/** * Run the controller and parse the login template * * @return Response */ public function run() { /** @var BackendTemplate|object $objTemplate */ $objTemplate = new \BackendTemplate('be_login'); $strHeadline = sprintf($GLOBALS['TL_LANG']['MSC']['loginTo'], \Config::get('websiteTitle')); $objTemplate->theme = \Backend::getTheme(); $objTemplate->messages = \Message::generate(); $objTemplate->base = \Environment::get('base'); $objTemplate->language = $GLOBALS['TL_LANGUAGE']; $objTemplate->languages = \System::getLanguages(true); $objTemplate->title = \StringUtil::specialchars($strHeadline); $objTemplate->charset = \Config::get('characterSet'); $objTemplate->action = ampersand(\Environment::get('request')); $objTemplate->userLanguage = $GLOBALS['TL_LANG']['tl_user']['language'][0]; $objTemplate->headline = $strHeadline; $objTemplate->curLanguage = \Input::post('language') ?: str_replace('-', '_', $GLOBALS['TL_LANGUAGE']); $objTemplate->curUsername = \Input::post('username') ?: ''; $objTemplate->uClass = $_POST && empty($_POST['username']) ? ' class="login_error"' : ''; $objTemplate->pClass = $_POST && empty($_POST['password']) ? ' class="login_error"' : ''; $objTemplate->loginButton = \StringUtil::specialchars($GLOBALS['TL_LANG']['MSC']['loginBT']); $objTemplate->username = $GLOBALS['TL_LANG']['tl_user']['username'][0]; $objTemplate->password = $GLOBALS['TL_LANG']['MSC']['password'][0]; $objTemplate->feLink = $GLOBALS['TL_LANG']['MSC']['feLink']; $objTemplate->default = $GLOBALS['TL_LANG']['MSC']['default']; $objTemplate->jsDisabled = $GLOBALS['TL_LANG']['MSC']['jsDisabled']; return $objTemplate->getResponse(); }
/** * Generate the module */ protected function compile() { /** @var PageModel $objPage */ global $objPage; // Set the trail and level if ($this->defineRoot && $this->rootPage > 0) { $trail = array($this->rootPage); $level = 0; } else { $trail = $objPage->trail; $level = $this->levelOffset > 0 ? $this->levelOffset : 0; } $lang = null; $host = null; // Overwrite the domain and language if the reference page belongs to a differnt root page (see #3765) if ($this->defineRoot && $this->rootPage > 0) { $objRootPage = \PageModel::findWithDetails($this->rootPage); // Set the language if (\Config::get('addLanguageToUrl') && $objRootPage->rootLanguage != $objPage->rootLanguage) { $lang = $objRootPage->rootLanguage; } // Set the domain if ($objRootPage->rootId != $objPage->rootId && $objRootPage->domain != '' && $objRootPage->domain != $objPage->domain) { $host = $objRootPage->domain; } } $this->Template->request = ampersand(\Environment::get('indexFreeRequest')); $this->Template->skipId = 'skipNavigation' . $this->id; $this->Template->skipNavigation = \StringUtil::specialchars($GLOBALS['TL_LANG']['MSC']['skipNavigation']); $this->Template->items = $this->renderNavigation($trail[$level], 1, $host, $lang); }
/** * Generate the module */ protected function compile() { /** @var PageModel $objPage */ global $objPage; if (!strlen($this->inColumn)) { $this->inColumn = 'main'; } $intCount = 0; $articles = array(); $id = $objPage->id; $this->Template->request = \Environment::get('request'); // Show the articles of a different page if ($this->defineRoot && $this->rootPage > 0) { if (($objTarget = $this->objModel->getRelated('rootPage')) instanceof PageModel) { $id = $objTarget->id; /** @var PageModel $objTarget */ $this->Template->request = $objTarget->getFrontendUrl(); } } // Get published articles $objArticles = \ArticleModel::findPublishedByPidAndColumn($id, $this->inColumn); if ($objArticles === null) { return; } while ($objArticles->next()) { // Skip first article if (++$intCount <= intval($this->skipFirst)) { continue; } $cssID = \StringUtil::deserialize($objArticles->cssID, true); $articles[] = array('link' => $objArticles->title, 'title' => \StringUtil::specialchars($objArticles->title), 'id' => $cssID[0] ?: 'article-' . $objArticles->id, 'articleId' => $objArticles->id); } $this->Template->articles = $articles; }
/** * Generate the module */ protected function compile() { $objFaq = \FaqModel::findPublishedByPids($this->faq_categories); if ($objFaq === null) { $this->Template->faq = array(); return; } $arrFaq = array_fill_keys($this->faq_categories, array()); // Add FAQs while ($objFaq->next()) { $arrTemp = $objFaq->row(); $arrTemp['title'] = \StringUtil::specialchars($objFaq->question, true); $arrTemp['href'] = $this->generateFaqLink($objFaq); /** @var FaqCategoryModel $objPid */ $objPid = $objFaq->getRelated('pid'); $arrFaq[$objFaq->pid]['items'][] = $arrTemp; $arrFaq[$objFaq->pid]['headline'] = $objPid->headline; $arrFaq[$objFaq->pid]['title'] = $objPid->title; } $arrFaq = array_values(array_filter($arrFaq)); $cat_count = 0; $cat_limit = count($arrFaq); // Add classes foreach ($arrFaq as $k => $v) { $count = 0; $limit = count($v['items']); for ($i = 0; $i < $limit; $i++) { $arrFaq[$k]['items'][$i]['class'] = trim((++$count == 1 ? ' first' : '') . ($count >= $limit ? ' last' : '') . ($count % 2 == 0 ? ' odd' : ' even')); } $arrFaq[$k]['class'] = trim((++$cat_count == 1 ? ' first' : '') . ($cat_count >= $cat_limit ? ' last' : '') . ($cat_count % 2 == 0 ? ' odd' : ' even')); } $this->Template->faq = $arrFaq; }
/** * {@inheritdoc} */ protected function write(array $record) { $this->createStatement(); /** @var \DateTime $date */ $date = $record['datetime']; /** @var ContaoContext $context */ $context = $record['extra']['contao']; $this->statement->execute(['tstamp' => $date->format('U'), 'text' => StringUtil::specialchars((string) $record['formatted']), 'source' => (string) $context->getSource(), 'action' => (string) $context->getAction(), 'username' => (string) $context->getUsername(), 'func' => (string) $context->getFunc(), 'ip' => (string) $context->getIp(), 'browser' => (string) $context->getBrowser()]); }
/** * Show the raw markdown code in the back end * * @return string */ public function generate() { if (TL_MODE == 'BE') { $return = '<pre>' . \StringUtil::specialchars($this->code) . '</pre>'; if ($this->headline != '') { $return = '<' . $this->hl . '>' . $this->headline . '</' . $this->hl . '>' . $return; } return $return; } return parent::generate(); }
/** * Run the controller and parse the template * * @return Response */ public function run() { /** @var BackendTemplate|object $objTemplate */ $objTemplate = new \BackendTemplate('be_alerts'); $objTemplate->theme = \Backend::getTheme(); $objTemplate->base = \Environment::get('base'); $objTemplate->language = $GLOBALS['TL_LANGUAGE']; $objTemplate->title = \StringUtil::specialchars($GLOBALS['TL_LANG']['MSC']['systemMessages']); $objTemplate->charset = \Config::get('characterSet'); $objTemplate->messages = \Message::generateUnwrapped() . \Backend::getSystemMessages(); return $objTemplate->getResponse(); }
/** * Run the controller and parse the template * * @return Response */ public function run() { /** @var BackendTemplate|object $objTemplate */ $objTemplate = new \BackendTemplate('be_preview'); $objTemplate->base = \Environment::get('base'); $objTemplate->language = $GLOBALS['TL_LANGUAGE']; $objTemplate->title = \StringUtil::specialchars($GLOBALS['TL_LANG']['MSC']['fePreview']); $objTemplate->charset = \Config::get('characterSet'); $objTemplate->site = \Input::get('site', true); $objTemplate->switchHref = \System::getContainer()->get('router')->generate('contao_backend_switch'); $strUrl = null; if (\Input::get('url')) { $strUrl = \Environment::get('base') . \Input::get('url'); } elseif (\Input::get('page')) { $strUrl = $this->redirectToFrontendPage(\Input::get('page'), \Input::get('article'), true); } else { $event = new PreviewUrlConvertEvent(); \System::getContainer()->get('event_dispatcher')->dispatch(ContaoCoreEvents::PREVIEW_URL_CONVERT, $event); $strUrl = $event->getUrl(); } if ($strUrl === null) { $strUrl = \System::getContainer()->get('router')->generate('contao_root', [], UrlGeneratorInterface::ABSOLUTE_URL); } $objTemplate->url = $strUrl; // Switch to a particular member (see #6546) if (\Input::get('user') && $this->User->isAdmin) { $objUser = \MemberModel::findByUsername(\Input::get('user')); if ($objUser !== null) { $strHash = $this->getSessionHash('FE_USER_AUTH'); // Remove old sessions $this->Database->prepare("DELETE FROM tl_session WHERE tstamp<? OR hash=?")->execute(time() - \Config::get('sessionTimeout'), $strHash); // Insert the new session $this->Database->prepare("INSERT INTO tl_session (pid, tstamp, name, sessionID, ip, hash) VALUES (?, ?, ?, ?, ?, ?)")->execute($objUser->id, time(), 'FE_USER_AUTH', \System::getContainer()->get('session')->getId(), \Environment::get('ip'), $strHash); // Set the cookie $this->setCookie('FE_USER_AUTH', $strHash, time() + \Config::get('sessionTimeout'), null, null, false, true); $objTemplate->user = \Input::post('user'); } } return $objTemplate->getResponse(); }
/** * Generate the module */ protected function compile() { /** @var PageModel $objPage */ global $objPage; $intActive = null; $articles = array(); $intCount = 1; foreach ($this->objArticles as $objArticle) { $strAlias = $objArticle->alias ?: $objArticle->id; // Active article if (\Input::get('articles') == $strAlias) { $articles[] = array('isActive' => true, 'href' => $objPage->getFrontendUrl('/articles/' . $strAlias), 'title' => \StringUtil::specialchars($objArticle->title, true), 'link' => $intCount); $intActive = $intCount - 1; } else { $articles[] = array('isActive' => false, 'href' => $objPage->getFrontendUrl('/articles/' . $strAlias), 'title' => \StringUtil::specialchars($objArticle->title, true), 'link' => $intCount); } ++$intCount; } $this->Template->articles = $articles; $total = count($articles); // Link to first element if ($intActive > 1) { $this->Template->first = array('href' => $articles[0]['href'], 'title' => $articles[0]['title'], 'link' => $GLOBALS['TL_LANG']['MSC']['first']); } $key = $intActive - 1; // Link to previous element if ($intCount > 1 && $key >= 0) { $this->Template->previous = array('href' => $articles[$key]['href'], 'title' => $articles[$key]['title'], 'link' => $GLOBALS['TL_LANG']['MSC']['previous']); } $key = $intActive + 1; // Link to next element if ($intCount > 1 && $key < $total) { $this->Template->next = array('href' => $articles[$key]['href'], 'title' => $articles[$key]['title'], 'link' => $GLOBALS['TL_LANG']['MSC']['next']); } $key = $total - 1; // Link to last element if ($intCount > 1 && $intActive < $key - 1) { $this->Template->last = array('href' => $articles[$key]['href'], 'title' => $articles[$key]['title'], 'link' => $GLOBALS['TL_LANG']['MSC']['last']); } }
