Convert special characters to HTML entities preventing double conversions
/**
* Run the controller and parse the login template
*
* @return Response
*/
public function run()
{
/** @var BackendTemplate|object $objTemplate */
$objTemplate = new \BackendTemplate('be_login');
$strHeadline = sprintf($GLOBALS['TL_LANG']['MSC']['loginTo'], \Config::get('websiteTitle'));
$objTemplate->theme = \Backend::getTheme();
$objTemplate->messages = \Message::generate();
$objTemplate->base = \Environment::get('base');
$objTemplate->language = $GLOBALS['TL_LANGUAGE'];
$objTemplate->languages = \System::getLanguages(true);
$objTemplate->title = \StringUtil::specialchars($strHeadline);
$objTemplate->charset = \Config::get('characterSet');
$objTemplate->action = ampersand(\Environment::get('request'));
$objTemplate->userLanguage = $GLOBALS['TL_LANG']['tl_user']['language'][0];
$objTemplate->headline = $strHeadline;
$objTemplate->curLanguage = \Input::post('language') ?: str_replace('-', '_', $GLOBALS['TL_LANGUAGE']);
$objTemplate->curUsername = \Input::post('username') ?: '';
$objTemplate->uClass = $_POST && empty($_POST['username']) ? ' class="login_error"' : '';
$objTemplate->pClass = $_POST && empty($_POST['password']) ? ' class="login_error"' : '';
$objTemplate->loginButton = \StringUtil::specialchars($GLOBALS['TL_LANG']['MSC']['loginBT']);
$objTemplate->username = $GLOBALS['TL_LANG']['tl_user']['username'][0];
$objTemplate->password = $GLOBALS['TL_LANG']['MSC']['password'][0];
$objTemplate->feLink = $GLOBALS['TL_LANG']['MSC']['feLink'];
$objTemplate->default = $GLOBALS['TL_LANG']['MSC']['default'];
$objTemplate->jsDisabled = $GLOBALS['TL_LANG']['MSC']['jsDisabled'];
return $objTemplate->getResponse();
}
/**
* Generate the module
*/
protected function compile()
{
/** @var PageModel $objPage */
global $objPage;
// Set the trail and level
if ($this->defineRoot && $this->rootPage > 0) {
$trail = array($this->rootPage);
$level = 0;
} else {
$trail = $objPage->trail;
$level = $this->levelOffset > 0 ? $this->levelOffset : 0;
}
$lang = null;
$host = null;
// Overwrite the domain and language if the reference page belongs to a differnt root page (see #3765)
if ($this->defineRoot && $this->rootPage > 0) {
$objRootPage = \PageModel::findWithDetails($this->rootPage);
// Set the language
if (\Config::get('addLanguageToUrl') && $objRootPage->rootLanguage != $objPage->rootLanguage) {
$lang = $objRootPage->rootLanguage;
}
// Set the domain
if ($objRootPage->rootId != $objPage->rootId && $objRootPage->domain != '' && $objRootPage->domain != $objPage->domain) {
$host = $objRootPage->domain;
}
}
$this->Template->request = ampersand(\Environment::get('indexFreeRequest'));
$this->Template->skipId = 'skipNavigation' . $this->id;
$this->Template->skipNavigation = \StringUtil::specialchars($GLOBALS['TL_LANG']['MSC']['skipNavigation']);
$this->Template->items = $this->renderNavigation($trail[$level], 1, $host, $lang);
}
/**
* Generate the module
*/
protected function compile()
{
/** @var PageModel $objPage */
global $objPage;
if (!strlen($this->inColumn)) {
$this->inColumn = 'main';
}
$intCount = 0;
$articles = array();
$id = $objPage->id;
$this->Template->request = \Environment::get('request');
// Show the articles of a different page
if ($this->defineRoot && $this->rootPage > 0) {
if (($objTarget = $this->objModel->getRelated('rootPage')) instanceof PageModel) {
$id = $objTarget->id;
/** @var PageModel $objTarget */
$this->Template->request = $objTarget->getFrontendUrl();
}
}
// Get published articles
$objArticles = \ArticleModel::findPublishedByPidAndColumn($id, $this->inColumn);
if ($objArticles === null) {
return;
}
while ($objArticles->next()) {
// Skip first article
if (++$intCount <= intval($this->skipFirst)) {
continue;
}
$cssID = \StringUtil::deserialize($objArticles->cssID, true);
$articles[] = array('link' => $objArticles->title, 'title' => \StringUtil::specialchars($objArticles->title), 'id' => $cssID[0] ?: 'article-' . $objArticles->id, 'articleId' => $objArticles->id);
}
$this->Template->articles = $articles;
}
/**
* Generate the module
*/
protected function compile()
{
$objFaq = \FaqModel::findPublishedByPids($this->faq_categories);
if ($objFaq === null) {
$this->Template->faq = array();
return;
}
$arrFaq = array_fill_keys($this->faq_categories, array());
// Add FAQs
while ($objFaq->next()) {
$arrTemp = $objFaq->row();
