/', $vv)) { $thisId = 'sub_' . substr($vv, 1, -1); $blnAjax = $ajaxId == $thisId && \Environment::get('isAjaxRequest') ? true : false; $return .= "\n" . '<div id="' . $thisId . '">'; continue; } $this->strField = $vv; $this->strInputName = $vv; $this->varValue = $this->objActiveRecord->{$vv}; // Autofocus the first field if ($blnIsFirst && $GLOBALS['TL_DCA'][$this->strTable]['fields'][$this->strField]['inputType'] == 'text') { $GLOBALS['TL_DCA'][$this->strTable]['fields'][$this->strField]['eval']['autofocus'] = 'autofocus'; $blnIsFirst = false; } // Convert CSV fields (see #2890) if ($GLOBALS['TL_DCA'][$this->strTable]['fields'][$this->strField]['eval']['multiple'] && isset($GLOBALS['TL_DCA'][$this->strTable]['fields'][$this->strField]['eval']['csv'])) { $this->varValue = trimsplit($GLOBALS['TL_DCA'][$this->strTable]['fields'][$this->strField]['eval']['csv'], $this->varValue); } // Call load_callback if (is_array($GLOBALS['TL_DCA'][$this->strTable]['fields'][$this->strField]['load_callback'])) { foreach ($GLOBALS['TL_DCA'][$this->strTable]['fields'][$this->strField]['load_callback'] as $callback) { if (is_array($callback)) { $this->import($callback[0]); $this->varValue = $this->{$callback}[0]->{$callback}[1]($this->varValue, $this); } elseif (is_callable($callback)) { $this->varValue = call_user_func($callback, $this->varValue, $this); } } } // Re-set the current value $this->objActiveRecord->{$this->strField} = $this->varValue; // Build the row and pass the current palette string (thanks to Tristan Lins) $blnAjax ? $strAjax .= $this->row($this->strPalette) : ($return .= $this->row($this->strPalette)); } $class = 'tl_box'; $return .= "\n" . '</fieldset>'; } } $version = ''; // Versions overview if ($GLOBALS['TL_DCA'][$this->strTable]['config']['enableVersioning']) { $version = $objVersions->renderDropdown(); } if ('' === $version) { $version = '<div class="tl_version_panel"></div>'; } // Check languages if (!empty($this->arrTranslations)) { $arrAvailableLanguages = $this->Database->prepare("SELECT language FROM {$this->strTable} WHERE pid=?")->execute($this->intId)->fetchEach('language'); $available = ''; $undefined = ''; foreach ($this->arrTranslations as $language) { if (in_array($language, $arrAvailableLanguages)) { if ($_SESSION['BE_DATA']['language'][$this->strTable][$this->intId] == $language) { $available .= '<option value="' . $language . '" selected="selected">' . $this->arrTranslationLabels[$language] . '</option>'; $_SESSION['TL_INFO'] = array($GLOBALS['TL_LANG']['MSC']['editingLanguage']); } else { $available .= '<option value="' . $language . '">' . $this->arrTranslationLabels[$language] . '</option>'; } } else { $undefined .= '<option value="' . $language . '">' . $this->arrTranslationLabels[$language] . ' (' . $GLOBALS['TL_LANG']['MSC']['undefinedLanguage'] . ')' . '</option>'; } } $version = str_replace('<div class="tl_version_panel">', '<div class="tl_version_panel tl_iso_products_panel"> <form action="' . ampersand(\Environment::get('request'), true) . '" id="tl_language" class="tl_form" method="post"> <div class="tl_formbody"> <input type="hidden" name="FORM_SUBMIT" value="tl_language"> <input type="hidden" name="REQUEST_TOKEN" value="' . REQUEST_TOKEN . '"> <select name="language" class="tl_select' . (strlen($_SESSION['BE_DATA']['language'][$this->strTable][$this->intId]) ? ' active' : '') . '" onchange="document.id(this).getParent(\'form\').submit()"> <option value="">' . $GLOBALS['TL_LANG']['MSC']['defaultLanguage'] . '</option>' . $available . $undefined . ' </select> <noscript> <input type="submit" name="editLanguage" class="tl_submit" value="' . specialchars($GLOBALS['TL_LANG']['MSC']['editLanguage']) . '"> </noscript> </div> </form>', $version); } // Submit buttons $arrButtons = array(); $arrButtons['save'] = '<input type="submit" name="save" id="save" class="tl_submit" accesskey="s" value="' . specialchars($GLOBALS['TL_LANG']['MSC']['save']) . '">'; if (!\Input::get('nb')) { $arrButtons['saveNclose'] = '<input type="submit" name="saveNclose" id="saveNclose" class="tl_submit" accesskey="c" value="' . specialchars($GLOBALS['TL_LANG']['MSC']['saveNclose']) . '">'; } if (!\Input::get('popup') && !$GLOBALS['TL_DCA'][$this->strTable]['config']['closed'] && !$GLOBALS['TL_DCA'][$this->strTable]['config']['notCreatable']) { $arrButtons['saveNcreate'] = '<input type="submit" name="saveNcreate" id="saveNcreate" class="tl_submit" accesskey="n" value="' . specialchars($GLOBALS['TL_LANG']['MSC']['saveNcreate']) . '">'; } if (\Input::get('s2e')) { $arrButtons['saveNedit'] = '<input type="submit" name="saveNedit" id="saveNedit" class="tl_submit" accesskey="e" value="' . specialchars($GLOBALS['TL_LANG']['MSC']['saveNedit']) . '">'; } elseif (!\Input::get('popup') && ($GLOBALS['TL_DCA'][$this->strTable]['list']['sorting']['mode'] == 4 || strlen($this->ptable) || $GLOBALS['TL_DCA'][$this->strTable]['config']['switchToEdit'])) { $arrButtons['saveNback'] = '<input type="submit" name="saveNback" id="saveNback" class="tl_submit" accesskey="g" value="' . specialchars($GLOBALS['TL_LANG']['MSC']['saveNback']) . '">'; } if ($this->blnEditLanguage) { $arrButtons['deleteLanguage'] = '<input type="submit" name="deleteLanguage" class="tl_submit" style="float:right" value="' . specialchars($GLOBALS['TL_LANG']['MSC']['deleteLanguage']) . '" onclick="return confirm(\'' . $GLOBALS['TL_LANG']['MSC']['deleteLanguageConfirm'] . '\')">'; } // Call the buttons_callback (see #4691) if (is_array($GLOBALS['TL_DCA'][$this->strTable]['edit']['buttons_callback'])) { foreach ($GLOBALS['TL_DCA'][$this->strTable]['edit']['buttons_callback'] as $callback) { if (is_array($callback)) { $this->import($callback[0]); $arrButtons = $this->{$callback}[0]->{$callback}[1]($arrButtons, $this); } elseif (is_callable($callback)) { $arrButtons = $callback($arrButtons, $this); } } } // Add the buttons and end the form $return .= ' </div> <div class="tl_formbody_submit"> <div class="tl_submit_container"> ' . implode(' ', $arrButtons) . ' </div> </div> </form> <script> window.addEvent(\'domready\', function() { Theme.focusInput("' . $this->strTable . '"); }); </script>'; $copyFallback = $this->blnEditLanguage ? ' :: <a href="' . \Backend::addToUrl('act=copyFallback') . '" class="header_iso_copy" title="' . specialchars($GLOBALS['TL_LANG']['MSC']['copyFallback']) . '" accesskey="d" onclick="Backend.getScrollOffset();">' . ($GLOBALS['TL_LANG']['MSC']['copyFallback'] ? $GLOBALS['TL_LANG']['MSC']['copyFallback'] : 'copyFallback') . '</a>' : ''; // Begin the form (-> DO NOT CHANGE THIS ORDER -> this way the onsubmit attribute of the form can be changed by a field) $return = $version . ' <div id="tl_buttons">' . (\Input::get('nb') ? ' ' : ' <a href="' . \System::getReferer(true) . '" class="header_back" title="' . specialchars($GLOBALS['TL_LANG']['MSC']['backBTTitle']) . '" accesskey="b" onclick="Backend.getScrollOffset()">' . $GLOBALS['TL_LANG']['MSC']['backBT'] . '</a>') . $copyFallback . ' </div> ' . \Message::generate() . ' <form action="' . ampersand(\Environment::get('request'), true) . '" id="' . $this->strTable . '" class="tl_form" method="post" enctype="' . ($this->blnUploadable ? 