/** * Generate the module */ protected function compile() { /** @var PageModel $objPage */ global $objPage; $this->import('FrontendUser', 'User'); $GLOBALS['TL_LANGUAGE'] = $objPage->language; \System::loadLanguageFile('tl_member'); $this->loadDataContainer('tl_member'); // Old password widget $arrFields['oldPassword'] = array('name' => 'oldpassword', 'label' => &$GLOBALS['TL_LANG']['MSC']['oldPassword'], 'inputType' => 'text', 'eval' => array('mandatory' => true, 'preserveTags' => true, 'hideInput' => true)); // New password widget $arrFields['newPassword'] = $GLOBALS['TL_DCA']['tl_member']['fields']['password']; $arrFields['newPassword']['name'] = 'password'; $arrFields['newPassword']['label'] =& $GLOBALS['TL_LANG']['MSC']['newPassword']; $row = 0; $strFields = ''; $doNotSubmit = false; $objMember = \MemberModel::findByPk($this->User->id); $strFormId = 'tl_change_password_' . $this->id; $flashBag = \System::getContainer()->get('session')->getFlashBag(); $strTable = $objMember->getTable(); // Initialize the versioning (see #8301) $objVersions = new \Versions($strTable, $objMember->id); $objVersions->setUsername($objMember->username); $objVersions->setUserId(0); $objVersions->setEditUrl('contao/main.php?do=member&act=edit&id=%s&rt=1'); $objVersions->initialize(); /** @var FormTextField $objOldPassword */ $objOldPassword = null; /** @var FormPassword $objNewPassword */ $objNewPassword = null; // Initialize the widgets foreach ($arrFields as $strKey => $arrField) { /** @var Widget $strClass */ $strClass = $GLOBALS['TL_FFL'][$arrField['inputType']]; // Continue if the class is not defined if (!class_exists($strClass)) { continue; } $arrField['eval']['required'] = $arrField['eval']['mandatory']; /** @var Widget $objWidget */ $objWidget = new $strClass($strClass::getAttributesFromDca($arrField, $arrField['name'])); $objWidget->storeValues = true; $objWidget->rowClass = 'row_' . $row . ($row == 0 ? ' row_first' : '') . ($row % 2 == 0 ? ' even' : ' odd'); // Increase the row count if it is a password field if ($objWidget instanceof FormPassword) { $objWidget->rowClassConfirm = 'row_' . ++$row . ($row % 2 == 0 ? ' even' : ' odd'); } ++$row; // Store the widget objects $strVar = 'obj' . ucfirst($strKey); ${$strVar} = $objWidget; // Validate the widget if (\Input::post('FORM_SUBMIT') == $strFormId) { $objWidget->validate(); // Validate the old password if ($strKey == 'oldPassword') { if (\Encryption::test($objMember->password)) { $blnAuthenticated = \Encryption::verify($objWidget->value, $objMember->password); } else { list($strPassword, $strSalt) = explode(':', $objMember->password); $blnAuthenticated = $strSalt == '' ? $strPassword === sha1($objWidget->value) : $strPassword === sha1($strSalt . $objWidget->value); } if (!$blnAuthenticated) { $objWidget->value = ''; $objWidget->addError($GLOBALS['TL_LANG']['MSC']['oldPasswordWrong']); sleep(2); // Wait 2 seconds while brute forcing :) } } if ($objWidget->hasErrors()) { $doNotSubmit = true; } } $strFields .= $objWidget->parse(); } $this->Template->fields = $strFields; $this->Template->hasError = $doNotSubmit; // Store the new password if (\Input::post('FORM_SUBMIT') == $strFormId && !$doNotSubmit) { $objMember->tstamp = time(); $objMember->password = $objNewPassword->value; $objMember->save(); // Create a new version if ($GLOBALS['TL_DCA'][$strTable]['config']['enableVersioning']) { $objVersions->create(); } // HOOK: set new password callback if (isset($GLOBALS['TL_HOOKS']['setNewPassword']) && is_array($GLOBALS['TL_HOOKS']['setNewPassword'])) { foreach ($GLOBALS['TL_HOOKS']['setNewPassword'] as $callback) { $this->import($callback[0]); $this->{$callback[0]}->{$callback[1]}($objMember, $objNewPassword->value, $this); } } // Check whether there is a jumpTo page if (($objJumpTo = $this->objModel->getRelated('jumpTo')) instanceof PageModel) { $this->jumpToOrReload($objJumpTo->row()); } $flashBag->set('mod_change_password_confirm', $GLOBALS['TL_LANG']['MSC']['newPasswordSet']); $this->reload(); } // Confirmation message if ($flashBag->has('mod_change_password_confirm')) { $arrMessages = $flashBag->get('mod_change_password_confirm'); $this->Template->message = $arrMessages[0]; } $this->Template->formId = $strFormId; $this->Template->action = \Environment::get('indexFreeRequest'); $this->Template->slabel = \StringUtil::specialchars($GLOBALS['TL_LANG']['MSC']['changePassword']); $this->Template->rowLast = 'row_' . $row . ' row_last' . ($row % 2 == 0 ? ' even' : ' odd'); }
/** * Recursively render the filetree * * @param string $path * @param integer $intMargin * @param boolean $mount * @param boolean $blnProtected * @param array $arrFound * * @return string */ protected function renderFiletree($path, $intMargin, $mount = false, $blnProtected = true, $arrFound = array()) { // Invalid path if (!is_dir($path)) { return ''; } // Make sure that $this->varValue is an array (see #3369) if (!is_array($this->varValue)) { $this->varValue = array($this->varValue); } static $session; /** @var AttributeBagInterface $objSessionBag */ $objSessionBag = \System::getContainer()->get('session')->getBag('contao_backend'); $session = $objSessionBag->all(); $flag = substr($this->strField, 0, 2); $node = 'tree_' . $this->strTable . '_' . $this->strField; $xtnode = 'tree_' . $this->strTable . '_' . $this->strName; // Get session data and toggle nodes if (\Input::get($flag . 'tg')) { $session[$node][\Input::get($flag . 'tg')] = isset($session[$node][\Input::get($flag . 'tg')]) && $session[$node][\Input::get($flag . 'tg')] == 1 ? 0 : 1; $objSessionBag->replace($session); $this->redirect(preg_replace('/(&(amp;)?|\\?)' . $flag . 'tg=[^& ]*/i', '', \Environment::get('request'))); } $return = ''; $intSpacing = 20; $files = array(); $folders = array(); $level = $intMargin / $intSpacing + 1; // Mount folder if ($mount) { $folders = array($path); } else { foreach (scan($path) as $v) { if (strncmp($v, '.', 1) === 0) { continue; } if (is_dir($path . '/' . $v)) { $folders[] = $path . '/' . $v; } else { $files[] = $path . '/' . $v; } } } natcasesort($folders); $folders = array_values($folders); natcasesort($files); $files = array_values($files); // Sort descending (see #4072) if ($this->sort == 'desc') { $folders = array_reverse($folders); $files = array_reverse($files); } $folderClass = $this->files || $this->filesOnly ? 'tl_folder' : 'tl_file'; // Process folders for ($f = 0, $c = count($folders); $f < $c; $f++) { $content = scan($folders[$f]); $currentFolder = str_replace(TL_ROOT . '/', '', $folders[$f]); $countFiles = count($content); // Check whether there are subfolders or files foreach ($content as $file) { if (strncmp($file, '.', 1) === 0) { --$countFiles; } elseif (!$this->files && !$this->filesOnly && is_file($folders[$f] . '/' . $file)) { --$countFiles; } elseif (!empty($arrFound) && !in_array($currentFolder . '/' . $file, $arrFound) && !preg_grep('/^' . preg_quote($currentFolder . '/' . $file, '/') . '\\//', $arrFound)) { --$countFiles; } } if (!empty($arrFound) && $countFiles < 1 && !in_array($currentFolder, $arrFound)) { continue; } $tid = md5($folders[$f]); $folderAttribute = 'style="margin-left:20px"'; $session[$node][$tid] = is_numeric($session[$node][$tid]) ? $session[$node][$tid] : 0; $currentFolder = str_replace(TL_ROOT . '/', '', $folders[$f]); $blnIsOpen = !empty($arrFound) || $session[$node][$tid] == 1 || count(preg_grep('/^' . preg_quote($currentFolder, '/') . '\\//', $this->varValue)) > 0; $return .= "\n " . '<li class="' . $folderClass . ' toggle_select hover-div"><div class="tl_left" style="padding-left:' . $intMargin . 'px">'; // Add a toggle button if there are childs if ($countFiles > 0) { $folderAttribute = ''; $img = $blnIsOpen ? 'folMinus.svg' : 'folPlus.svg'; $alt = $blnIsOpen ? $GLOBALS['TL_LANG']['MSC']['collapseNode'] : $GLOBALS['TL_LANG']['MSC']['expandNode']; $return .= '<a href="' . \Backend::addToUrl($flag . 'tg=' . $tid) . '" title="' . \StringUtil::specialchars($alt) . '" onclick="return AjaxRequest.toggleFiletree(this,\'' . $xtnode . '_' . $tid . '\',\'' . $currentFolder . '\',\'' . $this->strField . '\',\'' . $this->strName . '\',' . $level . ')">' . \Image::getHtml($img, '', 'style="margin-right:2px"') . '</a>'; } $protected = $blnProtected; // Check whether the folder is public if ($protected === true && array_search('.public', $content) !== false) { $protected = false; } $folderImg = $protected ? 'folderCP.svg' : 'folderC.svg'; $folderLabel = $this->files || $this->filesOnly ? '<strong>' . \StringUtil::specialchars(basename($currentFolder)) . '</strong>' : \StringUtil::specialchars(basename($currentFolder)); // Add the current folder $return .= \Image::getHtml($folderImg, '', $folderAttribute) . ' <a href="' . \Backend::addToUrl('fn=' . $this->urlEncode($currentFolder)) . '" title="' . \StringUtil::specialchars($GLOBALS['TL_LANG']['MSC']['selectNode']) . '">' . $folderLabel . '</a></div> <div class="tl_right">'; // Add a checkbox or radio button if (!$this->filesOnly) { switch ($this->fieldType) { case 'checkbox': $return .= '<input type="checkbox" name="' . $this->strName . '[]" id="' . $this->strName . '_' . md5($currentFolder) . '" class="tl_tree_checkbox" value="' . \StringUtil::specialchars($currentFolder) . '" onfocus="Backend.getScrollOffset()"' . $this->optionChecked($currentFolder, $this->varValue) . '>'; break; case 'radio': $return .= '<input type="radio" name="' . $this->strName . '" id="' . $this->strName . '_' . md5($currentFolder) . '" class="tl_tree_radio" value="' . \StringUtil::specialchars($currentFolder) . '" onfocus="Backend.getScrollOffset()"' . $this->optionChecked($currentFolder, $this->varValue) . '>'; break; } } $return .= '</div><div style="clear:both"></div></li>'; // Call the next node if ($blnIsOpen) { $return .= '<li class="parent" id="' . $xtnode . '_' . $tid . '"><ul class="level_' . $level . '">'; $return .= $this->renderFiletree($folders[$f], $intMargin + $intSpacing, false, $protected, $arrFound); $return .= '</ul></li>'; } } // Process files if ($this->files || $this->filesOnly) { for ($h = 0, $c = count($files); $h < $c; $h++) { $thumbnail = ''; $currentFile = str_replace(TL_ROOT . '/', '', $files[$h]); $currentEncoded = $this->urlEncode($currentFile); $objFile = new \File($currentFile); if (!empty($this->arrValidFileTypes) && !in_array($objFile->extension, $this->arrValidFileTypes)) { continue; } // Ignore files not matching the search criteria if (!empty($arrFound) && !in_array($currentFile, $arrFound)) { continue; } $return .= "\n " . '<li class="tl_file toggle_select hover-div"><div class="tl_left" style="padding-left:' . ($intMargin + $intSpacing) . 'px">'; $thumbnail .= ' <span class="tl_gray">(' . $this->getReadableSize($objFile->filesize); if ($objFile->width && $objFile->height) { $thumbnail .= ', ' . $objFile->width . 'x' . $objFile->height . ' px'; } $thumbnail .= ')</span>'; // Generate thumbnail if ($objFile->isImage && $objFile->viewHeight > 0 && \Config::get('thumbnails') && ($objFile->isSvgImage || $objFile->height <= \Config::get('gdMaxImgHeight') && $objFile->width <= \Config::get('gdMaxImgWidth'))) { $imageObj = \Image::create($currentEncoded, array(400, $objFile->height && $objFile->height < 50 ? $objFile->height : 50, 'box')); $importantPart = $imageObj->getImportantPart(); $thumbnail .= '<br>' . \Image::getHtml($imageObj->executeResize()->getResizedPath(), '', 'style="margin:0 0 2px -19px"'); if ($importantPart['x'] > 0 || $importantPart['y'] > 0 || $importantPart['width'] < $objFile->width || $importantPart['height'] < $objFile->height) { $thumbnail .= ' ' . \Image::getHtml($imageObj->setZoomLevel(100)->setTargetWidth(320)->setTargetHeight($objFile->height && $objFile->height < 40 ? $objFile->height : 40)->executeResize()->getResizedPath(), '', 'style="margin:0 0 2px 0;vertical-align:bottom"'); } } $return .= \Image::getHtml($objFile->icon, $objFile->mime) . ' ' . \StringUtil::convertEncoding(\StringUtil::specialchars(basename($currentFile)), \Config::get('characterSet')) . $thumbnail . '</div> <div class="tl_right">'; // Add checkbox or radio button switch ($this->fieldType) { case 'checkbox': $return .= '<input type="checkbox" name="' . $this->strName . '[]" id="' . $this->strName . '_' . md5($currentFile) . '" class="tl_tree_checkbox" value="' . \StringUtil::specialchars($currentFile) . '" onfocus="Backend.getScrollOffset()"' . $this->optionChecked($currentFile, $this->varValue) . '>'; break; case 'radio': $return .= '<input type="radio" name="' . $this->strName . '" id="' . $this->strName . '_' . md5($currentFile) . '" class="tl_tree_radio" value="' . \StringUtil::specialchars($currentFile) . '" onfocus="Backend.getScrollOffset()"' . $this->optionChecked($currentFile, $this->varValue) . '>'; break; } $return .= '</div><div style="clear:both"></div></li>'; } } return $return; }