$arrTemp['title'] = \StringUtil::specialchars($objFaq->question, true);
$arrTemp['href'] = $this->generateFaqLink($objFaq);
/** @var FaqCategoryModel $objPid */
$objPid = $objFaq->getRelated('pid');
$arrFaq[$objFaq->pid]['items'][] = $arrTemp;
$arrFaq[$objFaq->pid]['headline'] = $objPid->headline;
$arrFaq[$objFaq->pid]['title'] = $objPid->title;
}
$arrFaq = array_values(array_filter($arrFaq));
$cat_count = 0;
$cat_limit = count($arrFaq);
// Add classes
foreach ($arrFaq as $k => $v) {
$count = 0;
$limit = count($v['items']);
for ($i = 0; $i < $limit; $i++) {
$arrFaq[$k]['items'][$i]['class'] = trim((++$count == 1 ? ' first' : '') . ($count >= $limit ? ' last' : '') . ($count % 2 == 0 ? ' odd' : ' even'));
}
$arrFaq[$k]['class'] = trim((++$cat_count == 1 ? ' first' : '') . ($cat_count >= $cat_limit ? ' last' : '') . ($cat_count % 2 == 0 ? ' odd' : ' even'));
}
$this->Template->faq = $arrFaq;
}
/**
* {@inheritdoc}
*/
protected function write(array $record)
{
$this->createStatement();
/** @var \DateTime $date */
$date = $record['datetime'];
/** @var ContaoContext $context */
$context = $record['extra']['contao'];
$this->statement->execute(['tstamp' => $date->format('U'), 'text' => StringUtil::specialchars((string) $record['formatted']), 'source' => (string) $context->getSource(), 'action' => (string) $context->getAction(), 'username' => (string) $context->getUsername(), 'func' => (string) $context->getFunc(), 'ip' => (string) $context->getIp(), 'browser' => (string) $context->getBrowser()]);
}
/**
* Show the raw markdown code in the back end
*
* @return string
*/
public function generate()
{
if (TL_MODE == 'BE') {
$return = '<pre>' . \StringUtil::specialchars($this->code) . '</pre>';
if ($this->headline != '') {
$return = '<' . $this->hl . '>' . $this->headline . '</' . $this->hl . '>' . $return;
}
return $return;
}
return parent::generate();
}
/**
* Run the controller and parse the template
*
* @return Response
*/
public function run()
{
/** @var BackendTemplate|object $objTemplate */
$objTemplate = new \BackendTemplate('be_alerts');
$objTemplate->theme = \Backend::getTheme();
$objTemplate->base = \Environment::get('base');
$objTemplate->language = $GLOBALS['TL_LANGUAGE'];
$objTemplate->title = \StringUtil::specialchars($GLOBALS['TL_LANG']['MSC']['systemMessages']);
$objTemplate->charset = \Config::get('characterSet');
$objTemplate->messages = \Message::generateUnwrapped() . \Backend::getSystemMessages();
return $objTemplate->getResponse();
}
/**
* Run the controller and parse the template
*
* @return Response
*/
public function run()
{
/** @var BackendTemplate|object $objTemplate */
$objTemplate = new \BackendTemplate('be_preview');
$objTemplate->base = \Environment::get('base');
$objTemplate->language = $GLOBALS['TL_LANGUAGE'];
$objTemplate->title = \StringUtil::specialchars($GLOBALS['TL_LANG']['MSC']['fePreview']);
$objTemplate->charset = \Config::get('characterSet');
$objTemplate->site = \Input::get('site', true);
$objTemplate->switchHref = \System::getContainer()->get('router')->generate('contao_backend_switch');
$strUrl = null;
if (\Input::get('url')) {
$strUrl = \Environment::get('base') . \Input::get('url');
} elseif (\Input::get('page')) {
$strUrl = $this->redirectToFrontendPage(\Input::get('page'), \Input::get('article'), true);
} else {
$event = new PreviewUrlConvertEvent();
\System::getContainer()->get('event_dispatcher')->dispatch(ContaoCoreEvents::PREVIEW_URL_CONVERT, $event);
$strUrl = $event->getUrl();
}
if ($strUrl === null) {
$strUrl = \System::getContainer()->get('router')->generate('contao_root', [], UrlGeneratorInterface::ABSOLUTE_URL);
}
$objTemplate->url = $strUrl;
// Switch to a particular member (see #6546)
if (\Input::get('user') && $this->User->isAdmin) {
$objUser = \MemberModel::findByUsername(\Input::get('user'));
if ($objUser !== null) {
$strHash = $this->getSessionHash('FE_USER_AUTH');
// Remove old sessions
$this->Database->prepare("DELETE FROM tl_session WHERE tstamp<? OR hash=?")->execute(time() - \Config::get('sessionTimeout'), $strHash);
// Insert the new session
$this->Database->prepare("INSERT INTO tl_session (pid, tstamp, name, sessionID, ip, hash) VALUES (?, ?, ?, ?, ?, ?)")->execute($objUser->id, time(), 'FE_USER_AUTH', \System::getContainer()->get('session')->getId(), \Environment::get('ip'), $strHash);
// Set the cookie
$this->setCookie('FE_USER_AUTH', $strHash, time() + \Config::get('sessionTimeout'), null, null, false, true);