'multipart/form-data' : 'application/x-www-form-urlencoded') . '"' . (!empty($this->onsubmit) ? ' onsubmit="' . implode(' ', $this->onsubmit) . '"' : '') . '> <div class="tl_formbody_edit"> <input type="hidden" name="FORM_SUBMIT" value="' . specialchars($this->strTable) . '"> <input type="hidden" name="REQUEST_TOKEN" value="' . REQUEST_TOKEN . '"> <input type="hidden" name="FORM_FIELDS[]" value="' . specialchars($this->strPalette) . '">' . ($this->noReload ? ' <p class="tl_error">' . $GLOBALS['TL_LANG']['ERR']['general'] . '</p>' : '') . $return; // Reload the page to prevent _POST variables from being sent twice if (\Input::post('FORM_SUBMIT') == $this->strTable && !$this->noReload) { $arrValues = $this->values; array_unshift($arrValues, time()); // Trigger the onsubmit_callback if (is_array($GLOBALS['TL_DCA'][$this->strTable]['config']['onsubmit_callback'])) { foreach ($GLOBALS['TL_DCA'][$this->strTable]['config']['onsubmit_callback'] as $callback) { if (is_array($callback)) { $this->import($callback[0]); $this->{$callback}[0]->{$callback}[1]($this); } elseif (is_callable($callback)) { call_user_func($callback, $this); } } } // Save the current version if ($this->blnCreateNewVersion) { $objVersions->create(); // Call the onversion_callback if (is_array($GLOBALS['TL_DCA'][$this->strTable]['config']['onversion_callback'])) { foreach ($GLOBALS['TL_DCA'][$this->strTable]['config']['onversion_callback'] as $callback) { if (is_array($callback)) { $this->import($callback[0]); $this->{$callback}[0]->{$callback}[1]($this->strTable, $this->objActiveRecord->id, $this); } elseif (is_callable($callback)) { call_user_func($callback, $this->strTable, $this->objActiveRecord->id, $this); } } } \System::log('A new version of record "' . $this->strTable . '.id=' . $this->intId . '" has been created' . $this->getParentEntries($this->strTable, $this->intId), __METHOD__, TL_GENERAL); } // Set the current timestamp (-> DO NOT CHANGE THE ORDER version - timestamp) if ($GLOBALS['TL_DCA'][$this->strTable]['config']['dynamicPtable']) { $this->Database->prepare("UPDATE " . $this->strTable . " SET ptable=?, tstamp=? WHERE id=?")->execute($this->ptable, time(), $this->intId); } else { $this->Database->prepare("UPDATE " . $this->strTable . " SET tstamp=? WHERE id=?")->execute(time(), $this->intId); } // Redirect if (isset($_POST['saveNclose'])) { \Message::reset(); \System::setCookie('BE_PAGE_OFFSET', 0, 0); \Controller::redirect(\System::getReferer()); } elseif (isset($_POST['saveNedit'])) { \Message::reset(); \System::setCookie('BE_PAGE_OFFSET', 0, 0); $strUrl = \Backend::addToUrl($GLOBALS['TL_DCA'][$this->strTable]['list']['operations']['edit']['href'], false); $strUrl = preg_replace('/(&)?(s2e|act)=[^&]*/i', '', $strUrl); \Controller::redirect($strUrl); } elseif (isset($_POST['saveNback'])) { \Message::reset(); \System::setCookie('BE_PAGE_OFFSET', 0, 0); if ($this->ptable == '') { \Controller::redirect(TL_SCRIPT . '?do=' . \Input::get('do')); } elseif ($this->ptable == 'tl_theme' && $this->strTable == 'tl_style_sheet' || $this->ptable == 'tl_page' && $this->strTable == 'tl_article') { \Controller::redirect(\System::getReferer(false, $this->strTable)); } else { \Controller::redirect(\System::getReferer(false, $this->ptable)); } } elseif (isset($_POST['saveNcreate'])) { \Message::reset(); \System::setCookie('BE_PAGE_OFFSET', 0, 0); $strUrl = TL_SCRIPT . '?do=' . \Input::get('do'); if (isset($_GET['table'])) { $strUrl .= '&table=' . \Input::get('table'); } // Tree view if ($this->treeView) { $strUrl .= '&act=create&mode=1&pid=' . $this->intId; } elseif ($GLOBALS['TL_DCA'][$this->strTable]['list']['sorting']['mode'] == 4 || $this->activeRecord->pid > 0) { $strUrl .= $this->Database->fieldExists('sorting', $this->strTable) ? '&act=create&mode=1&pid=' . $this->intId . '&id=' . $this->activeRecord->pid : '&act=create&mode=2&pid=' . $this->activeRecord->pid; } else { $strUrl .= $this->ptable != '' ? '&act=create&mode=2&pid=' . CURRENT_ID : '&act=create'; } \Controller::redirect($strUrl . '&rt=' . REQUEST_TOKEN); } \Controller::reload(); } // Set the focus if there is an error if ($this->noReload) { $return .= ' <script> window.addEvent(\'domready\', function() { Backend.vScrollTo(($(\'' . $this->strTable . '\').getElement(\'label.error\').getPosition().y - 20)); }); </script>'; } return $return; }
/** * Set the new password */ protected function setNewPassword() { $objMember = \MemberModel::findOneByActivation(\Input::get('token')); if ($objMember === null || $objMember->login == '') { $this->strTemplate = 'mod_message'; /** @var \FrontendTemplate|object $objTemplate */ $objTemplate = new \FrontendTemplate($this->strTemplate); $this->Template = $objTemplate; $this->Template->type = 'error'; $this->Template->message = $GLOBALS['TL_LANG']['MSC']['accountError']; return; } $strTable = $objMember->getTable(); // Initialize the versioning (see #8301) $objVersions = new \Versions($strTable, $objMember->id); $objVersions->setUsername($objMember->username); $objVersions->setUserId(0); $objVersions->setEditUrl('contao/main.php?do=member&act=edit&id=%s&rt=1'); $objVersions->initialize(); // Define the form field $arrField = $GLOBALS['TL_DCA']['tl_member']['fields']['password']; $arrField['eval']['tableless'] = $this->tableless; /** @var \Widget $strClass */ $strClass = $GLOBALS['TL_FFL']['password']; // Fallback to default if the class is not defined if (!class_exists($strClass)) { $strClass = 'FormPassword'; } /** @var \Widget $objWidget */ $objWidget = new $strClass($strClass::getAttributesFromDca($arrField, 'password')); // Set row classes $objWidget->rowClass = 'row_0 row_first even'; $objWidget->rowClassConfirm = 'row_1 odd'; $this->Template->rowLast = 'row_2 row_last even'; // Validate the field if (strlen(\Input::post('FORM_SUBMIT')) && \Input::post('FORM_SUBMIT') == $this->Session->get('setPasswordToken')) { $objWidget->validate(); // Set the new password and redirect if (!$objWidget->hasErrors()) { $this->Session->set('setPasswordToken', ''); $objMember->tstamp = time(); $objMember->activation = ''; $objMember->password = $objWidget->value; $objMember->save(); // Create a new version if ($GLOBALS['TL_DCA'][$strTable]['config']['enableVersioning']) { $objVersions->create(); } // HOOK: set new password callback if (isset($GLOBALS['TL_HOOKS']['setNewPassword']) && is_array($GLOBALS['TL_HOOKS']['setNewPassword'])) { foreach ($GLOBALS['TL_HOOKS']['setNewPassword'] as $callback) { $this->import($callback[0]); $this->{$callback[0]}->{$callback[1]}($objMember, $objWidget->value, $this); } } // Redirect to the jumpTo page if (($objTarget = $this->objModel->getRelated('reg_jumpTo')) !== null) { /** @var \PageModel $objTarget */ $this->redirect($objTarget->getFrontendUrl()); } // Confirm $this->strTemplate = 'mod_message'; /** @var \FrontendTemplate|object $objTemplate */ $objTemplate = new \FrontendTemplate($this->strTemplate); $this->Template = $objTemplate; $this->Template->type = 'confirm'; $this->Template->message = $GLOBALS['TL_LANG']['MSC']['newPasswordSet']; return; } } $strToken = md5(uniqid(mt_rand(), true)); $this->Session->set('setPasswordToken', $strToken); $this->Template->formId = $strToken; $this->Template->fields = $objWidget->parse(); $this->Template->action = \Environment::get('indexFreeRequest'); $this->Template->slabel = specialchars($GLOBALS['TL_LANG']['MSC']['setNewPassword']); $this->Template->tableless = $this->tableless; }