/** * Set the new password */ protected function setNewPassword() { $objMember = \MemberModel::findOneByActivation(\Input::get('token')); if ($objMember === null || $objMember->login == '') { $this->strTemplate = 'mod_message'; /** @var FrontendTemplate|object $objTemplate */ $objTemplate = new \FrontendTemplate($this->strTemplate); $this->Template = $objTemplate; $this->Template->type = 'error'; $this->Template->message = $GLOBALS['TL_LANG']['MSC']['accountError']; return; } $strTable = $objMember->getTable(); // Initialize the versioning (see #8301) $objVersions = new \Versions($strTable, $objMember->id); $objVersions->setUsername($objMember->username); $objVersions->setUserId(0); $objVersions->setEditUrl('contao/main.php?do=member&act=edit&id=%s&rt=1'); $objVersions->initialize(); // Define the form field $arrField = $GLOBALS['TL_DCA']['tl_member']['fields']['password']; /** @var Widget $strClass */ $strClass = $GLOBALS['TL_FFL']['password']; // Fallback to default if the class is not defined if (!class_exists($strClass)) { $strClass = 'FormPassword'; } /** @var Widget $objWidget */ $objWidget = new $strClass($strClass::getAttributesFromDca($arrField, 'password')); // Set row classes $objWidget->rowClass = 'row_0 row_first even'; $objWidget->rowClassConfirm = 'row_1 odd'; $this->Template->rowLast = 'row_2 row_last even'; /** @var SessionInterface $objSession */ $objSession = \System::getContainer()->get('session'); // Validate the field if (strlen(\Input::post('FORM_SUBMIT')) && \Input::post('FORM_SUBMIT') == $objSession->get('setPasswordToken')) { $objWidget->validate(); // Set the new password and redirect if (!$objWidget->hasErrors()) { $objSession->set('setPasswordToken', ''); $objMember->tstamp = time(); $objMember->activation = ''; $objMember->password = $objWidget->value; $objMember->save(); // Create a new version if ($GLOBALS['TL_DCA'][$strTable]['config']['enableVersioning']) { $objVersions->create(); } // HOOK: set new password callback if (isset($GLOBALS['TL_HOOKS']['setNewPassword']) && is_array($GLOBALS['TL_HOOKS']['setNewPassword'])) { foreach ($GLOBALS['TL_HOOKS']['setNewPassword'] as $callback) { $this->import($callback[0]); $this->{$callback[0]}->{$callback[1]}($objMember, $objWidget->value, $this); } } // Redirect to the jumpTo page if (($objTarget = $this->objModel->getRelated('reg_jumpTo')) instanceof PageModel) { /** @var PageModel $objTarget */ $this->redirect($objTarget->getFrontendUrl()); } // Confirm $this->strTemplate = 'mod_message'; /** @var FrontendTemplate|object $objTemplate */ $objTemplate = new \FrontendTemplate($this->strTemplate); $this->Template = $objTemplate; $this->Template->type = 'confirm'; $this->Template->message = $GLOBALS['TL_LANG']['MSC']['newPasswordSet']; return; } } $strToken = md5(uniqid(mt_rand(), true)); $objSession->set('setPasswordToken', $strToken); $this->Template->formId = $strToken; $this->Template->fields = $objWidget->parse(); $this->Template->action = \Environment::get('indexFreeRequest'); $this->Template->slabel = \StringUtil::specialchars($GLOBALS['TL_LANG']['MSC']['setNewPassword']); }
/** * Generate the markup for an RSS feed tag * * @param string $href The script path * @param string $format The feed format * @param string $title The feed title * * @return string The markup string */ public static function generateFeedTag($href, $format, $title) { return '<link type="application/' . $format . '+xml" rel="alternate" href="' . $href . '" title="' . \StringUtil::specialchars($title) . '">'; }
/** * Generate the module */ protected function compile() { \System::loadLanguageFile($this->list_table); $this->loadDataContainer($this->list_table); // List a single record if (\Input::get('show')) { $this->listSingleRecord(\Input::get('show')); return; } /** * Add the search menu */ $strWhere = ''; $varKeyword = ''; $strOptions = ''; $this->Template->searchable = false; $arrSearchFields = \StringUtil::trimsplit(',', $this->list_search); if (!empty($arrSearchFields) && is_array($arrSearchFields)) { $this->Template->searchable = true; if (\Input::get('search') && \Input::get('for')) { $varKeyword = '%' . \Input::get('for') . '%'; $strWhere = (!$this->list_where ? " WHERE " : " AND ") . \Input::get('search') . " LIKE ?"; } foreach ($arrSearchFields as $field) { $strOptions .= ' <option value="' . $field . '"' . ($field == \Input::get('search') ? ' selected="selected"' : '') . '>' . (strlen($label = $GLOBALS['TL_DCA'][$this->list_table]['fields'][$field]['label'][0]) ? $label : $field) . '</option>' . "\n"; } } $this->Template->search_fields = $strOptions; /** * Get the total number of records */ $strQuery = "SELECT COUNT(*) AS count FROM " . $this->list_table; if ($this->list_where) { $strQuery .= " WHERE (" . $this->list_where . ")"; } $strQuery .= $strWhere; $objTotal = $this->Database->prepare($strQuery)->execute($varKeyword); /** * Validate the page count */ $id = 'page_l' . $this->id; $page = \Input::get($id) !== null ? \Input::get($id) : 1; $per_page = \Input::get('per_page') ?: $this->perPage; // Thanks to Hagen Klemp (see #4485) if ($per_page > 0 && ($page < 1 || $page > max(ceil($objTotal->count / $per_page), 1))) { throw new PageNotFoundException('Page not found: ' . \Environment::get('uri')); } /** * Get the selected records */ $strQuery = "SELECT " . $this->strPk . "," . $this->list_fields; if ($this->list_info_where) { $strQuery .= ", (SELECT COUNT(*) FROM " . $this->list_table . " t2 WHERE t2." . $this->strPk . "=t1." . $this->strPk . " AND " . $this->list_info_where . ") AS _details"; } $strQuery .= " FROM " . $this->list_table . " t1"; if ($this->list_where) { $strQuery .= " WHERE (" . $this->list_where . ")"; } $strQuery .= $strWhere; // Cast date fields to int (see #5609) $isInt = function ($field) { return $GLOBALS['TL_DCA'][$this->list_table]['fields'][$field]['eval']['rgxp'] == 'date' || $GLOBALS['TL_DCA'][$this->list_table]['fields'][$field]['eval']['rgxp'] == 'time' || $GLOBALS['TL_DCA'][$this->list_table]['fields'][$field]['eval']['rgxp'] == 'datim'; }; // Order by if (\Input::get('order_by')) { if ($isInt(\Input::get('order_by'))) { $strQuery .= " ORDER BY CAST(" . \Input::get('order_by') . " AS SIGNED) " . \Input::get('sort'); } else { $strQuery .= " ORDER BY " . \Input::get('order_by') . ' ' . \Input::get('sort'); } } elseif ($this->list_sort) { if ($isInt($this->list_sort)) { $strQuery .= " ORDER BY CAST(" . $this->list_sort . " AS SIGNED)"; } else { $strQuery .= " ORDER BY " . $this->list_sort; } } $objDataStmt = $this->Database->prepare($strQuery); // Limit if (\Input::get('per_page')) { $objDataStmt->limit(\Input::get('per_page'), ($page - 1) * $per_page); } elseif ($this->perPage) { $objDataStmt->limit($this->perPage, ($page - 1) * $per_page); } $objData = $objDataStmt->execute($varKeyword); /** * Prepare the URL */ $strUrl = preg_replace('/\\?.*$/', '', \Environment::get('request')); $blnQuery = false; foreach (preg_split('/&(amp;)?/', \Environment::get('queryString')) as $fragment) { if ($fragment != '' && strncasecmp($fragment, 'order_by', 8) !== 0 && strncasecmp($fragment, 'sort', 4) !== 0 && strncasecmp($fragment, $id, strlen($id)) !== 0) { $strUrl .= (!$blnQuery ? '?' : '&') . $fragment; $blnQuery = true; } } $this->Template->url = $strUrl; $strVarConnector = $blnQuery ? '&' : '?'; /** * Prepare the data arrays */ $arrTh = array(); $arrTd = array(); $arrFields = \StringUtil::trimsplit(',', $this->list_fields); // THEAD for ($i = 0, $c = count($arrFields); $i < $c; $i++) { // Never show passwords if ($GLOBALS['TL_DCA'][$this->list_table]['fields'][$arrFields[$i]]['inputType'] == 'password') { continue; } $class = ''; $sort = 'asc'; $strField = strlen($label = $GLOBALS['TL_DCA'][$this->list_table]['fields'][$arrFields[$i]]['label'][0]) ? $label : $arrFields[$i]; // Add a CSS class to the order_by column if (\Input::get('order_by') == $arrFields[$i]) { $sort = \Input::get('sort') == 'asc' ? 'desc' : 'asc'; $class = ' sorted ' . \Input::get('sort'); } $arrTh[] = array('link' => $strField, 'href' => ampersand($strUrl) . $strVarConnector . 'order_by=' . $arrFields[$i] . '&sort=' . $sort, 'title' => \StringUtil::specialchars(sprintf($GLOBALS['TL_LANG']['MSC']['list_orderBy'], $strField)), 'class' => $class . ($i == 0 ? ' col_first' : '')); } $j = 0; $arrRows = $objData->fetchAllAssoc(); // TBODY for ($i = 0, $c = count($arrRows); $i < $c; $i++) { $j = 0; $class = 'row_' . $i . ($i == 0 ? ' row_first' : '') . ($i + 1 == count($arrRows) ? ' row_last' : '') . ($i % 2 == 0 ? ' even' : ' odd'); foreach ($arrRows[$i] as $k => $v) { // Skip the primary key if ($k == $this->strPk && !in_array($this->strPk, $arrFields)) { continue; } if ($k == '_details') { continue; } // Never show passwords if ($GLOBALS['TL_DCA'][$this->list_table]['fields'][$k]['inputType'] == 'password') { continue; } $value = $this->formatValue($k, $v); $arrTd[$class][$k] = array('raw' => $v, 'content' => $value ? $value : ' ', 'class' => 'col_' . $j . ($j++ == 0 ? ' col_first' : '') . ($this->list_info ? '' : ($j >= count($arrRows[$i]) - 1 ? ' col_last' : '')), 'id' => $arrRows[$i][$this->strPk], 'field' => $k, 'url' => $strUrl . $strVarConnector . 'show=' . $arrRows[$i][$this->strPk], 'details' => isset($arrRows[$i]['_details']) ? $arrRows[$i]['_details'] : 1); } } $this->Template->thead = $arrTh; $this->Template->tbody = $arrTd; /** * Pagination */ $objPagination = new \Pagination($objTotal->count, $per_page, \Config::get('maxPaginationLinks'), $id); $this->Template->pagination = $objPagination->generate("\n "); $this->Template->per_page = $per_page; $this->Template->total = $objTotal->count; /** * Template variables */ $this->Template->action = \Environment::get('indexFreeRequest'); $this->Template->details = $this->list_info != '' ? true : false; $this->Template->search_label = \StringUtil::specialchars($GLOBALS['TL_LANG']['MSC']['search']); $this->Template->per_page_label = \StringUtil::specialchars($GLOBALS['TL_LANG']['MSC']['list_perPage']); $this->Template->fields_label = $GLOBALS['TL_LANG']['MSC']['all_fields'][0]; $this->Template->keywords_label = $GLOBALS['TL_LANG']['MSC']['keywords']; $this->Template->search = \Input::get('search'); $this->Template->for = \Input::get('for'); $this->Template->order_by = \Input::get('order_by'); $this->Template->sort = \Input::get('sort'); $this->Template->col_last = 'col_' . $j; }