$objTemplate->user = \Input::post('user');
}
}
return $objTemplate->getResponse();
}
/**
* Generate the module
*/
protected function compile()
{
/** @var PageModel $objPage */
global $objPage;
$intActive = null;
$articles = array();
$intCount = 1;
foreach ($this->objArticles as $objArticle) {
$strAlias = $objArticle->alias ?: $objArticle->id;
// Active article
if (\Input::get('articles') == $strAlias) {
$articles[] = array('isActive' => true, 'href' => $objPage->getFrontendUrl('/articles/' . $strAlias), 'title' => \StringUtil::specialchars($objArticle->title, true), 'link' => $intCount);
$intActive = $intCount - 1;
} else {
$articles[] = array('isActive' => false, 'href' => $objPage->getFrontendUrl('/articles/' . $strAlias), 'title' => \StringUtil::specialchars($objArticle->title, true), 'link' => $intCount);
}
++$intCount;
}
$this->Template->articles = $articles;
$total = count($articles);
// Link to first element
if ($intActive > 1) {
$this->Template->first = array('href' => $articles[0]['href'], 'title' => $articles[0]['title'], 'link' => $GLOBALS['TL_LANG']['MSC']['first']);
}
$key = $intActive - 1;
// Link to previous element
if ($intCount > 1 && $key >= 0) {
$this->Template->previous = array('href' => $articles[$key]['href'], 'title' => $articles[$key]['title'], 'link' => $GLOBALS['TL_LANG']['MSC']['previous']);
}
$key = $intActive + 1;
// Link to next element
if ($intCount > 1 && $key < $total) {
$this->Template->next = array('href' => $articles[$key]['href'], 'title' => $articles[$key]['title'], 'link' => $GLOBALS['TL_LANG']['MSC']['next']);
}
$key = $total - 1;
// Link to last element
if ($intCount > 1 && $intActive < $key - 1) {
$this->Template->last = array('href' => $articles[$key]['href'], 'title' => $articles[$key]['title'], 'link' => $GLOBALS['TL_LANG']['MSC']['last']);
}
}
/**
* Generate the module
*/
protected function compile()
{
/** @var PageModel $objPage */
global $objPage;
$this->import('FrontendUser', 'User');
$GLOBALS['TL_LANGUAGE'] = $objPage->language;
\System::loadLanguageFile('tl_member');
$this->loadDataContainer('tl_member');
// Old password widget
$arrFields['oldPassword'] = array('name' => 'oldpassword', 'label' => &$GLOBALS['TL_LANG']['MSC']['oldPassword'], 'inputType' => 'text', 'eval' => array('mandatory' => true, 'preserveTags' => true, 'hideInput' => true));
// New password widget
$arrFields['newPassword'] = $GLOBALS['TL_DCA']['tl_member']['fields']['password'];
$arrFields['newPassword']['name'] = 'password';
$arrFields['newPassword']['label'] =& $GLOBALS['TL_LANG']['MSC']['newPassword'];
$row = 0;
$strFields = '';
$doNotSubmit = false;
$objMember = \MemberModel::findByPk($this->User->id);
$strFormId = 'tl_change_password_' . $this->id;
$flashBag = \System::getContainer()->get('session')->getFlashBag();
$strTable = $objMember->getTable();
// Initialize the versioning (see #8301)
$objVersions = new \Versions($strTable, $objMember->id);
$objVersions->setUsername($objMember->username);
$objVersions->setUserId(0);
$objVersions->setEditUrl('contao/main.php?do=member&act=edit&id=%s&rt=1');
$objVersions->initialize();
/** @var FormTextField $objOldPassword */
$objOldPassword = null;
/** @var FormPassword $objNewPassword */
$objNewPassword = null;
// Initialize the widgets
foreach ($arrFields as $strKey => $arrField) {
/** @var Widget $strClass */
$strClass = $GLOBALS['TL_FFL'][$arrField['inputType']];
// Continue if the class is not defined
if (!class_exists($strClass)) {
continue;
}
$arrField['eval']['required'] = $arrField['eval']['mandatory'];
/** @var Widget $objWidget */
$objWidget = new $strClass($strClass::getAttributesFromDca($arrField, $arrField['name']));
$objWidget->storeValues = true;
$objWidget->rowClass = 'row_' . $row . ($row == 0 ? ' row_first' : '') . ($row % 2 == 0 ? ' even' : ' odd');
// Increase the row count if it is a password field
if ($objWidget instanceof FormPassword) {
$objWidget->rowClassConfirm = 'row_' . ++$row . ($row % 2 == 0 ? ' even' : ' odd');
}
++$row;
// Store the widget objects
$strVar = 'obj' . ucfirst($strKey);
${$strVar} = $objWidget;
// Validate the widget
if (\Input::post('FORM_SUBMIT') == $strFormId) {
$objWidget->validate();
// Validate the old password
if ($strKey == 'oldPassword') {
if (\Encryption::test($objMember->password)) {
$blnAuthenticated = \Encryption::verify($objWidget->value, $objMember->password);