/** * Toggle the visibility of a format definition * * @param integer $intId * @param boolean $blnVisible * @param DataContainer $dc */ public function toggleVisibility($intId, $blnVisible, DataContainer $dc = null) { // Set the ID and action Input::setGet('id', $intId); Input::setGet('act', 'toggle'); if ($dc) { $dc->id = $intId; // see #8043 } $this->checkPermission(); $objVersions = new Versions('tl_style', $intId); $objVersions->initialize(); // Trigger the save_callback if (is_array($GLOBALS['TL_DCA']['tl_style']['fields']['invisible']['save_callback'])) { foreach ($GLOBALS['TL_DCA']['tl_style']['fields']['invisible']['save_callback'] as $callback) { if (is_array($callback)) { $this->import($callback[0]); $blnVisible = $this->{$callback[0]}->{$callback[1]}($blnVisible, $dc ?: $this); } elseif (is_callable($callback)) { $blnVisible = $callback($blnVisible, $dc ?: $this); } } } // Update the database $this->Database->prepare("UPDATE tl_style SET tstamp=" . time() . ", invisible='" . ($blnVisible ? '' : 1) . "' WHERE id=?")->execute($intId); $objVersions->create(); $this->log('A new version of record "tl_style.id=' . $intId . '" has been created' . $this->getParentEntries('tl_style', $intId), __METHOD__, TL_GENERAL); // Recreate the style sheet $objStylesheet = $this->Database->prepare("SELECT pid FROM tl_style WHERE id=?")->limit(1)->execute($intId); if ($objStylesheet->numRows) { $this->import('StyleSheets'); $this->StyleSheets->updateStyleSheet($objStylesheet->pid); } }
/** * Create a new version of a record * * @param string $strTable The table name * @param integer $intId The ID of the element to be versioned * * @deprecated Use Versions->create() instead */ protected function createNewVersion($strTable, $intId) { $objVersions = new \Versions($strTable, $intId); $objVersions->create(); }
/** * Disable/enable a user group * * @param integer $intId * @param boolean $blnVisible * @param DataContainer $dc * * @throws Contao\CoreBundle\Exception\AccessDeniedException */ public function toggleVisibility($intId, $blnVisible, DataContainer $dc = null) { // Set the ID and action Input::setGet('id', $intId); Input::setGet('act', 'toggle'); if ($dc) { $dc->id = $intId; // see #8043 } // Check the field access if (!$this->User->hasAccess('tl_member_group::disable', 'alexf')) { throw new Contao\CoreBundle\Exception\AccessDeniedException('Not enough permissions to activate/deactivate member group ID ' . $intId . '.'); } $objVersions = new Versions('tl_member_group', $intId); $objVersions->initialize(); // Trigger the save_callback if (is_array($GLOBALS['TL_DCA']['tl_member_group']['fields']['disable']['save_callback'])) { foreach ($GLOBALS['TL_DCA']['tl_member_group']['fields']['disable']['save_callback'] as $callback) { if (is_array($callback)) { $this->import($callback[0]); $blnVisible = $this->{$callback[0]}->{$callback[1]}($blnVisible, $dc ?: $this); } elseif (is_callable($callback)) { $blnVisible = $callback($blnVisible, $dc ?: $this); } } } // Update the database $this->Database->prepare("UPDATE tl_member_group SET tstamp=" . time() . ", disable='" . ($blnVisible ? '' : 1) . "' WHERE id=?")->execute($intId); $objVersions->create(); $this->log('A new version of record "tl_member_group.id=' . $intId . '" has been created' . $this->getParentEntries('tl_member_group', $intId), __METHOD__, TL_GENERAL); }
/** * Disable/enable a user group * * @param integer $intId * @param boolean $blnVisible * @param DataContainer $dc */ public function toggleVisibility($intId, $blnVisible, DataContainer $dc = null) { // Set the ID and action Input::setGet('id', $intId); Input::setGet('act', 'toggle'); if ($dc) { $dc->id = $intId; // see #8043 } // Check the field access if (!$this->User->hasAccess('tl_member::disable', 'alexf')) { $this->log('Not enough permissions to activate/deactivate member ID "' . $intId . '"', __METHOD__, TL_ERROR); $this->redirect('contao/main.php?act=error'); } $objVersions = new Versions('tl_member', $intId); $objVersions->initialize(); // Trigger the save_callback if (is_array($GLOBALS['TL_DCA']['tl_member']['fields']['disable']['save_callback'])) { foreach ($GLOBALS['TL_DCA']['tl_member']['fields']['disable']['save_callback'] as $callback) { if (is_array($callback)) { $this->import($callback[0]); $blnVisible = $this->{$callback[0]}->{$callback[1]}($blnVisible, $dc ?: $this); } elseif (is_callable($callback)) { $blnVisible = $callback($blnVisible, $dc ?: $this); } } } $time = time(); // Update the database $this->Database->prepare("UPDATE tl_member SET tstamp={$time}, disable='" . ($blnVisible ? '' : 1) . "' WHERE id=?")->execute($intId); $objVersions->create(); $this->log('A new version of record "tl_member.id=' . $intId . '" has been created' . $this->getParentEntries('tl_member', $intId), __METHOD__, TL_GENERAL); // Remove the session if the user is disabled (see #5353) if (!$blnVisible) { $this->Database->prepare("DELETE FROM tl_session WHERE name='FE_USER_AUTH' AND pid=?")->execute($intId); } // HOOK: update newsletter subscriptions if (in_array('newsletter', ModuleLoader::getActive())) { $objUser = $this->Database->prepare("SELECT email FROM tl_member WHERE id=?")->limit(1)->execute($intId); if ($objUser->numRows) { $this->Database->prepare("UPDATE tl_newsletter_recipients SET tstamp={$time}, active=? WHERE email=?")->execute($blnVisible ? 1 : '', $objUser->email); } } }
/** * Auto-generate a form to override all records that are currently shown * * @return string */ public function overrideAll() { if ($GLOBALS['TL_DCA'][$this->strTable]['config']['notEditable']) { $this->log('Table "' . $this->strTable . '" is not editable', __METHOD__, TL_ERROR); $this->redirect('contao/main.php?act=error'); } $return = ''; $this->import('BackendUser', 'User'); // Get current IDs from session $session = $this->Session->getData(); $ids = $session['CURRENT']['IDS']; // Save field selection in session if (\Input::post('FORM_SUBMIT') == $this->strTable . '_all' && \Input::get('fields')) { $session['CURRENT'][$this->strTable] = \Input::post('all_fields'); $this->Session->setData($session); } // Add fields $fields = $session['CURRENT'][$this->strTable]; if (!empty($fields) && is_array($fields) && \Input::get('fields')) { $class = 'tl_tbox'; $formFields = array(); // Save record if (\Input::post('FORM_SUBMIT') == $this->strTable) { foreach ($ids as $id) { $this->intId = $id; $this->procedure = array('id=?'); $this->values = array($this->intId); $this->blnCreateNewVersion = false; // Get the field values $objRow = $this->Database->prepare("SELECT * FROM " . $this->strTable . " WHERE id=?")->limit(1)->execute($this->intId); // Store the active record $this->objActiveRecord = $objRow; $objVersions = new \Versions($this->strTable, $this->intId); $objVersions->initialize(); // Store all fields foreach ($fields as $v) { // Check whether field is excluded if ($GLOBALS['TL_DCA'][$this->strTable]['fields'][$v]['exclude']) { continue; } $this->strField = $v; $this->strInputName = $v; $this->varValue = ''; // Make sure the new value is applied $GLOBALS['TL_DCA'][$this->strTable]['fields'][$v]['eval']['alwaysSave'] = true; // Store value $this->row(); } // Post processing if (!