/** * Recursively render the pagetree * * @param integer $id * @param integer $intMargin * @param boolean $protectedPage * @param boolean $blnNoRecursion * @param array $arrFound * * @return string */ protected function renderPagetree($id, $intMargin, $protectedPage = false, $blnNoRecursion = false, $arrFound = array()) { static $session; /** @var AttributeBagInterface $objSessionBag */ $objSessionBag = \System::getContainer()->get('session')->getBag('contao_backend'); $session = $objSessionBag->all(); $flag = substr($this->strField, 0, 2); $node = 'tree_' . $this->strTable . '_' . $this->strField; $xtnode = 'tree_' . $this->strTable . '_' . $this->strName; // Get the session data and toggle the nodes if (\Input::get($flag . 'tg')) { $session[$node][\Input::get($flag . 'tg')] = isset($session[$node][\Input::get($flag . 'tg')]) && $session[$node][\Input::get($flag . 'tg')] == 1 ? 0 : 1; $objSessionBag->replace($session); $this->redirect(preg_replace('/(&(amp;)?|\\?)' . $flag . 'tg=[^& ]*/i', '', \Environment::get('request'))); } $objPage = $this->Database->prepare("SELECT id, alias, type, protected, published, start, stop, hide, title FROM tl_page WHERE id=?")->limit(1)->execute($id); // Return if there is no result if ($objPage->numRows < 1) { return ''; } $return = ''; $intSpacing = 20; $childs = array(); // Check whether there are child records if (!$blnNoRecursion) { $objNodes = $this->Database->prepare("SELECT id FROM tl_page WHERE pid=?" . (!empty($arrFound) ? " AND id IN(" . implode(',', array_map('intval', $arrFound)) . ")" : '') . " ORDER BY sorting")->execute($id); if ($objNodes->numRows) { $childs = $objNodes->fetchEach('id'); } } $return .= "\n " . '<li class="' . ($objPage->type == 'root' ? 'tl_folder' : 'tl_file') . ' toggle_select hover-div"><div class="tl_left" style="padding-left:' . ($intMargin + $intSpacing) . 'px">'; $folderAttribute = 'style="margin-left:20px"'; $session[$node][$id] = is_numeric($session[$node][$id]) ? $session[$node][$id] : 0; $level = $intMargin / $intSpacing + 1; $blnIsOpen = !empty($arrFound) || $session[$node][$id] == 1 || in_array($id, $this->arrNodes); if (!empty($childs)) { $folderAttribute = ''; $img = $blnIsOpen ? 'folMinus.svg' : 'folPlus.svg'; $alt = $blnIsOpen ? $GLOBALS['TL_LANG']['MSC']['collapseNode'] : $GLOBALS['TL_LANG']['MSC']['expandNode']; $return .= '<a href="' . \Backend::addToUrl($flag . 'tg=' . $id) . '" title="' . \StringUtil::specialchars($alt) . '" onclick="return AjaxRequest.togglePagetree(this,\'' . $xtnode . '_' . $id . '\',\'' . $this->strField . '\',\'' . $this->strName . '\',' . $level . ')">' . \Image::getHtml($img, '', 'style="margin-right:2px"') . '</a>'; } // Set the protection status $objPage->protected = $objPage->protected || $protectedPage; // Add the current page if (!empty($childs)) { $return .= \Image::getHtml($this->getPageStatusIcon($objPage), '', $folderAttribute) . ' <a href="' . \Backend::addToUrl('pn=' . $objPage->id) . '" title="' . \StringUtil::specialchars($objPage->title . ' (' . $objPage->alias . \Config::get('urlSuffix') . ')') . '">' . ($objPage->type == 'root' ? '<strong>' : '') . $objPage->title . ($objPage->type == 'root' ? '</strong>' : '') . '</a></div> <div class="tl_right">'; } else { $return .= \Image::getHtml($this->getPageStatusIcon($objPage), '', $folderAttribute) . ' ' . ($objPage->type == 'root' ? '<strong>' : '') . $objPage->title . ($objPage->type == 'root' ? '</strong>' : '') . '</div> <div class="tl_right">'; } // Add checkbox or radio button switch ($this->fieldType) { case 'checkbox': $return .= '<input type="checkbox" name="' . $this->strName . '[]" id="' . $this->strName . '_' . $id . '" class="tl_tree_checkbox" value="' . \StringUtil::specialchars($id) . '" onfocus="Backend.getScrollOffset()"' . static::optionChecked($id, $this->varValue) . '>'; break; default: case 'radio': $return .= '<input type="radio" name="' . $this->strName . '" id="' . $this->strName . '_' . $id . '" class="tl_tree_radio" value="' . \StringUtil::specialchars($id) . '" onfocus="Backend.getScrollOffset()"' . static::optionChecked($id, $this->varValue) . '>'; break; } $return .= '</div><div style="clear:both"></div></li>'; // Begin a new submenu if ($blnIsOpen || !empty($childs) && $objSessionBag->get('page_selector_search') != '') { $return .= '<li class="parent" id="' . $node . '_' . $id . '"><ul class="level_' . $level . '">'; for ($k = 0, $c = count($childs); $k < $c; $k++) { $return .= $this->renderPagetree($childs[$k], $intMargin + $intSpacing, $objPage->protected, $blnNoRecursion, $arrFound); } $return .= '</ul></li>'; } return $return; }
/** * Generate the module */ protected function compile() { /** @var PageModel $objPage */ global $objPage; $items = array(); $groups = array(); // Get all groups of the current front end user if (FE_USER_LOGGED_IN) { $this->import('FrontendUser', 'User'); $groups = $this->User->groups; } // Get all active pages $objPages = \PageModel::findPublishedRegularWithoutGuestsByIds($this->pages); // Return if there are no pages if ($objPages === null) { return; } $arrPages = array(); // Sort the array keys according to the given order if ($this->orderPages != '') { $tmp = \StringUtil::deserialize($this->orderPages); if (!empty($tmp) && is_array($tmp)) { $arrPages = array_map(function () { }, array_flip($tmp)); } } // Add the items to the pre-sorted array while ($objPages->next()) { $arrPages[$objPages->id] = $objPages->current(); } $arrPages = array_values(array_filter($arrPages)); // Set default template if ($this->navigationTpl == '') { $this->navigationTpl = 'nav_default'; } /** @var FrontendTemplate|object $objTemplate */ $objTemplate = new \FrontendTemplate($this->navigationTpl); $objTemplate->type = get_class($this); $objTemplate->cssID = $this->cssID; // see #4897 and 6129 $objTemplate->level = 'level_1'; /** @var PageModel[] $arrPages */ foreach ($arrPages as $objModel) { $_groups = \StringUtil::deserialize($objModel->groups); // Do not show protected pages unless a back end or front end user is logged in if (!$objModel->protected || BE_USER_LOGGED_IN || is_array($_groups) && count(array_intersect($_groups, $groups)) || $this->showProtected) { // Get href switch ($objModel->type) { case 'redirect': $href = $objModel->url; break; case 'forward': if (($objNext = $objModel->getRelated('jumpTo')) instanceof PageModel) { /** @var PageModel $objNext */ $href = $objNext->getFrontendUrl(); break; } // DO NOT ADD A break; STATEMENT // DO NOT ADD A break; STATEMENT default: $href = $objModel->getFrontendUrl(); break; } $trail = in_array($objModel->id, $objPage->trail); // Active page if ($objPage->id == $objModel->id && $href == \Environment::get('request')) { $strClass = trim($objModel->cssClass); $row = $objModel->row(); $row['isActive'] = true; $row['isTrail'] = false; $row['class'] = trim('active ' . $strClass); $row['title'] = \StringUtil::specialchars($objModel->title, true); $row['pageTitle'] = \StringUtil::specialchars($objModel->pageTitle, true); $row['link'] = $objModel->title; $row['href'] = $href; $row['nofollow'] = strncmp($objModel->robots, 'noindex,nofollow', 16) === 0; $row['target'] = ''; $row['description'] = str_replace(array("\n", "\r"), array(' ', ''), $objModel->description); // Override the link target if ($objModel->type == 'redirect' && $objModel->target) { $row['target'] = ' target="_blank"'; } $items[] = $row; } else { $strClass = trim($objModel->cssClass . ($trail ? ' trail' : '')); $row = $objModel->row(); $row['isActive'] = false; $row['isTrail'] = $trail; $row['class'] = $strClass; $row['title'] = \StringUtil::specialchars($objModel->title, true); $row['pageTitle'] = \StringUtil::specialchars($objModel->pageTitle, true); $row['link'] = $objModel->title; $row['href'] = $href; $row['nofollow'] = strncmp($objModel->robots, 'noindex,nofollow', 16) === 0; $row['target'] = ''; $row['description'] = str_replace(array("\n", "\r"), array(' ', ''), $objModel->description); // Override the link target if ($objModel->type == 'redirect' && $objModel->target) { $row['target'] = ' target="_blank"'; } $items[] = $row; } } } // Add classes first and last $items[0]['class'] = trim($items[0]['class'] . ' first'); $last = count($items) - 1; $items[$last]['class'] = trim($items[$last]['class'] . ' last'); $objTemplate->items = $items; $this->Template->request = \Environment::get('indexFreeRequest'); $this->Template->skipId = 'skipNavigation' . $this->id; $this->Template->skipNavigation = \StringUtil::specialchars($GLOBALS['TL_LANG']['MSC']['skipNavigation']); $this->Template->items = !empty($items) ? $objTemplate->parse() : ''; }
/** * Run the controller and parse the template * * @return Response */ public function run() { /** @var SessionInterface $objSession */ $objSession = \System::getContainer()->get('session'); /** @var BackendTemplate|object $objTemplate */ $objTemplate = new \BackendTemplate('be_picker'); $objTemplate->main = ''; // Ajax request if ($_POST && \Environment::get('isAjaxRequest')) { $this->objAjax = new \Ajax(\Input::post('action')); $this->objAjax->executePreActions(); } $strTable = \Input::get('table'); $strField = \Input::get('field'); // Define the current ID define('CURRENT_ID', \Input::get('table') ? $objSession->get('CURRENT_ID') : \Input::get('id')); $this->loadDataContainer($strTable); $strDriver = 'DC_' . $GLOBALS['TL_DCA'][$strTable]['config']['dataContainer']; $objDca = new $strDriver($strTable); $objDca->field = $strField; // Set the active record if ($this->Database->tableExists($strTable)) { /** @var Model $strModel */ $strModel = \Model::getClassFromTable($strTable); if (class_exists($strModel)) { $objModel = $strModel::findByPk(\Input::get('id')); if ($objModel !== null) { $objDca->activeRecord = $objModel; } } } // AJAX request if ($_POST && \Environment::get('isAjaxRequest')) { $this->objAjax->executePostActions($objDca); } $objSession->set('filePickerRef', \Environment::get('request')); $arrValues = array_filter(explode(',', \Input::get('value'))); // Call the load_callback if (is_array($GLOBALS['TL_DCA'][$strTable]['fields'][$strField]['load_callback'])) { foreach ($GLOBALS['TL_DCA'][$strTable]['fields'][$strField]['load_callback'] as $callback) { if (is_array($callback)) { $this->import($callback[0]); $arrValues = $this->{$callback[0]}->{$callback[1]}($arrValues, $objDca); } elseif (is_callable($callback)) { $arrValues = $callback($arrValues, $objDca); } } } /** @var PageSelector $strClass */ $strClass = $GLOBALS['BE_FFL']['pageSelector']; /** @var PageSelector $objPageTree */ $objPageTree = new $strClass($strClass::getAttributesFromDca($GLOBALS['TL_DCA'][$strTable]['fields'][$strField], $strField, $arrValues, $strField, $strTable, $objDca)); /** @var AttributeBagInterface $objSessionBag */ $objSessionBag = $objSession->getBag('contao_backend'); $objTemplate->main = $objPageTree->generate(); $objTemplate->theme = \Backend::getTheme(); $objTemplate->base = \Environment::get('base'); $objTemplate->language = $GLOBALS['TL_LANGUAGE']; $objTemplate->title = \StringUtil::specialchars($GLOBALS['TL_LANG']['MSC']['pagepicker']); $objTemplate->charset = \Config::get('characterSet'); $objTemplate->addSearch = true; $objTemplate->search = $GLOBALS['TL_LANG']['MSC']['search']; $objTemplate->action = ampersand(\Environment::get('request')); $objTemplate->value = $objSessionBag->get('page_selector_search'); $objTemplate->breadcrumb = $GLOBALS['TL_DCA']['tl_page']['list']['sorting']['breadcrumb']; if ($this->User->hasAccess('page', 'modules')) { $objTemplate->manager = $GLOBALS['TL_LANG']['MSC']['pageManager']; $objTemplate->managerHref = 'contao/main.php?do=page&popup=1'; } if (\Input::get('switch') && $this->User->hasAccess('files', 'modules')) { $objTemplate->switch = $GLOBALS['TL_LANG']['MSC']['filePicker']; $objTemplate->switchHref = str_replace('contao/page?', 'contao/file?', ampersand(\Environment::get('request'))); } return $objTemplate->getResponse(); }