} else {
list($strPassword, $strSalt) = explode(':', $objMember->password);
$blnAuthenticated = $strSalt == '' ? $strPassword === sha1($objWidget->value) : $strPassword === sha1($strSalt . $objWidget->value);
}
if (!$blnAuthenticated) {
$objWidget->value = '';
$objWidget->addError($GLOBALS['TL_LANG']['MSC']['oldPasswordWrong']);
sleep(2);
// Wait 2 seconds while brute forcing :)
}
}
if ($objWidget->hasErrors()) {
$doNotSubmit = true;
}
}
$strFields .= $objWidget->parse();
}
$this->Template->fields = $strFields;
$this->Template->hasError = $doNotSubmit;
// Store the new password
if (\Input::post('FORM_SUBMIT') == $strFormId && !$doNotSubmit) {
$objMember->tstamp = time();
$objMember->password = $objNewPassword->value;
$objMember->save();
// Create a new version
if ($GLOBALS['TL_DCA'][$strTable]['config']['enableVersioning']) {
$objVersions->create();
}
// HOOK: set new password callback
if (isset($GLOBALS['TL_HOOKS']['setNewPassword']) && is_array($GLOBALS['TL_HOOKS']['setNewPassword'])) {
foreach ($GLOBALS['TL_HOOKS']['setNewPassword'] as $callback) {
$this->import($callback[0]);
$this->{$callback[0]}->{$callback[1]}($objMember, $objNewPassword->value, $this);
}
}
// Check whether there is a jumpTo page
if (($objJumpTo = $this->objModel->getRelated('jumpTo')) instanceof PageModel) {
$this->jumpToOrReload($objJumpTo->row());
}
$flashBag->set('mod_change_password_confirm', $GLOBALS['TL_LANG']['MSC']['newPasswordSet']);
$this->reload();
}
// Confirmation message
if ($flashBag->has('mod_change_password_confirm')) {
$arrMessages = $flashBag->get('mod_change_password_confirm');
$this->Template->message = $arrMessages[0];
}
$this->Template->formId = $strFormId;
$this->Template->action = \Environment::get('indexFreeRequest');
$this->Template->slabel = \StringUtil::specialchars($GLOBALS['TL_LANG']['MSC']['changePassword']);
$this->Template->rowLast = 'row_' . $row . ' row_last' . ($row % 2 == 0 ? ' even' : ' odd');
}
/**
* Recursively render the filetree
*
* @param string $path
* @param integer $intMargin
* @param boolean $mount
* @param boolean $blnProtected
* @param array $arrFound
*
* @return string
*/
protected function renderFiletree($path, $intMargin, $mount = false, $blnProtected = true, $arrFound = array())
{
// Invalid path
if (!is_dir($path)) {
return '';
}
// Make sure that $this->varValue is an array (see #3369)
if (!is_array($this->varValue)) {
$this->varValue = array($this->varValue);
}
static $session;
/** @var AttributeBagInterface $objSessionBag */
$objSessionBag = \System::getContainer()->get('session')->getBag('contao_backend');
$session = $objSessionBag->all();
$flag = substr($this->strField, 0, 2);
$node = 'tree_' . $this->strTable . '_' . $this->strField;
$xtnode = 'tree_' . $this->strTable . '_' . $this->strName;
// Get session data and toggle nodes
if (\Input::get($flag . 'tg')) {
$session[$node][\Input::get($flag . 'tg')] = isset($session[$node][\Input::get($flag . 'tg')]) && $session[$node][\Input::get($flag . 'tg')] == 1 ? 0 : 1;
$objSessionBag->replace($session);
$this->redirect(preg_replace('/(&(amp;)?|\\?)' . $flag . 'tg=[^& ]*/i', '', \Environment::get('request')));
}
$return = '';
$intSpacing = 20;
$files = array();
$folders = array();
$level = $intMargin / $intSpacing + 1;
// Mount folder
if ($mount) {
$folders = array($path);
} else {
foreach (scan($path) as $v) {
if (strncmp($v, '.', 1) === 0) {
continue;
}
if (is_dir($path . '/' . $v)) {
$folders[] = $path . '/' . $v;
} else {
$files[] = $path . '/' . $v;
}
}
}
natcasesort($folders);
$folders = array_values($folders);
natcasesort($files);
$files = array_values($files);
// Sort descending (see #4072)
if ($this->sort == 'desc') {
$folders = array_reverse($folders);
$files = array_reverse($files);
}
$folderClass = $this->files || $this->filesOnly ? 'tl_folder' : 'tl_file';
// Process folders
for ($f = 0, $c = count($folders); $f < $c; $f++) {
$content = scan($folders[$f]);
$currentFolder = str_replace(TL_ROOT . '/', '', $folders[$f]);
$countFiles = count($content);
// Check whether there are subfolders or files
foreach ($content as $file) {
if (strncmp($file, '.', 1) === 0) {
--$countFiles;
} elseif (!$this->files && !$this->filesOnly && is_file($folders[$f] . '/' . $file)) {
--$countFiles;
} elseif (!empty($arrFound) && !in_array($currentFolder . '/' . $file, $arrFound) && !preg_grep('/^' . preg_quote($currentFolder . '/' . $file, '/') . '\\//', $arrFound)) {