$this->noReload) { // Call the onsubmit_callback if (is_array($GLOBALS['TL_DCA'][$this->strTable]['config']['onsubmit_callback'])) { foreach ($GLOBALS['TL_DCA'][$this->strTable]['config']['onsubmit_callback'] as $callback) { if (is_array($callback)) { $this->import($callback[0]); $this->{$callback[0]}->{$callback[1]}($this); } elseif (is_callable($callback)) { $callback($this); } } } // Create a new version if ($this->blnCreateNewVersion) { $objVersions->create(); // Call the onversion_callback if (is_array($GLOBALS['TL_DCA'][$this->strTable]['config']['onversion_callback'])) { @trigger_error('Using the onversion_callback has been deprecated and will no longer work in Contao 5.0. Use the oncreate_version_callback instead.', E_USER_DEPRECATED); foreach ($GLOBALS['TL_DCA'][$this->strTable]['config']['onversion_callback'] as $callback) { if (is_array($callback)) { $this->import($callback[0]); $this->{$callback[0]}->{$callback[1]}($this->strTable, $this->intId, $this); } elseif (is_callable($callback)) { $callback($this->strTable, $this->intId, $this); } } } } // Set the current timestamp (-> DO NOT CHANGE ORDER version - timestamp) if ($GLOBALS['TL_DCA'][$this->strTable]['config']['dynamicPtable']) { $this->Database->prepare("UPDATE " . $this->strTable . " SET ptable=?, tstamp=? WHERE id=?")->execute($this->ptable, time(), $this->intId); } else { $this->Database->prepare("UPDATE " . $this->strTable . " SET tstamp=? WHERE id=?")->execute(time(), $this->intId); } } } } $blnIsFirst = true; // Begin current row $return .= ' <div class="' . $class . '">'; foreach ($fields as $v) { // Check whether field is excluded if ($GLOBALS['TL_DCA'][$this->strTable]['fields'][$v]['exclude']) { continue; } $formFields[] = $v; $this->intId = 0; $this->procedure = array('id=?'); $this->values = array($this->intId); $this->strField = $v; $this->strInputName = $v; $this->varValue = ''; // Autofocus the first field if ($blnIsFirst && $GLOBALS['TL_DCA'][$this->strTable]['fields'][$this->strField]['inputType'] == 'text') { $GLOBALS['TL_DCA'][$this->strTable]['fields'][$this->strField]['eval']['autofocus'] = 'autofocus'; $blnIsFirst = false; } // Disable auto-submit $GLOBALS['TL_DCA'][$this->strTable]['fields'][$this->strField]['eval']['submitOnChange'] = false; $return .= $this->row(); } // Close box $return .= ' <input type="hidden" name="FORM_FIELDS[]" value="' . specialchars(implode(',', $formFields)) . '"> </div>'; // Submit buttons $arrButtons = array(); $arrButtons['save'] = '<input type="submit" name="save" id="save" class="tl_submit" accesskey="s" value="' . specialchars($GLOBALS['TL_LANG']['MSC']['save']) . '">'; $arrButtons['saveNclose'] = '<input type="submit" name="saveNclose" id="saveNclose" class="tl_submit" accesskey="c" value="' . specialchars($GLOBALS['TL_LANG']['MSC']['saveNclose']) . '">'; // Call the buttons_callback (see #4691) if (is_array($GLOBALS['TL_DCA'][$this->strTable]['edit']['buttons_callback'])) { foreach ($GLOBALS['TL_DCA'][$this->strTable]['edit']['buttons_callback'] as $callback) { if (is_array($callback)) { $this->import($callback[0]); $arrButtons = $this->{$callback[0]}->{$callback[1]}($arrButtons, $this); } elseif (is_callable($callback)) { $arrButtons = $callback($arrButtons, $this); } } } // Add the form $return = ' <form action="' . ampersand(\Environment::get('request'), true) . '" id="' . $this->strTable . '" class="tl_form" method="post" enctype="' . ($this->blnUploadable ? 'multipart/form-data' : 'application/x-www-form-urlencoded') . '"> <div class="tl_formbody_edit"> <input type="hidden" name="FORM_SUBMIT" value="' . $this->strTable . '"> <input type="hidden" name="REQUEST_TOKEN" value="' . REQUEST_TOKEN . '">' . ($this->noReload ? ' <p class="tl_error">' . $GLOBALS['TL_LANG']['ERR']['general'] . '</p>' : '') . $return . ' </div> <div class="tl_formbody_submit"> <div class="tl_submit_container"> ' . implode(' ', $arrButtons) . ' </div> </div> </form>'; // Set the focus if there is an error if ($this->noReload) { $return .= ' <script> window.addEvent(\'domready\', function() { Backend.vScrollTo(($(\'' . $this->strTable . '\').getElement(\'label.error\').getPosition().y - 20)); }); </script>'; } // Reload the page to prevent _POST variables from being sent twice if (\Input::post('FORM_SUBMIT') == $this->strTable && !$this->noReload) { if (\Input::post('saveNclose')) { \System::setCookie('BE_PAGE_OFFSET', 0, 0); $this->redirect($this->getReferer()); } $this->reload(); } } else { $options = ''; $fields = array(); // Add fields of the current table $fields = array_merge($fields, array_keys($GLOBALS['TL_DCA'][$this->strTable]['fields'])); // Add meta fields if the current user is an administrator if ($this->User->isAdmin) { if ($this->Database->fieldExists('sorting', $this->strTable) && !in_array('sorting', $fields)) { array_unshift($fields, 'sorting'); } if ($this->Database->fieldExists('pid', $this->strTable) && !in_array('pid', $fields)) { array_unshift($fields, 'pid'); } } // Show all non-excluded fields foreach ($fields as $field) { if ($field == 'pid' || $field == 'sorting' || !$GLOBALS['TL_DCA'][$this->strTable]['fields'][$field]['exclude'] && !$GLOBALS['TL_DCA'][$this->strTable]['fields'][$field]['eval']['doNotShow'] && (strlen($GLOBALS['TL_DCA'][$this->strTable]['fields'][$field]['inputType']) || is_array($GLOBALS['TL_DCA'][$this->strTable]['fields'][$field]['input_field_callback']))) { $options .= ' <input type="checkbox" name="all_fields[]" id="all_' . $field . '" class="tl_checkbox" value="' . specialchars($field) . '"> <label for="all_' . $field . '" class="tl_checkbox_label">' . ($GLOBALS['TL_DCA'][$this->strTable]['fields'][$field]['label'][0] ?: $GLOBALS['TL_LANG']['MSC'][$field][0]) . '</label><br>'; } } $blnIsError = $_POST && empty($_POST['all_fields']); // Return the select menu $return .= ' <form action="' . ampersand(\Environment::get('request'), true) . '&fields=1" id="' . $this->strTable . '_all" class="tl_form" method="post"> <div class="tl_formbody_edit"> <input type="hidden" name="FORM_SUBMIT" value="' . $this->strTable . '_all"> <input type="hidden" name="REQUEST_TOKEN" value="' . REQUEST_TOKEN . '">' . ($blnIsError ? ' <p class="tl_error">' . $GLOBALS['TL_LANG']['ERR']['general'] . '</p>' : '') . ' <div class="tl_tbox"> <fieldset class="tl_checkbox_container"> <legend' . ($blnIsError ? ' class="error"' : '') . '>' . $GLOBALS['TL_LANG']['MSC']['all_fields'][0] . '</legend> <input type="checkbox" id="check_all" class="tl_checkbox" onclick="Backend.toggleCheckboxes(this)"> <label for="check_all" style="color:#a6a6a6"><em>' . $GLOBALS['TL_LANG']['MSC']['selectAll'] . '</em></label><br>' . $options . ' </fieldset>' . ($blnIsError ? ' <p class="tl_error">' . $GLOBALS['TL_LANG']['ERR']['all_fields'] . '</p>' : (\Config::get('showHelp') && strlen($GLOBALS['TL_LANG']['MSC']['all_fields'][1]) ? ' <p class="tl_help tl_tip">' . $GLOBALS['TL_LANG']['MSC']['all_fields'][1] . '</p>' : '')) . ' </div> </div> <div class="tl_formbody_submit"> <div class="tl_submit_container"> <input type="submit" name="save" id="save" class="tl_submit" accesskey="s" value="' . specialchars($GLOBALS['TL_LANG']['MSC']['continue']) . '"> </div> </div> </form>'; } // Return return ' <div id="tl_buttons"> <a href="' . $this->getReferer(true) . '" class="header_back" title="' . specialchars($GLOBALS['TL_LANG']['MSC']['backBTTitle']) . '" accesskey="b" onclick="Backend.getScrollOffset()">' . $GLOBALS['TL_LANG']['MSC']['backBT'] . '</a> </div>' . $return; }