/** * Recursively get all quicknav pages and return them as array * * @param integer $pid * @param integer $level * @param string $host * @param string $language * * @return array */ protected function getQuicknavPages($pid, $level = 1, $host = null, $language = null) { /** @var PageModel $objPage */ global $objPage; $groups = array(); $arrPages = array(); // Get all groups of the current front end user if (FE_USER_LOGGED_IN) { $this->import('FrontendUser', 'User'); $groups = $this->User->groups; } // Get all active subpages $objSubpages = \PageModel::findPublishedRegularWithoutGuestsByPid($pid); if ($objSubpages === null) { return array(); } ++$level; foreach ($objSubpages as $objSubpage) { $_groups = \StringUtil::deserialize($objSubpage->groups); // Override the domain (see #3765) if ($host !== null) { $objSubpage->domain = $host; } // Do not show protected pages unless a back end or front end user is logged in if (!$objSubpage->protected || !is_array($_groups) && FE_USER_LOGGED_IN || BE_USER_LOGGED_IN || is_array($_groups) && array_intersect($_groups, $groups) || $this->showProtected) { // Do not skip the current page here! (see #4523) // Check hidden pages if (!$objSubpage->hide || $this->showHidden) { $arrPages[] = array('level' => $level - 2, 'title' => \StringUtil::specialchars(\StringUtil::stripInsertTags($objSubpage->pageTitle ?: $objSubpage->title)), 'href' => $objSubpage->getFrontendUrl(), 'link' => \StringUtil::stripInsertTags($objSubpage->title)); // Subpages if (!$this->showLevel || $this->showLevel >= $level || !$this->hardLimit && ($objPage->id == $objSubpage->id || in_array($objPage->id, $this->Database->getChildRecords($objSubpage->id, 'tl_page')))) { $subpages = $this->getQuicknavPages($objSubpage->id, $level); if (is_array($subpages)) { $arrPages = array_merge($arrPages, $subpages); } } } } } return $arrPages; }
/** * Recursively get all allowed files and return them as string * * @param string $strFolder * @param integer $level * @param string $strFilter * * @return string */ protected function doCreateFileList($strFolder = null, $level = -1, $strFilter = '') { // Deprecated since Contao 4.0, to be removed in Contao 5.0 if ($strFilter === true) { @trigger_error('Passing "true" to Backend::doCreateFileList() has been deprecated and will no longer work in Contao 5.0.', E_USER_DEPRECATED); $strFilter = 'gif,jpg,jpeg,png'; } $arrPages = scan(TL_ROOT . '/' . $strFolder); // Empty folder if (empty($arrPages)) { return ''; } // Protected folder if (array_search('.htaccess', $arrPages) !== false) { return ''; } ++$level; $strFolders = ''; $strFiles = ''; // Recursively list all files and folders foreach ($arrPages as $strFile) { if (strncmp($strFile, '.', 1) === 0) { continue; } // Folders if (is_dir(TL_ROOT . '/' . $strFolder . '/' . $strFile)) { $strFolders .= $this->doCreateFileList($strFolder . '/' . $strFile, $level, $strFilter); } else { // Filter images if ($strFilter != '' && !preg_match('/\\.(' . str_replace(',', '|', $strFilter) . ')$/i', $strFile)) { continue; } $strFiles .= sprintf('<option value="%s"%s>%s</option>', $strFolder . '/' . $strFile, $strFolder . '/' . $strFile == \Input::get('value') ? ' selected="selected"' : '', \StringUtil::specialchars($strFile)); } } if (strlen($strFiles)) { return '<optgroup label="' . \StringUtil::specialchars($strFolder) . '">' . $strFiles . $strFolders . '</optgroup>'; } return $strFiles . $strFolders; }
/** * Generate the module */ protected function compile() { // Show logout form if (FE_USER_LOGGED_IN) { $this->import('FrontendUser', 'User'); $this->Template->logout = true; $this->Template->formId = 'tl_logout_' . $this->id; $this->Template->slabel = \StringUtil::specialchars($GLOBALS['TL_LANG']['MSC']['logout']); $this->Template->loggedInAs = sprintf($GLOBALS['TL_LANG']['MSC']['loggedInAs'], $this->User->username); $this->Template->action = ampersand(\Environment::get('indexFreeRequest')); if ($this->User->lastLogin > 0) { /** @var PageModel $objPage */ global $objPage; $this->Template->lastLogin = sprintf($GLOBALS['TL_LANG']['MSC']['lastLogin'][1], \Date::parse($objPage->datimFormat, $this->User->lastLogin)); } return; } $flashBag = \System::getContainer()->get('session')->getFlashBag(); if ($flashBag->has($this->strFlashType)) { $this->Template->hasError = true; $this->Template->message = $flashBag->get($this->strFlashType)[0]; } $this->Template->username = $GLOBALS['TL_LANG']['MSC']['username']; $this->Template->password = $GLOBALS['TL_LANG']['MSC']['password'][0]; $this->Template->action = ampersand(\Environment::get('indexFreeRequest')); $this->Template->slabel = \StringUtil::specialchars($GLOBALS['TL_LANG']['MSC']['login']); $this->Template->value = \StringUtil::specialchars(\Input::post('username')); $this->Template->formId = 'tl_login_' . $this->id; $this->Template->autologin = $this->autologin && \Config::get('autologin') > 0; $this->Template->autoLabel = $GLOBALS['TL_LANG']['MSC']['autologin']; }
/** * Generate the module */ protected function compile() { $this->import('FrontendUser', 'User'); // Initialize the password widget $arrField = array('name' => 'password', 'inputType' => 'text', 'label' => $GLOBALS['TL_LANG']['MSC']['password'][0], 'eval' => array('hideInput' => true, 'mandatory' => true, 'required' => true)); $objWidget = new \FormTextField(\FormTextField::getAttributesFromDca($arrField, $arrField['name'])); $objWidget->rowClass = 'row_0 row_first even'; $strFormId = 'tl_close_account_' . $this->id; // Validate widget if (\Input::post('FORM_SUBMIT') == $strFormId) { $objWidget->validate(); // Validate the password if (!$objWidget->hasErrors()) { // The password has been generated with crypt() if (\Encryption::test($this->User->password)) { $blnAuthenticated = \Encryption::verify($objWidget->value, $this->User->password); } else { list($strPassword, $strSalt) = explode(':', $this->User->password); $blnAuthenticated = $strSalt == '' ? $strPassword === sha1($objWidget->value) : $strPassword === sha1($strSalt . $objWidget->value); } if (!$blnAuthenticated) { $objWidget->value = ''; $objWidget->addError($GLOBALS['TL_LANG']['ERR']['invalidPass']); } } // Close account if (!$objWidget->hasErrors()) { // HOOK: send account ID if (isset($GLOBALS['TL_HOOKS']['closeAccount']) && is_array($GLOBALS['TL_HOOKS']['closeAccount'])) { foreach ($GLOBALS['TL_HOOKS']['closeAccount'] as $callback) { $this->import($callback[0]); $this->{$callback[0]}->{$callback[1]}($this->User->id, $this->reg_close, $this); } } $objMember = \MemberModel::findByPk($this->User->id); // Remove the account if ($this->reg_close == 'close_delete') { $objMember->delete(); $this->log('User account ID ' . $this->User->id . ' (' . \Idna::decodeEmail($this->User->email) . ') has been deleted', __METHOD__, TL_ACCESS); } else { $objMember->disable = 1; $objMember->tstamp = time(); $objMember->save(); $this->log('User account ID ' . $this->User->id . ' (' . \Idna::decodeEmail($this->User->email) . ') has been deactivated', __METHOD__, TL_ACCESS); } $this->User->logout(); // Check whether there is a jumpTo page if (($objJumpTo = $this->objModel->getRelated('jumpTo')) instanceof PageModel) { $this->jumpToOrReload($objJumpTo->row()); } $this->reload(); } } $this->Template->fields = $objWidget->parse(); $this->Template->formId = $strFormId; $this->Template->action = \Environment::get('indexFreeRequest'); $this->Template->slabel = \StringUtil::specialchars($GLOBALS['TL_LANG']['MSC']['closeAccount']); $this->Template->rowLast = 'row_1 row_last odd'; }
/** * Generate the module */ protected function compile() { // Get the root page if (!($objTarget = $this->objModel->getRelated('rootPage')) instanceof PageModel) { return; } $groups = array(); // Get all groups of the current front end user if (FE_USER_LOGGED_IN) { $this->import('FrontendUser', 'User'); $groups = $this->User->groups; } // Get all book pages $this->arrPages[$objTarget->id] = $objTarget; $this->getBookPages($objTarget->id, $groups, time()); /** @var PageModel $objPage */ global $objPage; // Upper page if ($objPage->id != $objTarget->id) { $intKey = $objPage->pid; // Skip forward pages (see #5074) while ($this->arrPages[$intKey]->type == 'forward' && isset($this->arrPages[$intKey]->pid)) { $intKey = $this->arrPages[$intKey]->pid; } // Hide the link if the reference page is a forward page (see #5374) if (isset($this->arrPages[$intKey])) { $this->Template->hasUp = true; $this->Template->upHref = $this->arrPages[$intKey]->getFrontendUrl(); $this->Template->upTitle = \StringUtil::specialchars($this->arrPages[$intKey]->title, true); $this->Template->upPageTitle = \StringUtil::specialchars($this->arrPages[$intKey]->pageTitle, true); $this->Template->upLink = $GLOBALS['TL_LANG']['MSC']['up']; } } $arrLookup = array_keys($this->arrPages); $intCurrent = array_search($objPage->id, $arrLookup); // HOOK: add pagination info $this->Template->currentPage = $intCurrent; $this->Template->pageCount = count($arrLookup); // Previous page if ($intCurrent > 0) { $current = $intCurrent; $intKey = $arrLookup[$current - 1]; // Skip forward pages (see #5074) while ($this->arrPages[$intKey]->type == 'forward' && isset($arrLookup[--$current])) { $intKey = $arrLookup[$current - 1]; } $this->Template->hasPrev = true; $this->Template->prevHref = $this->arrPages[$intKey]->getFrontendUrl(); $this->Template->prevTitle = \StringUtil::specialchars($this->arrPages[$intKey]->title, true); $this->Template->prevPageTitle = \StringUtil::specialchars($this->arrPages[$intKey]->pageTitle, true); $this->Template->prevLink = $this->arrPages[$intKey]->title; } // Next page if ($intCurrent < count($arrLookup) - 1) { $current = $intCurrent; $intKey = $arrLookup[$current + 1]; // Skip forward pages (see #5074) while ($this->arrPages[$intKey]->type == 'forward' && isset($arrLookup[++$current])) { $intKey = $arrLookup[$current + 1]; } $this->Template->hasNext = true; $this->Template->nextHref = $this->arrPages[$intKey]->getFrontendUrl(); $this->Template->nextTitle = \StringUtil::specialchars($this->arrPages[$intKey]->title, true); $this->Template->nextPageTitle = \StringUtil::specialchars($this->arrPages[$intKey]->pageTitle, true); $this->Template->nextLink = $this->arrPages[$intKey]->title; } }