--$countFiles;
}
}
if (!empty($arrFound) && $countFiles < 1 && !in_array($currentFolder, $arrFound)) {
continue;
}
$tid = md5($folders[$f]);
$folderAttribute = 'style="margin-left:20px"';
$session[$node][$tid] = is_numeric($session[$node][$tid]) ? $session[$node][$tid] : 0;
$currentFolder = str_replace(TL_ROOT . '/', '', $folders[$f]);
$blnIsOpen = !empty($arrFound) || $session[$node][$tid] == 1 || count(preg_grep('/^' . preg_quote($currentFolder, '/') . '\\//', $this->varValue)) > 0;
$return .= "\n " . '<li class="' . $folderClass . ' toggle_select hover-div"><div class="tl_left" style="padding-left:' . $intMargin . 'px">';
// Add a toggle button if there are childs
if ($countFiles > 0) {
$folderAttribute = '';
$img = $blnIsOpen ? 'folMinus.svg' : 'folPlus.svg';
$alt = $blnIsOpen ? $GLOBALS['TL_LANG']['MSC']['collapseNode'] : $GLOBALS['TL_LANG']['MSC']['expandNode'];
$return .= '<a href="' . \Backend::addToUrl($flag . 'tg=' . $tid) . '" title="' . \StringUtil::specialchars($alt) . '" onclick="return AjaxRequest.toggleFiletree(this,\'' . $xtnode . '_' . $tid . '\',\'' . $currentFolder . '\',\'' . $this->strField . '\',\'' . $this->strName . '\',' . $level . ')">' . \Image::getHtml($img, '', 'style="margin-right:2px"') . '</a>';
}
$protected = $blnProtected;
// Check whether the folder is public
if ($protected === true && array_search('.public', $content) !== false) {
$protected = false;
}
$folderImg = $protected ? 'folderCP.svg' : 'folderC.svg';
$folderLabel = $this->files || $this->filesOnly ? '<strong>' . \StringUtil::specialchars(basename($currentFolder)) . '</strong>' : \StringUtil::specialchars(basename($currentFolder));
// Add the current folder
$return .= \Image::getHtml($folderImg, '', $folderAttribute) . ' <a href="' . \Backend::addToUrl('fn=' . $this->urlEncode($currentFolder)) . '" title="' . \StringUtil::specialchars($GLOBALS['TL_LANG']['MSC']['selectNode']) . '">' . $folderLabel . '</a></div> <div class="tl_right">';
// Add a checkbox or radio button
if (!$this->filesOnly) {
switch ($this->fieldType) {
case 'checkbox':
$return .= '<input type="checkbox" name="' . $this->strName . '[]" id="' . $this->strName . '_' . md5($currentFolder) . '" class="tl_tree_checkbox" value="' . \StringUtil::specialchars($currentFolder) . '" onfocus="Backend.getScrollOffset()"' . $this->optionChecked($currentFolder, $this->varValue) . '>';
break;
case 'radio':
$return .= '<input type="radio" name="' . $this->strName . '" id="' . $this->strName . '_' . md5($currentFolder) . '" class="tl_tree_radio" value="' . \StringUtil::specialchars($currentFolder) . '" onfocus="Backend.getScrollOffset()"' . $this->optionChecked($currentFolder, $this->varValue) . '>';
break;
}
}
$return .= '</div><div style="clear:both"></div></li>';
// Call the next node
if ($blnIsOpen) {
$return .= '<li class="parent" id="' . $xtnode . '_' . $tid . '"><ul class="level_' . $level . '">';
$return .= $this->renderFiletree($folders[$f], $intMargin + $intSpacing, false, $protected, $arrFound);
$return .= '</ul></li>';
}
}
// Process files
if ($this->files || $this->filesOnly) {
for ($h = 0, $c = count($files); $h < $c; $h++) {
$thumbnail = '';
$currentFile = str_replace(TL_ROOT . '/', '', $files[$h]);
$currentEncoded = $this->urlEncode($currentFile);
$objFile = new \File($currentFile);
if (!empty($this->arrValidFileTypes) && !in_array($objFile->extension, $this->arrValidFileTypes)) {
continue;
}
// Ignore files not matching the search criteria
if (!empty($arrFound) && !in_array($currentFile, $arrFound)) {
continue;
}
$return .= "\n " . '<li class="tl_file toggle_select hover-div"><div class="tl_left" style="padding-left:' . ($intMargin + $intSpacing) . 'px">';
$thumbnail .= ' <span class="tl_gray">(' . $this->getReadableSize($objFile->filesize);
if ($objFile->width && $objFile->height) {
$thumbnail .= ', ' . $objFile->width . 'x' . $objFile->height . ' px';
}
$thumbnail .= ')</span>';
// Generate thumbnail
if ($objFile->isImage && $objFile->viewHeight > 0 && \Config::get('thumbnails') && ($objFile->isSvgImage || $objFile->height <= \Config::get('gdMaxImgHeight') && $objFile->width <= \Config::get('gdMaxImgWidth'))) {
$imageObj = \Image::create($currentEncoded, array(400, $objFile->height && $objFile->height < 50 ? $objFile->height : 50, 'box'));
$importantPart = $imageObj->getImportantPart();