/** * Disable/enable a user group * @param integer * @param boolean */ public function toggleVisibility($intId, $blnVisible) { // Check permissions if (!$this->User->hasAccess('tl_user_group::disable', 'alexf')) { $this->log('Not enough permissions to activate/deactivate user group ID "' . $intId . '"', __METHOD__, TL_ERROR); $this->redirect('contao/main.php?act=error'); } $objVersions = new Versions('tl_user_group', $intId); $objVersions->initialize(); // Trigger the save_callback if (is_array($GLOBALS['TL_DCA']['tl_user_group']['fields']['disable']['save_callback'])) { foreach ($GLOBALS['TL_DCA']['tl_user_group']['fields']['disable']['save_callback'] as $callback) { if (is_array($callback)) { $this->import($callback[0]); $blnVisible = $this->{$callback}[0]->{$callback}[1]($blnVisible, $this); } elseif (is_callable($callback)) { $blnVisible = $callback($blnVisible, $this); } } } // Update the database $this->Database->prepare("UPDATE tl_user_group SET tstamp=" . time() . ", disable='" . ($blnVisible ? '' : 1) . "' WHERE id=?")->execute($intId); $objVersions->create(); $this->log('A new version of record "tl_user_group.id=' . $intId . '" has been created' . $this->getParentEntries('tl_user_group', $intId), __METHOD__, TL_GENERAL); }
/** * Generate the module */ protected function compile() { /** @var \PageModel $objPage */ global $objPage; $this->import('FrontendUser', 'User'); $GLOBALS['TL_LANGUAGE'] = $objPage->language; \System::loadLanguageFile('tl_member'); $this->loadDataContainer('tl_member'); // Call onload_callback (e.g. to check permissions) if (is_array($GLOBALS['TL_DCA']['tl_member']['config']['onload_callback'])) { foreach ($GLOBALS['TL_DCA']['tl_member']['config']['onload_callback'] as $callback) { if (is_array($callback)) { $this->import($callback[0]); $this->{$callback[0]}->{$callback[1]}(); } elseif (is_callable($callback)) { $callback(); } } } // Set the template if ($this->memberTpl != '') { /** @var \FrontendTemplate|object $objTemplate */ $objTemplate = new \FrontendTemplate($this->memberTpl); $this->Template = $objTemplate; $this->Template->setData($this->arrData); } $this->Template->fields = ''; $this->Template->tableless = $this->tableless; $arrFields = array(); $doNotSubmit = false; $hasUpload = false; $row = 0; // Predefine the group order (other groups will be appended automatically) $arrGroups = array('personal' => array(), 'address' => array(), 'contact' => array(), 'login' => array(), 'profile' => array()); $blnModified = false; $objMember = \MemberModel::findByPk($this->User->id); $strTable = $objMember->getTable(); // Initialize the versioning (see #7415) $objVersions = new \Versions($strTable, $objMember->id); $objVersions->setUsername($objMember->username); $objVersions->setUserId(0); $objVersions->setEditUrl('contao/main.php?do=member&act=edit&id=%s&rt=1'); $objVersions->initialize(); // Build the form foreach ($this->editable as $field) { $arrData =& $GLOBALS['TL_DCA']['tl_member']['fields'][$field]; // Map checkboxWizards to regular checkbox widgets if ($arrData['inputType'] == 'checkboxWizard') { $arrData['inputType'] = 'checkbox'; } // Map fileTrees to upload widgets (see #8091) if ($arrData['inputType'] == 'fileTree') { $arrData['inputType'] = 'upload'; } /** @var \Widget $strClass */ $strClass = $GLOBALS['TL_FFL'][$arrData['inputType']]; // Continue if the class does not exist if (!$arrData['eval']['feEditable'] || !class_exists($strClass)) { continue; } $strGroup = $arrData['eval']['feGroup']; $arrData['eval']['required'] = false; $arrData['eval']['tableless'] = $this->tableless; // Use strlen() here (see #3277) if ($arrData['eval']['mandatory']) { if (is_array($this->User->{$field})) { if (empty($this->User->{$field})) { $arrData['eval']['required'] = true; } } else { if (!strlen($this->User->{$field})) { $arrData['eval']['required'] = true; } } } $varValue = $this->User->{$field}; // Call the load_callback if (isset($arrData['load_callback']) && is_array($arrData['load_callback'])) { foreach ($arrData['load_callback'] as $callback) { if (is_array($callback)) { $this->import($callback[0]); $varValue = $this->{$callback[0]}->{$callback[1]}($varValue, $this->User, $this); } elseif (is_callable($callback)) { $varValue = $callback($varValue, $this->User, $this); } } } /** @var \Widget $objWidget */ $objWidget = new $strClass($strClass::getAttributesFromDca($arrData, $field, $varValue, $field, $strTable, $this)); $objWidget->storeValues = true; $objWidget->rowClass = 'row_' . $row . ($row == 0 ? ' row_first' : '') . ($row % 2 == 0 ? ' even' : ' odd'); // Increase the row count if it is a password field if ($objWidget instanceof \FormPassword) { if ($objMember->password != '') { $objWidget->mandatory = false; } $objWidget->rowClassConfirm = 'row_' . ++$row . ($row % 2 == 0 ? ' even' : ' odd'); } // Validate the form data if (\Input::post('FORM_SUBMIT') == 'tl_member_' . $this->id) { $objWidget->validate(); $varValue = $objWidget->value; $rgxp = $arrData['eval']['rgxp']; // Convert date formats into timestamps (check the eval setting first -> #3063) if ($varValue != '' && in_array($rgxp, array('date', 'time', 'datim'))) { try { $objDate = new \Date($varValue, \Date::getFormatFromRgxp($rgxp)); $varValue = $objDate->tstamp; } catch (\OutOfBoundsException $e) { $objWidget->addError(sprintf($GLOBALS['TL_LANG']['ERR']['invalidDate'], $varValue)); } } // Make sure that unique fields are unique (check the eval setting first -> #3063) if ($arrData['eval']['unique'] && $varValue != '' && !$this->Database->isUniqueValue('tl_member', $field, $varValue, $this->User->id)) { $objWidget->addError(sprintf($GLOBALS['TL_LANG']['ERR']['unique'], $arrData['label'][0] ?: $field)); } // Trigger the save_callback (see #5247) if ($objWidget->submitInput() && !$objWidget->hasErrors() && is_array($arrData['save_callback'])) { foreach ($arrData['save_callback'] as $callback) { try { if (is_array($callback)) { $this->import($callback[0]); $varValue = $this->{$callback[0]}->{$callback[1]}($varValue, $this->User, $this); } elseif (is_callable($callback)) { $varValue = $callback($varValue, $this->User, $this); } } catch (\Exception $e) { $objWidget->class = 'error'; $objWidget->addError($e->getMessage()); } } } // Do not submit the field if there are errors if ($objWidget->hasErrors()) { $doNotSubmit = true; } elseif ($objWidget->submitInput()) { // Store the form data $_SESSION['FORM_DATA'][$field] = $varValue; // Set the correct empty value (see #6284, #6373) if ($varValue === '') { $varValue = $objWidget->getEmptyValue(); } // Encrypt the value (see #7815) if ($arrData['eval']['encrypt']) { $varValue = \Encryption::encrypt($varValue); } // Set the new value if ($varValue !== $this->User->{$field}) { $this->User->{$field} = $varValue; // Set the new field in the member model $blnModified = true; $objMember->{$field} = $varValue; } } } if ($objWidget instanceof \uploadable) { $hasUpload = true; } $temp = $objWidget->parse(); $this->Template->fields .