/** * Render the versions dropdown menu * * @return string */ public function renderDropdown() { $objVersion = $this->Database->prepare("SELECT tstamp, version, username, active FROM tl_version WHERE fromTable=? AND pid=? ORDER BY version DESC")->execute($this->strTable, $this->intPid); if ($objVersion->numRows < 2) { return ''; } $versions = ''; while ($objVersion->next()) { $versions .= ' <option value="' . $objVersion->version . '"' . ($objVersion->active ? ' selected="selected"' : '') . '>' . $GLOBALS['TL_LANG']['MSC']['version'] . ' ' . $objVersion->version . ' (' . \Date::parse(\Config::get('datimFormat'), $objVersion->tstamp) . ') ' . $objVersion->username . '</option>'; } return ' <div class="tl_version_panel"> <form action="' . ampersand(\Environment::get('request'), true) . '" id="tl_version" class="tl_form" method="post"> <div class="tl_formbody"> <input type="hidden" name="FORM_SUBMIT" value="tl_version"> <input type="hidden" name="REQUEST_TOKEN" value="' . REQUEST_TOKEN . '"> <select name="version" class="tl_select">' . $versions . ' </select> <button type="submit" name="showVersion" id="showVersion" class="tl_submit">' . $GLOBALS['TL_LANG']['MSC']['restore'] . '</button> <a href="' . \Backend::addToUrl('versions=1&popup=1') . '" title="' . \StringUtil::specialchars($GLOBALS['TL_LANG']['MSC']['showDifferences']) . '" onclick="Backend.openModalIframe({\'width\':768,\'title\':\'' . \StringUtil::specialchars(str_replace("'", "\\'", sprintf($GLOBALS['TL_LANG']['MSC']['recordOfTable'], $this->intPid, $this->strTable))) . '\',\'url\':this.href});return false">' . \Image::getHtml('diff.svg') . '</a> </div> </form> </div> '; }
/** * Add a form to create new comments * * @param FrontendTemplate|object $objTemplate * @param \stdClass $objConfig * @param string $strSource * @param integer $intParent * @param mixed $varNotifies */ protected function renderCommentForm(FrontendTemplate $objTemplate, \stdClass $objConfig, $strSource, $intParent, $varNotifies) { $this->import('FrontendUser', 'User'); // Access control if ($objConfig->requireLogin && !FE_USER_LOGGED_IN) { $objTemplate->requireLogin = true; $objTemplate->login = $GLOBALS['TL_LANG']['MSC']['com_login']; return; } // Confirm or remove a subscription if (\Input::get('token')) { static::changeSubscriptionStatus($objTemplate); return; } // Form fields $arrFields = array('name' => array('name' => 'name', 'label' => $GLOBALS['TL_LANG']['MSC']['com_name'], 'value' => trim($this->User->firstname . ' ' . $this->User->lastname), 'inputType' => 'text', 'eval' => array('mandatory' => true, 'maxlength' => 64)), 'email' => array('name' => 'email', 'label' => $GLOBALS['TL_LANG']['MSC']['com_email'], 'value' => $this->User->email, 'inputType' => 'text', 'eval' => array('rgxp' => 'email', 'mandatory' => true, 'maxlength' => 128, 'decodeEntities' => true)), 'website' => array('name' => 'website', 'label' => $GLOBALS['TL_LANG']['MSC']['com_website'], 'inputType' => 'text', 'eval' => array('rgxp' => 'url', 'maxlength' => 128, 'decodeEntities' => true))); // Captcha if (!$objConfig->disableCaptcha) { $arrFields['captcha'] = array('name' => 'captcha', 'label' => $GLOBALS['TL_LANG']['MSC']['securityQuestion'], 'inputType' => 'captcha', 'eval' => array('mandatory' => true)); } // Comment field $arrFields['comment'] = array('name' => 'comment', 'label' => $GLOBALS['TL_LANG']['MSC']['com_comment'], 'inputType' => 'textarea', 'eval' => array('mandatory' => true, 'rows' => 4, 'cols' => 40, 'preserveTags' => true)); // Notify me of new comments $arrFields['notify'] = array('name' => 'notify', 'label' => '', 'inputType' => 'checkbox', 'options' => array(1 => $GLOBALS['TL_LANG']['MSC']['com_notify'])); $doNotSubmit = false; $arrWidgets = array(); $strFormId = 'com_' . $strSource . '_' . $intParent; // Initialize the widgets foreach ($arrFields as $arrField) { /** @var Widget $strClass */ $strClass = $GLOBALS['TL_FFL'][$arrField['inputType']]; // Continue if the class is not defined if (!class_exists($strClass)) { continue; } $arrField['eval']['required'] = $arrField['eval']['mandatory']; /** @var Widget $objWidget */ $objWidget = new $strClass($strClass::getAttributesFromDca($arrField, $arrField['name'], $arrField['value'])); // Validate the widget if (\Input::post('FORM_SUBMIT') == $strFormId) { $objWidget->validate(); if ($objWidget->hasErrors()) { $doNotSubmit = true; } } $arrWidgets[$arrField['name']] = $objWidget; } $objTemplate->fields = $arrWidgets; $objTemplate->submit = $GLOBALS['TL_LANG']['MSC']['com_submit']; $objTemplate->action = ampersand(\Environment::get('request')); $objTemplate->messages = ''; // Deprecated since Contao 4.0, to be removed in Contao 5.0 $objTemplate->formId = $strFormId; $objTemplate->hasError = $doNotSubmit; // Do not index or cache the page with the confirmation message if ($_SESSION['TL_COMMENT_ADDED']) { /** @var PageModel $objPage */ global $objPage; $objPage->noSearch = 1; $objPage->cache = 0; $objTemplate->confirm = $GLOBALS['TL_LANG']['MSC']['com_confirm']; $_SESSION['TL_COMMENT_ADDED'] = false; } // Store the comment if (!$doNotSubmit && \Input::post('FORM_SUBMIT') == $strFormId) { $strWebsite = $arrWidgets['website']->value; // Add http:// to the website if ($strWebsite != '' && !preg_match('@^(https?://|ftp://|mailto:|#)@i', $strWebsite)) { $strWebsite = 'http://' . $strWebsite; } // Do not parse any tags in the comment $strComment = \StringUtil::specialchars(trim($arrWidgets['comment']->value)); $strComment = str_replace(array('&', '<', '>'), array('[&]', '[lt]', '[gt]'), $strComment); // Remove multiple line feeds $strComment = preg_replace('@\\n\\n+@', "\n\n", $strComment); // Parse BBCode if ($objConfig->bbcode) { $strComment = $this->parseBbCode($strComment); } // Prevent cross-site request forgeries $strComment = preg_replace('/(href|src|on[a-z]+)="[^"]*(contao\\/main\\.php|typolight\\/main\\.php|javascript|vbscri?pt|script|alert|document|cookie|window)[^"]*"+/i', '$1="#"', $strComment); $time = time(); // Prepare the record $arrSet = array('tstamp' => $time, 'source' => $strSource, 'parent' => $intParent, 'name' => $arrWidgets['name']->value, 'email' => $arrWidgets['email']->value, 'website' => $strWebsite, 'comment' => $this->convertLineFeeds($strComment), 'ip' => $this->anonymizeIp(\Environment::get('ip')), 'date' => $time, 'published' => $objConfig->moderate ? '' : 1); // Store the comment $objComment = new \CommentsModel(); $objComment->setRow($arrSet)->save(); // Store the subscription if ($arrWidgets['notify']->value) { static::addCommentsSubscription($objComment); } // HOOK: add custom logic if (isset($GLOBALS['TL_HOOKS']['addComment']) && is_array($GLOBALS['TL_HOOKS']['addComment'])) { foreach ($GLOBALS['TL_HOOKS']['addComment'] as $callback) { $this->import($callback[0]); $this->{$callback[0]}->{$callback[1]}($objComment->id, $arrSet, $this); } } // Prepare the notification mail $objEmail = new \Email(); $objEmail->from = $GLOBALS['TL_ADMIN_EMAIL']; $objEmail->fromName = $GLOBALS['TL_ADMIN_NAME']; $objEmail->subject = sprintf($GLOBALS['TL_LANG']['MSC']['com_subject'], \Idna::decode(\Environment::get('host'))); // Convert the comment to plain text $strComment = strip_tags($strComment); $strComment = \StringUtil::decodeEntities($strComment); $strComment = str_replace(array('[&]', '[lt]', '[gt]'), array('&', '<', '>'), $strComment); // Add the comment details $objEmail->text = sprintf($GLOBALS['TL_LANG']['MSC']['com_message'], $arrSet['name'] . ' (' . $arrSet['email'] . ')', $strComment, \Idna::decode(\Environment::get('base')) . \Environment::get('request'), \Idna::decode(\Environment::get('base')) . 'contao?do=comments&act=edit&id=' . $objComment->id); // Add a moderation hint to the e-mail (see #7478) if ($objConfig->moderate) { $objEmail->text .= "\n" . $GLOBALS['TL_LANG']['MSC']['com_moderated'] . "\n"; } // Do not send notifications twice if (is_array($varNotifies)) { $objEmail->sendTo(array_unique($varNotifies)); } elseif ($varNotifies != '') { $objEmail->sendTo($varNotifies); // see #5443 } // Pending for approval if ($objConfig->moderate) { $_SESSION['TL_COMMENT_ADDED'] = true; } else { static::notifyCommentsSubscribers($objComment); } $this->reload(); } }
/** * Generate the content element */ protected function compile() { /** @var PageModel $objPage */ global $objPage; $images = array(); $auxDate = array(); $objFiles = $this->objFiles; // Get all images while ($objFiles->next()) { // Continue if the files has been processed or does not exist if (isset($images[$objFiles->path]) || !file_exists(TL_ROOT . '/' . $objFiles->path)) { continue; } // Single files if ($objFiles->type == 'file') { $objFile = new \File($objFiles->path); if (!$objFile->isImage) { continue; } $arrMeta = $this->getMetaData($objFiles->meta, $objPage->language); if (empty($arrMeta)) { if ($this->metaIgnore) { continue; } elseif ($objPage->rootFallbackLanguage !== null) { $arrMeta = $this->getMetaData($objFiles->meta, $objPage->rootFallbackLanguage); } } // Use the file name as title if none is given if ($arrMeta['title'] == '') { $arrMeta['title'] = \StringUtil::specialchars($objFile->basename); } // Add the image $images[$objFiles->path] = array('id' => $objFiles->id, 'uuid' => $objFiles->uuid, 'name' => $objFile->basename, 'singleSRC' => $objFiles->path, 'title' => \StringUtil::specialchars($arrMeta['title']), 'alt' => \StringUtil::specialchars($arrMeta['alt']), 'imageUrl' => $arrMeta['link'], 'caption' => $arrMeta['caption']); $auxDate[] = $objFile->mtime; } else { $objSubfiles = \FilesModel::findByPid($objFiles->uuid); if ($objSubfiles === null) { continue; } while ($objSubfiles->next()) { // Skip subfolders if ($objSubfiles->type == 'folder') { continue; } $objFile = new \File($objSubfiles->path); if (!$objFile->isImage) { continue; } $arrMeta = $this->getMetaData($objSubfiles->meta, $objPage->language); if (empty($arrMeta)) { if ($this->metaIgnore) { continue; } elseif ($objPage->rootFallbackLanguage !