$thumbnail .= '<br>' . \Image::getHtml($imageObj->executeResize()->getResizedPath(), '', 'style="margin:0 0 2px -19px"');
if ($importantPart['x'] > 0 || $importantPart['y'] > 0 || $importantPart['width'] < $objFile->width || $importantPart['height'] < $objFile->height) {
$thumbnail .= ' ' . \Image::getHtml($imageObj->setZoomLevel(100)->setTargetWidth(320)->setTargetHeight($objFile->height && $objFile->height < 40 ? $objFile->height : 40)->executeResize()->getResizedPath(), '', 'style="margin:0 0 2px 0;vertical-align:bottom"');
}
}
$return .= \Image::getHtml($objFile->icon, $objFile->mime) . ' ' . \StringUtil::convertEncoding(\StringUtil::specialchars(basename($currentFile)), \Config::get('characterSet')) . $thumbnail . '</div> <div class="tl_right">';
// Add checkbox or radio button
switch ($this->fieldType) {
case 'checkbox':
$return .= '<input type="checkbox" name="' . $this->strName . '[]" id="' . $this->strName . '_' . md5($currentFile) . '" class="tl_tree_checkbox" value="' . \StringUtil::specialchars($currentFile) . '" onfocus="Backend.getScrollOffset()"' . $this->optionChecked($currentFile, $this->varValue) . '>';
break;
case 'radio':
$return .= '<input type="radio" name="' . $this->strName . '" id="' . $this->strName . '_' . md5($currentFile) . '" class="tl_tree_radio" value="' . \StringUtil::specialchars($currentFile) . '" onfocus="Backend.getScrollOffset()"' . $this->optionChecked($currentFile, $this->varValue) . '>';
break;
}
$return .= '</div><div style="clear:both"></div></li>';
}
}
return $return;
}
/**
* Set the new password
*/
protected function setNewPassword()
{
$objMember = \MemberModel::findOneByActivation(\Input::get('token'));
if ($objMember === null || $objMember->login == '') {
$this->strTemplate = 'mod_message';
/** @var FrontendTemplate|object $objTemplate */
$objTemplate = new \FrontendTemplate($this->strTemplate);
$this->Template = $objTemplate;
$this->Template->type = 'error';
$this->Template->message = $GLOBALS['TL_LANG']['MSC']['accountError'];
return;
}
$strTable = $objMember->getTable();
// Initialize the versioning (see #8301)
$objVersions = new \Versions($strTable, $objMember->id);
$objVersions->setUsername($objMember->username);
$objVersions->setUserId(0);
$objVersions->setEditUrl('contao/main.php?do=member&act=edit&id=%s&rt=1');
$objVersions->initialize();
// Define the form field
$arrField = $GLOBALS['TL_DCA']['tl_member']['fields']['password'];
/** @var Widget $strClass */
$strClass = $GLOBALS['TL_FFL']['password'];
// Fallback to default if the class is not defined
if (!class_exists($strClass)) {
$strClass = 'FormPassword';
}
/** @var Widget $objWidget */
$objWidget = new $strClass($strClass::getAttributesFromDca($arrField, 'password'));
// Set row classes
$objWidget->rowClass = 'row_0 row_first even';
$objWidget->rowClassConfirm = 'row_1 odd';
$this->Template->rowLast = 'row_2 row_last even';
/** @var SessionInterface $objSession */
$objSession = \System::getContainer()->get('session');
// Validate the field
if (strlen(\Input::post('FORM_SUBMIT')) && \Input::post('FORM_SUBMIT') == $objSession->get('setPasswordToken')) {
$objWidget->validate();
// Set the new password and redirect
if (!$objWidget->hasErrors()) {
$objSession->set('setPasswordToken', '');
$objMember->tstamp = time();
$objMember->activation = '';
$objMember->password = $objWidget->value;
$objMember->save();
// Create a new version
if ($GLOBALS['TL_DCA'][$strTable]['config']['enableVersioning']) {
$objVersions->create();
}
// HOOK: set new password callback
if (isset($GLOBALS['TL_HOOKS']['setNewPassword']) && is_array($GLOBALS['TL_HOOKS']['setNewPassword'])) {
foreach ($GLOBALS['TL_HOOKS']['setNewPassword'] as $callback) {
$this->import($callback[0]);
$this->{$callback[0]}->{$callback[1]}($objMember, $objWidget->value, $this);
}
}
// Redirect to the jumpTo page
if (($objTarget = $this->objModel->getRelated('reg_jumpTo')) instanceof PageModel) {
/** @var PageModel $objTarget */
$this->redirect($objTarget->getFrontendUrl());
}
// Confirm
$this->strTemplate = 'mod_message';
/** @var FrontendTemplate|object $objTemplate */
$objTemplate = new \FrontendTemplate($this->strTemplate);
$this->Template = $objTemplate;
$this->Template->type = 'confirm';
$this->Template->message = $GLOBALS['TL_LANG']['MSC']['newPasswordSet'];
return;
}
}
$strToken = md5(uniqid(mt_rand(), true));
$objSession->set('setPasswordToken', $strToken);