= $temp; $arrFields[$strGroup][$field] .= $temp; ++$row; } // Save the model if ($blnModified) { $objMember->tstamp = time(); $objMember->save(); // Create a new version if ($GLOBALS['TL_DCA'][$strTable]['config']['enableVersioning']) { $objVersions->create(); $this->log('A new version of record "' . $strTable . '.id=' . $objMember->id . '" has been created' . $this->getParentEntries($strTable, $objMember->id), __METHOD__, TL_GENERAL); } } $this->Template->hasError = $doNotSubmit; // Redirect or reload if there was no error if (\Input::post('FORM_SUBMIT') == 'tl_member_' . $this->id && !$doNotSubmit) { // HOOK: updated personal data if (isset($GLOBALS['TL_HOOKS']['updatePersonalData']) && is_array($GLOBALS['TL_HOOKS']['updatePersonalData'])) { foreach ($GLOBALS['TL_HOOKS']['updatePersonalData'] as $callback) { $this->import($callback[0]); $this->{$callback[0]}->{$callback[1]}($this->User, $_SESSION['FORM_DATA'], $this); } } // Call the onsubmit_callback if (is_array($GLOBALS['TL_DCA']['tl_member']['config']['onsubmit_callback'])) { foreach ($GLOBALS['TL_DCA']['tl_member']['config']['onsubmit_callback'] as $callback) { if (is_array($callback)) { $this->import($callback[0]); $this->{$callback[0]}->{$callback[1]}($this->User, $this); } elseif (is_callable($callback)) { $callback($this->User, $this); } } } // Check whether there is a jumpTo page if (($objJumpTo = $this->objModel->getRelated('jumpTo')) !== null) { $this->jumpToOrReload($objJumpTo->row()); } \Message::addConfirmation($GLOBALS['TL_LANG']['MSC']['savedData']); $this->reload(); } $this->Template->loginDetails = $GLOBALS['TL_LANG']['tl_member']['loginDetails']; $this->Template->addressDetails = $GLOBALS['TL_LANG']['tl_member']['addressDetails']; $this->Template->contactDetails = $GLOBALS['TL_LANG']['tl_member']['contactDetails']; $this->Template->personalData = $GLOBALS['TL_LANG']['tl_member']['personalData']; // Add the groups foreach ($arrFields as $k => $v) { $this->Template->{$k} = $v; // backwards compatibility $key = $k . ($k == 'personal' ? 'Data' : 'Details'); $arrGroups[$GLOBALS['TL_LANG']['tl_member'][$key]] = $v; } $this->Template->categories = $arrGroups; $this->Template->formId = 'tl_member_' . $this->id; $this->Template->slabel = specialchars($GLOBALS['TL_LANG']['MSC']['saveData']); $this->Template->action = \Environment::get('indexFreeRequest'); $this->Template->enctype = $hasUpload ? 'multipart/form-data' : 'application/x-www-form-urlencoded'; $this->Template->rowLast = 'row_' . $row . ($row % 2 == 0 ? ' even' : ' odd'); $this->Template->message = \Message::generate(false, true); }
/** * Disable/enable a user group * @param integer * @param boolean */ public function toggleVisibility($intId, $blnVisible) { // Check permissions to publish if (!$this->User->isAdmin && !$this->User->hasAccess('tl_galerie_pictures::published', 'alexf')) { $this->log('Not enough permissions to publish/unpublish image ID "' . $intId . '"', __METHOD__, TL_ERROR); $this->redirect('contao/main.php?act=error'); } $objVersions = new Versions('tl_galerie_pictures', $intId); $objVersions->initialize(); // Trigger the save_callback if (is_array($GLOBALS['TL_DCA']['tl_galerie_pictures']['fields']['published']['save_callback'])) { foreach ($GLOBALS['TL_DCA']['tl_galerie_pictures']['fields']['published']['save_callback'] as $callback) { $this->import($callback[0]); $blnVisible = $this->{$callback}[0]->{$callback}[1]($blnVisible, $this); } } // Update the database $this->Database->prepare("UPDATE tl_galerie_pictures SET tstamp=" . time() . ", published='" . ($blnVisible ? 1 : '') . "' WHERE id=?")->execute($intId); $objVersions->create(); $this->log('A new version of record "tl_galerie_pictures.id=' . $intId . '" has been created' . $this->getParentEntries('tl_galerie_pictures', $intId), __METHOD__, TL_GENERAL); }
/** * Disable/enable a user group * * @param integer $intId * @param boolean $blnVisible * @param DataContainer $dc * * @throws Contao\CoreBundle\Exception\AccessDeniedException */ public function toggleVisibility($intId, $blnVisible, DataContainer $dc = null) { // Set the ID and action Input::setGet('id', $intId); Input::setGet('act', 'toggle'); if ($dc) { $dc->id = $intId; // see #8043 } // Check the field access if (!$this->User->hasAccess('tl_member::disable', 'alexf')) { throw new Contao\CoreBundle\Exception\AccessDeniedException('Not enough permissions to activate/deactivate member ID ' . $intId . '.'); } $objVersions = new Versions('tl_member', $intId); $objVersions->initialize(); // Reverse the logic (members have disabled=1) $blnVisible = !$blnVisible; // Trigger the save_callback if (is_array($GLOBALS['TL_DCA']['tl_member']['fields']['disable']['save_callback'])) { foreach ($GLOBALS['TL_DCA']['tl_member']['fields']['disable']['save_callback'] as $callback) { if (is_array($callback)) { $this->import($callback[0]); $blnVisible = $this->{$callback[0]}->{$callback[1]}($blnVisible, $dc ?: $this); } elseif (is_callable($callback)) { $blnVisible = $callback($blnVisible, $dc ?: $this); } } } $time = time(); // Update the database $this->Database->prepare("UPDATE tl_member SET tstamp={$time}, disable='" . ($blnVisible ? '1' : '') . "' WHERE id=?")->execute($intId); $objVersions->create(); // Remove the session if the user is disabled (see #5353) if (!$blnVisible) { $this->Database->prepare("DELETE FROM tl_session WHERE name='FE_USER_AUTH' AND pid=?")->execute($intId); } }
/** * Return a form to choose a CSV file and import it * * @param DataContainer $dc * * @return string */ public function importList(DataContainer $dc) { if (\Input::get('key') != 'list') { return ''; } $this->import('BackendUser', 'User'); $class = $this->User->uploader; // See #4086 and #7046 if (!class_exists($class) || $class == 'DropZone') { $class = 'FileUpload'; } /** @var FileUpload $objUploader */ $objUploader = new $class(); // Import CSS if (\Input::post('FORM_SUBMIT') == 'tl_list_import') { $arrUploaded = $objUploader->uploadTo('system/tmp'); if (empty($arrUploaded)) { \Message::addError($GLOBALS['TL_LANG']['ERR']['all_fields']); $this->reload(); } $this->import('Database'); $arrList = array(); foreach ($arrUploaded as $strCsvFile) { $objFile = new \File($strCsvFile); if ($objFile->extension != 'csv') { \Message::addError(sprintf($GLOBALS['TL_LANG']['ERR']['filetype'], $objFile->extension)); continue; } // Get separator switch (\Input::post('separator')) { case 'semicolon': $strSeparator = ';'; break; case 'tabulator': $strSeparator = "\t"; break; case 'linebreak': $strSeparator = "\n"; break; default: $strSeparator = ','; break; } $resFile = $objFile->handle; while (($arrRow = @fgetcsv($resFile, null, $strSeparator)) !== false) { $arrList = array_merge($arrList, $arrRow); } } $objVersions = new \Versions($dc->table, \Input::get('id')); $objVersions->create(); $this->Database->prepare("UPDATE " . $dc->table . " SET listitems=? WHERE id=?")