== null) { $arrMeta = $this->getMetaData($objSubfiles->meta, $objPage->rootFallbackLanguage); } } // Use the file name as title if none is given if ($arrMeta['title'] == '') { $arrMeta['title'] = \StringUtil::specialchars($objFile->basename); } // Add the image $images[$objSubfiles->path] = array('id' => $objSubfiles->id, 'uuid' => $objSubfiles->uuid, 'name' => $objFile->basename, 'singleSRC' => $objSubfiles->path, 'title' => \StringUtil::specialchars($arrMeta['title']), 'alt' => \StringUtil::specialchars($arrMeta['alt']), 'imageUrl' => $arrMeta['link'], 'caption' => $arrMeta['caption']); $auxDate[] = $objFile->mtime; } } } // Sort array switch ($this->sortBy) { default: case 'name_asc': uksort($images, 'basename_natcasecmp'); break; case 'name_desc': uksort($images, 'basename_natcasercmp'); break; case 'date_asc': array_multisort($images, SORT_NUMERIC, $auxDate, SORT_ASC); break; case 'date_desc': array_multisort($images, SORT_NUMERIC, $auxDate, SORT_DESC); break; // Deprecated since Contao 4.0, to be removed in Contao 5.0 // Deprecated since Contao 4.0, to be removed in Contao 5.0 case 'meta': @trigger_error('The "meta" key in ContentGallery::compile() has been deprecated and will no longer work in Contao 5.0.', E_USER_DEPRECATED); // no break; // no break; case 'custom': if ($this->orderSRC != '') { $tmp = \StringUtil::deserialize($this->orderSRC); if (!empty($tmp) && is_array($tmp)) { // Remove all values $arrOrder = array_map(function () { }, array_flip($tmp)); // Move the matching elements to their position in $arrOrder foreach ($images as $k => $v) { if (array_key_exists($v['uuid'], $arrOrder)) { $arrOrder[$v['uuid']] = $v; unset($images[$k]); } } // Append the left-over images at the end if (!empty($images)) { $arrOrder = array_merge($arrOrder, array_values($images)); } // Remove empty (unreplaced) entries $images = array_values(array_filter($arrOrder)); unset($arrOrder); } } break; case 'random': shuffle($images); $this->Template->isRandomOrder = true; break; } $images = array_values($images); // Limit the total number of items (see #2652) if ($this->numberOfItems > 0) { $images = array_slice($images, 0, $this->numberOfItems); } $offset = 0; $total = count($images); $limit = $total; // Paginate the result of not randomly sorted (see #8033) if ($this->perPage > 0 && $this->sortBy != 'random') { // Get the current page $id = 'page_g' . $this->id; $page = \Input::get($id) !== null ? \Input::get($id) : 1; // Do not index or cache the page if the page number is outside the range if ($page < 1 || $page > max(ceil($total / $this->perPage), 1)) { throw new PageNotFoundException('Page not found: ' . \Environment::get('uri')); } // Set limit and offset $offset = ($page - 1) * $this->perPage; $limit = min($this->perPage + $offset, $total); $objPagination = new \Pagination($total, $this->perPage, \Config::get('maxPaginationLinks'), $id); $this->Template->pagination = $objPagination->generate("\n "); } $rowcount = 0; $colwidth = floor(100 / $this->perRow); $intMaxWidth = TL_MODE == 'BE' ? floor(640 / $this->perRow) : floor(\Config::get('maxImageWidth') / $this->perRow); $strLightboxId = 'lightbox[lb' . $this->id . ']'; $body = array(); // Rows for ($i = $offset; $i < $limit; $i = $i + $this->perRow) { $class_tr = ''; if ($rowcount == 0) { $class_tr .= ' row_first'; } if ($i + $this->perRow >= $limit) { $class_tr .= ' row_last'; } $class_eo = $rowcount % 2 == 0 ? ' even' : ' odd'; // Columns for ($j = 0; $j < $this->perRow; $j++) { $class_td = ''; if ($j == 0) { $class_td .= ' col_first'; } if ($j == $this->perRow - 1) { $class_td .= ' col_last'; } $objCell = new \stdClass(); $key = 'row_' . $rowcount . $class_tr . $class_eo; // Empty cell if (!is_array($images[$i + $j]) || $j + $i >= $limit) { $objCell->colWidth = $colwidth . '%'; $objCell->class = 'col_' . $j . $class_td; } else { // Add size and margin $images[$i + $j]['size'] = $this->size; $images[$i + $j]['imagemargin'] = $this->imagemargin; $images[$i + $j]['fullsize'] = $this->fullsize; $this->addImageToTemplate($objCell, $images[$i + $j], $intMaxWidth, $strLightboxId); // Add column width and class $objCell->colWidth = $colwidth . '%'; $objCell->class = 'col_' . $j . $class_td; } $body[$key][$j] = $objCell; } ++$rowcount; } $strTemplate = 'gallery_default'; // Use a custom template if (TL_MODE == 'FE' && $this->galleryTpl != '') { $strTemplate = $this->galleryTpl; } /** @var FrontendTemplate|object $objTemplate */ $objTemplate = new \FrontendTemplate($strTemplate); $objTemplate->setData($this->arrData); $objTemplate->body = $body; $objTemplate->headline = $this->headline; // see #1603 $this->Template->images = $objTemplate->parse(); }
/** * Generate the module */ protected function compile() { // Mark the x and y parameter as used (see #4277) if (isset($_GET['x'])) { \Input::get('x'); \Input::get('y'); } // Trigger the search module from a custom form if (!isset($_GET['keywords']) && \Input::post('FORM_SUBMIT') == 'tl_search') { $_GET['keywords'] = \Input::post('keywords'); $_GET['query_type'] = \Input::post('query_type'); $_GET['per_page'] = \Input::post('per_page'); } $blnFuzzy = $this->fuzzy; $strQueryType = \Input::get('query_type') ?: $this->queryType; $strKeywords = trim(\Input::get('keywords')); $this->Template->uniqueId = $this->id; $this->Template->queryType = $strQueryType; $this->Template->keyword = \StringUtil::specialchars($strKeywords); $this->Template->keywordLabel = $GLOBALS['TL_LANG']['MSC']['keywords']; $this->Template->optionsLabel = $GLOBALS['TL_LANG']['MSC']['options']; $this->Template->search = \StringUtil::specialchars($GLOBALS['TL_LANG']['MSC']['searchLabel']); $this->Template->matchAll = \StringUtil::specialchars($GLOBALS['TL_LANG']['MSC']['matchAll']); $this->Template->matchAny = \StringUtil::specialchars($GLOBALS['TL_LANG']['MSC']['matchAny']); $this->Template->action = ampersand(\Environment::get('indexFreeRequest')); $this->Template->advanced = $this->searchType == 'advanced'; // Redirect page if ($this->jumpTo && ($objTarget = $this->objModel->getRelated('jumpTo')) instanceof PageModel) { /** @var PageModel $objTarget */ $this->Template->action = $objTarget->getFrontendUrl(); } $this->Template->pagination = ''; $this->Template->results = ''; // Execute the search if there are keywords if ($strKeywords != '' && $strKeywords != '*' && !$this->jumpTo) { // Reference page if ($this->rootPage > 0) { $intRootId = $this->rootPage; $arrPages = $this->Database->getChildRecords($this->rootPage, 'tl_page'); array_unshift($arrPages, $this->rootPage); } else { /** @var PageModel $objPage */ global $objPage; $intRootId = $objPage->rootId; $arrPages = $this->Database->getChildRecords($objPage->rootId, 'tl_page'); } // HOOK: add custom logic (see #5223) if (isset($GLOBALS['TL_HOOKS']['customizeSearch']) && is_array($GLOBALS['TL_HOOKS']['customizeSearch'])) { foreach ($GLOBALS['TL_HOOKS']['customizeSearch'] as $callback) { $this->import($callback[0]); $this->{$callback[0]}->{$callback[1]}($arrPages, $strKeywords, $strQueryType, $blnFuzzy); } } // Return if there are no pages if (!is_array($arrPages) || empty($arrPages)) { return; } $strCachePath = str_replace(TL_ROOT . DIRECTORY_SEPARATOR, '', \System::getContainer()->getParameter('kernel.cache_dir')); $arrResult = null; $strChecksum = md5($strKeywords . $strQueryType . $intRootId . $blnFuzzy); $query_starttime = microtime(true); $strCacheFile = $strCachePath . '/contao/search/' . $strChecksum . '.json'; // Load the cached result if (file_exists(TL_ROOT . '/' . $strCacheFile)) { $objFile = new \File($strCacheFile); if ($objFile->mtime > time() - 1800) { $arrResult = json_decode($objFile->getContent(), true); } else { $objFile->delete(); } } // Cache the result if ($arrResult === null) { try { $objSearch = \Search::searchFor($strKeywords, $strQueryType == 'or', $arrPages, 0, 0, $blnFuzzy); $arrResult = $objSearch->fetchAllAssoc(); } catch (\Exception $e) { $this->log('Website search failed: ' . $e->getMessage(), __METHOD__, TL_ERROR); $arrResult = array(); } \File::putContent($strCacheFile, json_encode($arrResult)); } $query_endtime = microtime(true); // Sort out protected pages if (\Config::get('indexProtected') && !BE_USER_LOGGED_IN) { $this->import('FrontendUser', 'User'); foreach ($arrResult as $k => $v) { if ($v['protected']) { if (!FE_USER_LOGGED_IN) { unset($arrResult[$k]); } else { $groups = \StringUtil::deserialize($v['groups']); if (!is_array($groups) || empty($groups) || !count(array_intersect($groups, $this->User->groups))) { unset($arrResult[$k]); } } } } $arrResult = array_values($arrResult); } $count = count($arrResult); $this->Template->count = $count; $this->Template->page = null; $this->Template->keywords = $strKeywords; // No results if ($count < 1) { $this->Template->header = sprintf($GLOBALS['TL_LANG']['MSC']['sEmpty'], $strKeywords); $this->Template->duration = substr($query_endtime - $query_starttime, 0, 6) . ' ' . $GLOBALS['TL_LANG']['MSC']['seconds']; return; } $from = 1; $to = $count; // Pagination if ($this->perPage > 0) { $id = 'page_s' . $this->id; $page = \Input::get($id) !== null ? \Input::get($id) : 1; $per_page = \Input::get('per_page') ?: $this->perPage; // Do not index or cache the page if the page number is outside the range if ($page < 1 || $page > max(ceil($count / $per_page), 1)) { throw new PageNotFoundException('Page not found: ' . \Environment::get('uri')); } $from = ($page - 1) * $per_page + 1; $to = $from + $per_page > $count ? $count : $from + $per_page - 1; // Pagination menu if ($to < $count || $from > 1) { $objPagination = new \Pagination($count, $per_page, \Config::get('maxPaginationLinks'), $id); $this->Template->pagination = $objPagination->generate("\n "); } $this->Template->page = $page; } // Get the results for ($i = $from - 1; $i < $to && $i < $count; $i++) { /** @var FrontendTemplate|object $objTemplate */ $objTemplate = new \FrontendTemplate($this->searchTpl); $objTemplate->url = $arrResult[$i]['url']; $objTemplate->link = $arrResult[$i]['title']; $objTemplate->href = $arrResult[$i]['url']; $objTemplate->title = \StringUtil::specialchars($arrResult[$i]['title']); $objTemplate->class = ($i == $from - 1 ? 'first ' : '') . ($i == $to - 1 || $i == $count - 1 ? 'last ' : '') . ($i % 2 == 0 ? 'even' : 'odd'); $objTemplate->relevance = sprintf($GLOBALS['TL_LANG']['MSC']['relevance'], number_format($arrResult[$i]['relevance'] / $arrResult[0]['relevance'] * 100, 2) . '%'); $objTemplate->filesize = $arrResult[$i]['filesize']; $objTemplate->matches = $arrResult[$i]['matches']; $arrContext = array(); $arrMatches = \StringUtil::trimsplit(',', $arrResult[$i]['matches']); // Get the context foreach ($arrMatches as $strWord) { $arrChunks = array(); preg_match_all('/(^|\\b.{0,' . $this->contextLength . '}\\PL)' . str_replace('+', '\\+', $strWord) . '(\\PL.{0,' . $this->contextLength . '}\\b|$)/ui', $arrResult[$i]['text'], $arrChunks); foreach ($arrChunks[0] as $strContext) { $arrContext[] = ' ' . $strContext . ' '; } } // Shorten the context and highlight all keywords if (!empty($arrContext)) { $objTemplate->context = trim(\StringUtil::substrHtml(implode('…', $arrContext), $this->totalLength)); $objTemplate->context = preg_replace('/(\\PL)(' . implode('|', $arrMatches) . ')(\\PL)/ui', '$1<mark class="highlight">$2</mark>$3', $objTemplate->context); $objTemplate->hasContext = true; } $this->Template->results .= $objTemplate->parse(); } $this->Template->header = vsprintf($GLOBALS['TL_LANG']['MSC']['sResults'], array($from, $to, $count, $strKeywords)); $this->Template->duration = substr($query_endtime - $query_starttime, 0, 6) . ' ' . $GLOBALS['TL_LANG']['MSC']['seconds']; } }
/** * Return a single attribute * * @param string $strKey The attribute name * * @return string The attribute markup */ public function getAttribute($strKey) { if (!isset($this->arrAttributes[$strKey])) { return ''; } $varValue = $this->arrAttributes[$strKey]; // Prevent the autofocus attribute from being added multiple times (see #8281) if ($strKey == 'autofocus') { unset($this->arrAttributes[$strKey]); } if ($strKey == 'disabled' || $strKey == 'readonly' || $strKey == 'required' || $strKey == 'autofocus' || $strKey == 'multiple') { return ' ' . $strKey; } elseif ($varValue != '') { return ' ' . $strKey . '="' . \StringUtil::specialchars($varValue) . '"'; } return ''; }