$this->Template->formId = $strToken;
$this->Template->fields = $objWidget->parse();
$this->Template->action = \Environment::get('indexFreeRequest');
$this->Template->slabel = \StringUtil::specialchars($GLOBALS['TL_LANG']['MSC']['setNewPassword']);
}
/**
* Generate the markup for an RSS feed tag
*
* @param string $href The script path
* @param string $format The feed format
* @param string $title The feed title
*
* @return string The markup string
*/
public static function generateFeedTag($href, $format, $title)
{
return '<link type="application/' . $format . '+xml" rel="alternate" href="' . $href . '" title="' . \StringUtil::specialchars($title) . '">';
}
/**
* Generate the module
*/
protected function compile()
{
\System::loadLanguageFile($this->list_table);
$this->loadDataContainer($this->list_table);
// List a single record
if (\Input::get('show')) {
$this->listSingleRecord(\Input::get('show'));
return;
}
/**
* Add the search menu
*/
$strWhere = '';
$varKeyword = '';
$strOptions = '';
$this->Template->searchable = false;
$arrSearchFields = \StringUtil::trimsplit(',', $this->list_search);
if (!empty($arrSearchFields) && is_array($arrSearchFields)) {
$this->Template->searchable = true;
if (\Input::get('search') && \Input::get('for')) {
$varKeyword = '%' . \Input::get('for') . '%';
$strWhere = (!$this->list_where ? " WHERE " : " AND ") . \Input::get('search') . " LIKE ?";
}
foreach ($arrSearchFields as $field) {
$strOptions .= ' <option value="' . $field . '"' . ($field == \Input::get('search') ? ' selected="selected"' : '') . '>' . (strlen($label = $GLOBALS['TL_DCA'][$this->list_table]['fields'][$field]['label'][0]) ? $label : $field) . '</option>' . "\n";
}
}
$this->Template->search_fields = $strOptions;
/**
* Get the total number of records
*/
$strQuery = "SELECT COUNT(*) AS count FROM " . $this->list_table;
if ($this->list_where) {
$strQuery .= " WHERE (" . $this->list_where . ")";
}
$strQuery .= $strWhere;
$objTotal = $this->Database->prepare($strQuery)->execute($varKeyword);
/**
* Validate the page count
*/
$id = 'page_l' . $this->id;
$page = \Input::get($id) !== null ? \Input::get($id) : 1;
$per_page = \Input::get('per_page') ?: $this->perPage;
// Thanks to Hagen Klemp (see #4485)
if ($per_page > 0 && ($page < 1 || $page > max(ceil($objTotal->count / $per_page), 1))) {
throw new PageNotFoundException('Page not found: ' . \Environment::get('uri'));
}
/**
* Get the selected records
*/
$strQuery = "SELECT " . $this->strPk . "," . $this->list_fields;
if ($this->list_info_where) {
$strQuery .= ", (SELECT COUNT(*) FROM " . $this->list_table . " t2 WHERE t2." . $this->strPk . "=t1." . $this->strPk . " AND " . $this->list_info_where . ") AS _details";
}
$strQuery .= " FROM " . $this->list_table . " t1";
if ($this->list_where) {
$strQuery .= " WHERE (" . $this->list_where . ")";
}
$strQuery .= $strWhere;
// Cast date fields to int (see #5609)
$isInt = function ($field) {
return $GLOBALS['TL_DCA'][$this->list_table]['fields'][$field]['eval']['rgxp'] == 'date' || $GLOBALS['TL_DCA'][$this->list_table]['fields'][$field]['eval']['rgxp'] == 'time' || $GLOBALS['TL_DCA'][$this->list_table]['fields'][$field]['eval']['rgxp'] == 'datim';
};
// Order by
if (\Input::get('order_by')) {
if ($isInt(\Input::get('order_by'))) {
$strQuery .= " ORDER BY CAST(" . \Input::get('order_by') . " AS SIGNED) " . \Input::get('sort');
} else {
$strQuery .= " ORDER BY " . \Input::get('order_by') . ' ' . \Input::get('sort');
}
} elseif ($this->list_sort) {
if ($isInt($this->list_sort)) {
$strQuery .= " ORDER BY CAST(" . $this->list_sort . " AS SIGNED)";
} else {
$strQuery .= " ORDER BY " . $this->list_sort;
}
}
$objDataStmt = $this->Database->prepare($strQuery);
// Limit
if (\Input::get('per_page')) {
$objDataStmt->limit(\Input::get('per_page'), ($page - 1) * $per_page);
} elseif ($this->perPage) {
$objDataStmt->limit($this->perPage, ($page - 1) * $per_page);
}
$objData = $objDataStmt->execute($varKeyword);
/**
* Prepare the URL
*/
$strUrl = preg_replace('/\\?.*$/', '', \Environment::get('request'));
$blnQuery = false;
foreach (preg_split('/&(amp;)?/', \Environment::get('queryString')) as $fragment) {
if ($fragment != '' && strncasecmp($fragment, 'order_by', 8) !== 0 && strncasecmp($fragment, 'sort', 4) !== 0 && strncasecmp($fragment, $id, strlen($id)) !== 0) {
$strUrl .= (!$blnQuery ? '?' : '&') . $fragment;
$blnQuery = true;
}
}