->execute(serialize($arrList), \Input::get('id')); \System::setCookie('BE_PAGE_OFFSET', 0, 0); $this->redirect(str_replace('&key=list', '', \Environment::get('request'))); } // Return form return ' <div id="tl_buttons"> <a href="' . ampersand(str_replace('&key=list', '', \Environment::get('request'))) . '" class="header_back" title="' . specialchars($GLOBALS['TL_LANG']['MSC']['backBTTitle']) . '" accesskey="b">' . $GLOBALS['TL_LANG']['MSC']['backBT'] . '</a> </div> ' . \Message::generate() . ' <form action="' . ampersand(\Environment::get('request'), true) . '" id="tl_list_import" class="tl_form" method="post" enctype="multipart/form-data"> <div class="tl_formbody_edit"> <input type="hidden" name="FORM_SUBMIT" value="tl_list_import"> <input type="hidden" name="REQUEST_TOKEN" value="' . REQUEST_TOKEN . '"> <input type="hidden" name="MAX_FILE_SIZE" value="' . \Config::get('maxFileSize') . '"> <div class="tl_tbox"> <h3><label for="separator">' . $GLOBALS['TL_LANG']['MSC']['separator'][0] . '</label></h3> <select name="separator" id="separator" class="tl_select" onfocus="Backend.getScrollOffset()"> <option value="comma">' . $GLOBALS['TL_LANG']['MSC']['comma'] . '</option> <option value="semicolon">' . $GLOBALS['TL_LANG']['MSC']['semicolon'] . '</option> <option value="tabulator">' . $GLOBALS['TL_LANG']['MSC']['tabulator'] . '</option> <option value="linebreak">' . $GLOBALS['TL_LANG']['MSC']['linebreak'] . '</option> </select>' . ($GLOBALS['TL_LANG']['MSC']['separator'][1] != '' ? ' <p class="tl_help tl_tip">' . $GLOBALS['TL_LANG']['MSC']['separator'][1] . '</p>' : '') . ' <h3>' . $GLOBALS['TL_LANG']['MSC']['source'][0] . '</h3>' . $objUploader->generateMarkup() . (isset($GLOBALS['TL_LANG']['MSC']['source'][1]) ? ' <p class="tl_help tl_tip">' . $GLOBALS['TL_LANG']['MSC']['source'][1] . '</p>' : '') . ' </div> </div> <div class="tl_formbody_submit"> <div class="tl_submit_container"> <button type="submit" name="save" id="save" class="tl_submit" accesskey="s">' . $GLOBALS['TL_LANG']['MSC']['lw_import'][0] . '</button> </div> </div> </form>'; }
/** * Generate the module */ protected function compile() { /** @var \PageModel $objPage */ global $objPage; $this->import('FrontendUser', 'User'); $GLOBALS['TL_LANGUAGE'] = $objPage->language; \System::loadLanguageFile('tl_member'); $this->loadDataContainer('tl_member'); // Old password widget $arrFields['oldPassword'] = array('name' => 'oldpassword', 'label' => &$GLOBALS['TL_LANG']['MSC']['oldPassword'], 'inputType' => 'text', 'eval' => array('mandatory' => true, 'preserveTags' => true, 'hideInput' => true)); // New password widget $arrFields['newPassword'] = $GLOBALS['TL_DCA']['tl_member']['fields']['password']; $arrFields['newPassword']['name'] = 'password'; $arrFields['newPassword']['label'] =& $GLOBALS['TL_LANG']['MSC']['newPassword']; $row = 0; $strFields = ''; $doNotSubmit = false; $objMember = \MemberModel::findByPk($this->User->id); $strTable = $objMember->getTable(); // Initialize the versioning (see #8301) $objVersions = new \Versions($strTable, $objMember->id); $objVersions->setUsername($objMember->username); $objVersions->setUserId(0); $objVersions->setEditUrl('contao/main.php?do=member&act=edit&id=%s&rt=1'); $objVersions->initialize(); /** @var \FormTextField $objOldPassword */ $objOldPassword = null; /** @var \FormPassword $objNewPassword */ $objNewPassword = null; // Initialize the widgets foreach ($arrFields as $strKey => $arrField) { /** @var \Widget $strClass */ $strClass = $GLOBALS['TL_FFL'][$arrField['inputType']]; // Continue if the class is not defined if (!class_exists($strClass)) { continue; } $arrField['eval']['tableless'] = $this->tableless; $arrField['eval']['required'] = $arrField['eval']['mandatory']; /** @var \Widget $objWidget */ $objWidget = new $strClass($strClass::getAttributesFromDca($arrField, $arrField['name'])); $objWidget->storeValues = true; $objWidget->rowClass = 'row_' . $row . ($row == 0 ? ' row_first' : '') . ($row % 2 == 0 ? ' even' : ' odd'); // Increase the row count if it is a password field if ($objWidget instanceof \FormPassword) { $objWidget->rowClassConfirm = 'row_' . ++$row . ($row % 2 == 0 ? ' even' : ' odd'); } ++$row; // Store the widget objects $strVar = 'obj' . ucfirst($strKey); ${$strVar} = $objWidget; // Validate the widget if (\Input::post('FORM_SUBMIT') == 'tl_change_password') { $objWidget->validate(); // Validate the old password if ($strKey == 'oldPassword') { if (\Encryption::test($objMember->password)) { $blnAuthenticated = \Encryption::verify($objWidget->value, $objMember->password); } else { list($strPassword, $strSalt) = explode(':', $objMember->password); $blnAuthenticated = $strSalt == '' ? $strPassword === sha1($objWidget->value) : $strPassword === sha1($strSalt . $objWidget->value); } if (!$blnAuthenticated) { $objWidget->value = ''; $objWidget->addError($GLOBALS['TL_LANG']['MSC']['oldPasswordWrong']); sleep(2); // Wait 2 seconds while brute forcing :) } } if ($objWidget->hasErrors()) { $doNotSubmit = true; } } $strFields .= $objWidget->parse(); } $this->Template->fields = $strFields; $this->Template->hasError = $doNotSubmit; // Store the new password if (\Input::post('FORM_SUBMIT') == 'tl_change_password' && !$doNotSubmit) { $objMember->tstamp = time(); $objMember->password = $objNewPassword->value; $objMember->save(); // Create a new version if ($GLOBALS['TL_DCA'][$strTable]['config']['enableVersioning']) { $objVersions->create(); } // HOOK: set new password callback if (isset($GLOBALS['TL_HOOKS']['setNewPassword']) && is_array($GLOBALS['TL_HOOKS']['setNewPassword'])) { foreach ($GLOBALS['TL_HOOKS']['setNewPassword'] as $callback) { $this->import($callback[0]); $this->{$callback[0]}->{$callback[1]}($objMember, $objNewPassword->value, $this); } } // Check whether there is a jumpTo page if (($objJumpTo = $this->objModel->getRelated('jumpTo')) !== null) { $this->jumpToOrReload($objJumpTo->row()); } \Message::addConfirmation($GLOBALS['TL_LANG']['MSC']['newPasswordSet']); $this->reload(); } $this->Template->action = \Environment::get('indexFreeRequest'); $this->Template->slabel = specialchars($GLOBALS['TL_LANG']['MSC']['changePassword']); $this->Template->rowLast = 'row_' . $row . ' row_last' . ($row % 2 == 0 ? ' even' : ' odd'); $this->Template->tableless = $this->tableless; $this->Template->message = \Message::generate(false, true); }
/** * Load the source editor * * @return string */ public function source() { $this->isValid($this->intId); if (is_dir(TL_ROOT . '/' . $this->intId)) { $this->log('Folder "' . $this->intId . '" cannot be edited', __METHOD__, TL_ERROR); $this->redirect('contao/main.php?act=error'); } elseif (!file_exists(TL_ROOT . '/' . $this->intId)) { $this->log('File "' . $this->intId . '" does not exist', __METHOD__, TL_ERROR); $this->redirect('contao/main.php?act=error'); } $this->import('BackendUser', 'User'); // Check user permission if (!$this->User->hasAccess('f5', 'fop')) { $this->log('Not enough permissions to edit the file source of file "' . $this->intId . '"', __METHOD__, TL_ERROR); $this->redirect('contao/main.php?act=error'); } $objFile = new \File($this->intId, true); // Check whether file type is editable if (!in_array($objFile->extension, trimsplit(',', strtolower(\Config::get('editableFiles'))))) { $this->log('File type "' . $objFile->extension . '" (' . $this->intId . ') is not allowed to be edited', __METHOD__, TL_ERROR); $this->redirect('contao/main.php?act=error'); } $objMeta = null; $objVersions = null; // Add the versioning routines if ($this->blnIsDbAssisted && \Dbafs::shouldBeSynchronized($this->intId)) { $objMeta = \FilesModel::findByPath($objFile->value); if ($objMeta === null) { $objMeta = \Dbafs::addResource($objFile->value); } $objVersions = new \Versions($this->strTable, $objMeta->id); if (!