/** * Generate the module */ protected function compile() { /** @var PageModel $objPage */ global $objPage; $GLOBALS['TL_LANGUAGE'] = $objPage->language; \System::loadLanguageFile('tl_member'); $this->loadDataContainer('tl_member'); // Call onload_callback (e.g. to check permissions) if (is_array($GLOBALS['TL_DCA']['tl_member']['config']['onload_callback'])) { foreach ($GLOBALS['TL_DCA']['tl_member']['config']['onload_callback'] as $callback) { if (is_array($callback)) { $this->import($callback[0]); $this->{$callback[0]}->{$callback[1]}(); } elseif (is_callable($callback)) { $callback(); } } } // Activate account if (\Input::get('token') != '') { $this->activateAcount(); return; } if ($this->memberTpl != '') { /** @var FrontendTemplate|object $objTemplate */ $objTemplate = new \FrontendTemplate($this->memberTpl); $this->Template = $objTemplate; $this->Template->setData($this->arrData); } $this->Template->fields = ''; $objCaptcha = null; $doNotSubmit = false; $strFormId = 'tl_registration_' . $this->id; // Predefine the group order (other groups will be appended automatically) $arrGroups = array('personal' => array(), 'address' => array(), 'contact' => array(), 'login' => array(), 'profile' => array()); // Captcha if (!$this->disableCaptcha) { $arrCaptcha = array('id' => 'registration', 'label' => $GLOBALS['TL_LANG']['MSC']['securityQuestion'], 'type' => 'captcha', 'mandatory' => true, 'required' => true); /** @var FormCaptcha $strClass */ $strClass = $GLOBALS['TL_FFL']['captcha']; // Fallback to default if the class is not defined if (!class_exists($strClass)) { $strClass = 'FormCaptcha'; } /** @var FormCaptcha $objCaptcha */ $objCaptcha = new $strClass($arrCaptcha); if (\Input::post('FORM_SUBMIT') == $strFormId) { $objCaptcha->validate(); if ($objCaptcha->hasErrors()) { $doNotSubmit = true; } } } $objMember = null; // Check for a follow-up registration (see #7992) if (\Input::post('email', true) != '' && ($objMember = \MemberModel::findUnactivatedByEmail(\Input::post('email', true))) !== null) { $this->resendActivationMail($objMember); return; } $arrUser = array(); $arrFields = array(); $hasUpload = false; $i = 0; // Build form foreach ($this->editable as $field) { $arrData = $GLOBALS['TL_DCA']['tl_member']['fields'][$field]; // Map checkboxWizards to regular checkbox widgets if ($arrData['inputType'] == 'checkboxWizard') { $arrData['inputType'] = 'checkbox'; } // Map fileTrees to upload widgets (see #8091) if ($arrData['inputType'] == 'fileTree') { $arrData['inputType'] = 'upload'; } /** @var Widget $strClass */ $strClass = $GLOBALS['TL_FFL'][$arrData['inputType']]; // Continue if the class is not defined if (!class_exists($strClass)) { continue; } $arrData['eval']['required'] = $arrData['eval']['mandatory']; // Unset the unique field check upon follow-up registrations if ($objMember !== null && $arrData['eval']['unique'] && \Input::post($field) == $objMember->{$field}) { $arrData['eval']['unique'] = false; } $objWidget = new $strClass($strClass::getAttributesFromDca($arrData, $field, $arrData['default'], '', '', $this)); $objWidget->storeValues = true; $objWidget->rowClass = 'row_' . $i . ($i == 0 ? ' row_first' : '') . ($i % 2 == 0 ? ' even' : ' odd'); // Increase the row count if its a password field if ($objWidget instanceof FormPassword) { $objWidget->rowClassConfirm = 'row_' . ++$i . ($i % 2 == 0 ? ' even' : ' odd'); } // Validate input if (\Input::post('FORM_SUBMIT') == $strFormId) { $objWidget->validate(); $varValue = $objWidget->value; // Check whether the password matches the username if ($objWidget instanceof FormPassword && \Encryption::verify(\Input::post('username'), $varValue)) { $objWidget->addError($GLOBALS['TL_LANG']['ERR']['passwordName']); } $rgxp = $arrData['eval']['rgxp']; // Convert date formats into timestamps (check the eval setting first -> #3063) if ($varValue != '' && in_array($rgxp, array('date', 'time', 'datim'))) { try { $objDate = new \Date($varValue, \Date::getFormatFromRgxp($rgxp)); $varValue = $objDate->tstamp; } catch (\OutOfBoundsException $e) { $objWidget->addError(sprintf($GLOBALS['TL_LANG']['ERR']['invalidDate'], $varValue)); } } // Make sure that unique fields are unique (check the eval setting first -> #3063) if ($arrData['eval']['unique'] && $varValue != '' && !$this->Database->isUniqueValue('tl_member', $field, $varValue)) { $objWidget->addError(sprintf($GLOBALS['TL_LANG']['ERR']['unique'], $arrData['label'][0] ?: $field)); } // Save callback if ($objWidget->submitInput() && !$objWidget->hasErrors() && is_array($arrData['save_callback'])) { foreach ($arrData['save_callback'] as $callback) { try { if (is_array($callback)) { $this->import($callback[0]); $varValue = $this->{$callback[0]}->{$callback[1]}($varValue, null); } elseif (is_callable($callback)) { $varValue = $callback($varValue, null); } } catch (\Exception $e) { $objWidget->class = 'error'; $objWidget->addError($e->getMessage()); } } } // Store the current value if ($objWidget->hasErrors()) { $doNotSubmit = true; } elseif ($objWidget->submitInput()) { // Set the correct empty value (see #6284, #6373) if ($varValue === '') { $varValue = $objWidget->getEmptyValue(); } // Encrypt the value (see #7815) if ($arrData['eval']['encrypt']) { $varValue = \Encryption::encrypt($varValue); } // Set the new value $arrUser[$field] = $varValue; } } if ($objWidget instanceof \uploadable) { $hasUpload = true; } $temp = $objWidget->parse(); $this->Template->fields .= $temp; $arrFields[$arrData['eval']['feGroup']][$field] .= $temp; ++$i; } // Captcha if (!$this->disableCaptcha) { $objCaptcha->rowClass = 'row_' . $i . ($i == 0 ? ' row_first' : '') . ($i % 2 == 0 ? ' even' : ' odd'); $strCaptcha = $objCaptcha->parse(); $this->Template->fields .= $strCaptcha; $arrFields['captcha']['captcha'] .= $strCaptcha; } $this->Template->rowLast = 'row_' . ++$i . ($i % 2 == 0 ? ' even' : ' odd'); $this->Template->enctype = $hasUpload ? 'multipart/form-data' : 'application/x-www-form-urlencoded'; $this->Template->hasError = $doNotSubmit; // Create new user if there are no errors if (\Input::post('FORM_SUBMIT') == $strFormId && !$doNotSubmit) { $this->createNewUser($arrUser); } $this->Template->loginDetails = $GLOBALS['TL_LANG']['tl_member']['loginDetails']; $this->Template->addressDetails = $GLOBALS['TL_LANG']['tl_member']['addressDetails']; $this->Template->contactDetails = $GLOBALS['TL_LANG']['tl_member']['contactDetails']; $this->Template->personalData = $GLOBALS['TL_LANG']['tl_member']['personalData']; $this->Template->captchaDetails = $GLOBALS['TL_LANG']['MSC']['securityQuestion']; // Add the groups foreach ($arrFields as $k => $v) { // Deprecated since Contao 4.0, to be removed in Contao 5.0 $this->Template->{$k} = $v; $key = $k . ($k == 'personal' ? 'Data' : 'Details'); $arrGroups[$GLOBALS['TL_LANG']['tl_member'][$key]] = $v; } $this->Template->categories = $arrGroups; $this->Template->formId = $strFormId; $this->Template->slabel = \StringUtil::specialchars($GLOBALS['TL_LANG']['MSC']['register']); $this->Template->action = \Environment::get('indexFreeRequest'); // Deprecated since Contao 4.0, to be removed in Contao 5.0 $this->Template->captcha = $arrFields['captcha']['captcha']; }
/** * Run the controller and parse the password template * * @return Response */ public function run() { /** @var BackendTemplate|object $objTemplate */ $objTemplate = new \BackendTemplate('be_password'); if (\Input::post('FORM_SUBMIT') == 'tl_password') { $pw = \Input::postUnsafeRaw('password'); $cnf = \Input::postUnsafeRaw('confirm'); // The passwords do not match if ($pw != $cnf) { \Message::addError($GLOBALS['TL_LANG']['ERR']['passwordMatch']); } elseif (Utf8::strlen($pw) < \Config::get('minPasswordLength')) { \Message::addError(sprintf($GLOBALS['TL_LANG']['ERR']['passwordLength'], \Config::get('minPasswordLength'))); } elseif ($pw == $this->User->username) { \Message::addError($GLOBALS['TL_LANG']['ERR']['passwordName']); } else { // Make sure the password has been changed if (\Encryption::verify($pw, $this->User->password)) { \Message::addError($GLOBALS['TL_LANG']['MSC']['pw_change']); } else { $this->loadDataContainer('tl_user'); // Trigger the save_callback if (is_array($GLOBALS['TL_DCA']['tl_user']['fields']['password']['save_callback'])) { foreach ($GLOBALS['TL_DCA']['tl_user']['fields']['password']['save_callback'] as $callback) { if (is_array($callback)) { $this->import($callback[0]); $pw = $this->{$callback[0]}->{$callback[1]}($pw); } elseif (is_callable($callback)) { $pw = $callback($pw); } } } $objUser = \UserModel::findByPk($this->User->id); $objUser->pwChange = ''; $objUser->password = \Encryption::hash($pw); $objUser->save(); \Message::addConfirmation($GLOBALS['TL_LANG']['MSC']['pw_changed']); $this->redirect('contao/main.php'); } } $this->reload(); } $objTemplate->theme = \Backend::getTheme(); $objTemplate->messages = \Message::generate(); $objTemplate->base = \Environment::get('base'); $objTemplate->language = $GLOBALS['TL_LANGUAGE']; $objTemplate->title = \StringUtil::specialchars($GLOBALS['TL_LANG']['MSC']['pw_new']); $objTemplate->charset = \Config::get('characterSet'); $objTemplate->action = ampersand(\Environment::get('request')); $objTemplate->headline = $GLOBALS['TL_LANG']['MSC']['pw_change']; $objTemplate->submitButton = \StringUtil::specialchars($GLOBALS['TL_LANG']['MSC']['continue']); $objTemplate->password = $GLOBALS['TL_LANG']['MSC']['password'][0]; $objTemplate->confirm = $GLOBALS['TL_LANG']['MSC']['confirm'][0]; return $objTemplate->getResponse(); }
/** * Generate the module */ protected function compile() { // Show logout form if (FE_USER_LOGGED_IN) { $this->import('FrontendUser', 'User'); $this->Template->logout = true; $this->Template->formId = 'tl_logout_' . $this->id; $this->Template->slabel = \StringUtil::specialchars($GLOBALS['TL_LANG']['MSC']['logout']); $this->Template->loggedInAs = sprintf($GLOBALS['TL_LANG']['MSC']['loggedInAs'], $this->User->username); $this->Template->action = ampersand(\Environment::get('indexFreeRequest')); if ($this->User->lastLogin > 0) { /** @var PageModel $objPage */ global $objPage; $this->Template->lastLogin = sprintf($GLOBALS['TL_LANG']['MSC']['lastLogin'][1], \Date::parse($objPage->datimFormat, $this->User->lastLogin)); } return; } $blnHasError = false; if (isset($_SESSION['MESSAGES'][TL_MODE]['TL_ERROR'])) { $blnHasError = true; $_SESSION['LOGIN_ERROR'] = $_SESSION['MESSAGES'][TL_MODE]['TL_ERROR'][0]; unset($_SESSION['MESSAGES'][TL_MODE]['TL_ERROR']); } if (isset($_SESSION['LOGIN_ERROR'])) { $blnHasError = true; $this->Template->message = $_SESSION['LOGIN_ERROR']; } $this->Template->hasError = $blnHasError; $this->Template->username = $GLOBALS['TL_LANG']['MSC']['username']; $this->Template->password = $GLOBALS['TL_LANG']['MSC']['password'][0]; $this->Template->action = ampersand(\Environment::get('indexFreeRequest')); $this->Template->slabel = \StringUtil::specialchars($GLOBALS['TL_LANG']['MSC']['login']); $this->Template->value = \StringUtil::specialchars(\Input::post('username')); $this->Template->formId = 'tl_login_' . $this->id; $this->Template->autologin = $this->autologin && \Config::get('autologin') > 0; $this->Template->autoLabel = $GLOBALS['TL_LANG']['MSC']['autologin']; }