$GLOBALS['TL_DCA'][$this->strTable]['config']['hideVersionMenu']) { // Compare versions if (\Input::get('versions')) { $objVersions->compare(); } // Restore a version if (\Input::post('FORM_SUBMIT') == 'tl_version' && \Input::post('version') != '') { $objVersions->restore(\Input::post('version')); // Purge the script cache (see #7005) if ($objFile->extension == 'css' || $objFile->extension == 'scss' || $objFile->extension == 'less') { $this->import('Automator'); $this->Automator->purgeScriptCache(); } $this->reload(); } } $objVersions->initialize(); } $strContent = $objFile->getContent(); if ($objFile->extension == 'svgz') { $strContent = gzdecode($strContent); } // Process the request if (\Input::post('FORM_SUBMIT') == 'tl_files') { // Restore the basic entities (see #7170) $strSource = \StringUtil::restoreBasicEntities(\Input::postRaw('source')); // Save the file if (md5($strContent) != md5($strSource)) { if ($objFile->extension == 'svgz') { $strSource = gzencode($strSource); } // Write the file $objFile->write($strSource); $objFile->close(); // Update the database if ($this->blnIsDbAssisted && $objMeta !== null) { /** @var \FilesModel $objMeta */ $objMeta->hash = $objFile->hash; $objMeta->save(); $objVersions->create(); } // Purge the script cache (see #7005) if ($objFile->extension == 'css' || $objFile->extension == 'scss' || $objFile->extension == 'less') { $this->import('Automator'); $this->Automator->purgeScriptCache(); } } if (\Input::post('saveNclose')) { \System::setCookie('BE_PAGE_OFFSET', 0, 0); $this->redirect($this->getReferer()); } $this->reload(); } $codeEditor = ''; // Prepare the code editor if (\Config::get('useCE')) { $selector = 'ctrl_source'; $type = $objFile->extension; // Load the code editor configuration ob_start(); include TL_ROOT . '/system/config/ace.php'; $codeEditor = ob_get_contents(); ob_end_clean(); unset($selector, $type); } // Versions overview if ($GLOBALS['TL_DCA'][$this->strTable]['config']['enableVersioning'] && !$GLOBALS['TL_DCA'][$this->strTable]['config']['hideVersionMenu'] && $this->blnIsDbAssisted && $objVersions !== null) { $version = $objVersions->renderDropdown(); } else { $version = ''; } // Submit buttons $arrButtons = array(); $arrButtons['save'] = '<input type="submit" name="save" id="save" class="tl_submit" accesskey="s" value="' . specialchars($GLOBALS['TL_LANG']['MSC']['save']) . '">'; $arrButtons['saveNclose'] = '<input type="submit" name="saveNclose" id="saveNclose" class="tl_submit" accesskey="c" value="' . specialchars($GLOBALS['TL_LANG']['MSC']['saveNclose']) . '">'; // Call the buttons_callback (see #4691) if (is_array($GLOBALS['TL_DCA'][$this->strTable]['edit']['buttons_callback'])) { foreach ($GLOBALS['TL_DCA'][$this->strTable]['edit']['buttons_callback'] as $callback) { if (is_array($callback)) { $this->import($callback[0]); $arrButtons = $this->{$callback[0]}->{$callback[1]}($arrButtons, $this); } elseif (is_callable($callback)) { $arrButtons = $callback($arrButtons, $this); } } } // Add the form return $version . ' <div id="tl_buttons"> <a href="' . $this->getReferer(true) . '" class="header_back" title="' . specialchars($GLOBALS['TL_LANG']['MSC']['backBTTitle']) . '" accesskey="b" onclick="Backend.getScrollOffset()">' . $GLOBALS['TL_LANG']['MSC']['backBT'] . '</a> </div> ' . \Message::generate() . ' <form action="' . ampersand(\Environment::get('request'), true) . '" id="tl_files" class="tl_form" method="post"> <div class="tl_formbody_edit"> <input type="hidden" name="FORM_SUBMIT" value="tl_files"> <input type="hidden" name="REQUEST_TOKEN" value="' . REQUEST_TOKEN . '"> <div class="tl_tbox"> <h3><label for="ctrl_source">' . $GLOBALS['TL_LANG']['tl_files']['editor'][0] . '</label></h3> <textarea name="source" id="ctrl_source" class="tl_textarea monospace" rows="12" cols="80" style="height:400px" onfocus="Backend.getScrollOffset()">' . "\n" . htmlspecialchars($strContent) . '</textarea>' . (\Config::get('showHelp') && strlen($GLOBALS['TL_LANG']['tl_files']['editor'][1]) ? ' <p class="tl_help tl_tip">' . $GLOBALS['TL_LANG']['tl_files']['editor'][1] . '</p>' : '') . ' </div> </div> <div class="tl_formbody_submit"> <div class="tl_submit_container"> ' . implode(' ', $arrButtons) . ' </div> </div> </form>' . "\n\n" . $codeEditor; }
/** * Disable/enable a user group * * @param integer $intId * @param boolean $blnVisible * @param DataContainer $dc */ public function toggleVisibility($intId, $blnVisible, DataContainer $dc = null) { // Set the ID and action Input::setGet('id', $intId); Input::setGet('act', 'toggle'); if ($dc) { $dc->id = $intId; // see #8043 } $this->checkPermission(); // Protect own account if ($this->User->id == $intId) { return; } // Check the field access if (!$this->User->hasAccess('tl_user::disable', 'alexf')) { $this->log('Not enough permissions to activate/deactivate user ID "' . $intId . '"', __METHOD__, TL_ERROR); $this->redirect('contao/main.php?act=error'); } $objVersions = new Versions('tl_user', $intId); $objVersions->initialize(); // Trigger the save_callback if (is_array($GLOBALS['TL_DCA']['tl_user']['fields']['disable']['save_callback'])) { foreach ($GLOBALS['TL_DCA']['tl_user']['fields']['disable']['save_callback'] as $callback) { if (is_array($callback)) { $this->import($callback[0]); $blnVisible = $this->{$callback[0]}->{$callback[1]}($blnVisible, $dc ?: $this); } elseif (is_callable($callback)) { $blnVisible = $callback($blnVisible, $dc ?: $this); } } } // Update the database $this->Database->prepare("UPDATE tl_user SET tstamp=" . time() . ", disable='" . ($blnVisible ? '' : 1) . "' WHERE id=?")->execute($intId); $objVersions->create(); // Remove the session if the user is disabled (see #5353) if (!$blnVisible) { $this->Database->prepare("DELETE FROM tl_session WHERE name='BE_USER_AUTH' AND pid=?")->execute($intId); } }
/** * Toggle the visibility of a format definition * * @param integer $intId * @param boolean $blnVisible * @param DataContainer $dc */ public function toggleVisibility($intId, $blnVisible, DataContainer $dc = null) { $objVersions = new Versions('tl_image_size_item', $intId); $objVersions->initialize(); // Trigger the save_callback if (is_array($GLOBALS['TL_DCA']['tl_image_size_item']['fields']['invisible']['save_callback'])) { foreach ($GLOBALS['TL_DCA']['tl_image_size_item']['fields']['invisible']['save_callback'] as $callback) { if (is_array($callback)) { $this->import($callback[0]); $blnVisible = $this->{$callback}[0]->{$callback}[1]($blnVisible, $dc ?: $this); } elseif (is_callable($callback)) { $blnVisible = $callback($blnVisible, $dc ?: $this); } } } // Update the database $this->Database->prepare("UPDATE tl_image_size_item SET tstamp=" . time() . ", invisible='" . ($blnVisible ? '' : 1) . "' WHERE id=?")->execute($intId); $objVersions->create(); $this->log('A new version of record "tl_image_size_item.id=' . $intId . '" has been created' . $this->getParentEntries('tl_image_size_item', $intId), __METHOD__, TL_GENERAL); }