$this->Template->url = $strUrl;
$strVarConnector = $blnQuery ? '&' : '?';
/**
* Prepare the data arrays
*/
$arrTh = array();
$arrTd = array();
$arrFields = \StringUtil::trimsplit(',', $this->list_fields);
// THEAD
for ($i = 0, $c = count($arrFields); $i < $c; $i++) {
// Never show passwords
if ($GLOBALS['TL_DCA'][$this->list_table]['fields'][$arrFields[$i]]['inputType'] == 'password') {
continue;
}
$class = '';
$sort = 'asc';
$strField = strlen($label = $GLOBALS['TL_DCA'][$this->list_table]['fields'][$arrFields[$i]]['label'][0]) ? $label : $arrFields[$i];
// Add a CSS class to the order_by column
if (\Input::get('order_by') == $arrFields[$i]) {
$sort = \Input::get('sort') == 'asc' ? 'desc' : 'asc';
$class = ' sorted ' . \Input::get('sort');
}
$arrTh[] = array('link' => $strField, 'href' => ampersand($strUrl) . $strVarConnector . 'order_by=' . $arrFields[$i] . '&sort=' . $sort, 'title' => \StringUtil::specialchars(sprintf($GLOBALS['TL_LANG']['MSC']['list_orderBy'], $strField)), 'class' => $class . ($i == 0 ? ' col_first' : ''));
}
$j = 0;
$arrRows = $objData->fetchAllAssoc();
// TBODY
for ($i = 0, $c = count($arrRows); $i < $c; $i++) {
$j = 0;
$class = 'row_' . $i . ($i == 0 ? ' row_first' : '') . ($i + 1 == count($arrRows) ? ' row_last' : '') . ($i % 2 == 0 ? ' even' : ' odd');
foreach ($arrRows[$i] as $k => $v) {
// Skip the primary key
if ($k == $this->strPk && !in_array($this->strPk, $arrFields)) {
continue;
}
if ($k == '_details') {
continue;
}
// Never show passwords
if ($GLOBALS['TL_DCA'][$this->list_table]['fields'][$k]['inputType'] == 'password') {
continue;
}
$value = $this->formatValue($k, $v);
$arrTd[$class][$k] = array('raw' => $v, 'content' => $value ? $value : ' ', 'class' => 'col_' . $j . ($j++ == 0 ? ' col_first' : '') . ($this->list_info ? '' : ($j >= count($arrRows[$i]) - 1 ? ' col_last' : '')), 'id' => $arrRows[$i][$this->strPk], 'field' => $k, 'url' => $strUrl . $strVarConnector . 'show=' . $arrRows[$i][$this->strPk], 'details' => isset($arrRows[$i]['_details']) ? $arrRows[$i]['_details'] : 1);
}
}
$this->Template->thead = $arrTh;
$this->Template->tbody = $arrTd;
/**
* Pagination
*/
$objPagination = new \Pagination($objTotal->count, $per_page, \Config::get('maxPaginationLinks'), $id);
$this->Template->pagination = $objPagination->generate("\n ");
$this->Template->per_page = $per_page;
$this->Template->total = $objTotal->count;
/**
* Template variables
*/
$this->Template->action = \Environment::get('indexFreeRequest');
$this->Template->details = $this->list_info != '' ? true : false;
$this->Template->search_label = \StringUtil::specialchars($GLOBALS['TL_LANG']['MSC']['search']);
$this->Template->per_page_label = \StringUtil::specialchars($GLOBALS['TL_LANG']['MSC']['list_perPage']);
$this->Template->fields_label = $GLOBALS['TL_LANG']['MSC']['all_fields'][0];
$this->Template->keywords_label = $GLOBALS['TL_LANG']['MSC']['keywords'];
$this->Template->search = \Input::get('search');
$this->Template->for = \Input::get('for');
$this->Template->order_by = \Input::get('order_by');
$this->Template->sort = \Input::get('sort');
$this->Template->col_last = 'col_' . $j;
}
/**
* Recursively render the pagetree
*
* @param integer $id
* @param integer $intMargin
* @param boolean $protectedPage
* @param boolean $blnNoRecursion
* @param array $arrFound
*
* @return string
*/
protected function renderPagetree($id, $intMargin, $protectedPage = false, $blnNoRecursion = false, $arrFound = array())
{
static $session;
/** @var AttributeBagInterface $objSessionBag */
$objSessionBag = \System::getContainer()->get('session')->getBag('contao_backend');
$session = $objSessionBag->all();
$flag = substr($this->strField, 0, 2);
$node = 'tree_' . $this->strTable . '_' . $this->strField;
$xtnode = 'tree_' . $this->strTable . '_' . $this->strName;
// Get the session data and toggle the nodes
if (\Input::get($flag . 'tg')) {
$session[$node][\Input::get($flag . 'tg')] = isset($session[$node][\Input::get($flag . 'tg')]) && $session[$node][\Input::get($flag . 'tg')] == 1 ? 0 : 1;
$objSessionBag->replace($session);
$this->redirect(preg_replace('/(&(amp;)?|\\?)' . $flag . 'tg=[^& ]*/i', '', \Environment::get('request')));
}
$objPage = $this->Database->prepare("SELECT id, alias, type, protected, published, start, stop, hide, title FROM tl_page WHERE id=?")->limit(1)->execute($id);
// Return if there is no result
if ($objPage->numRows < 1) {
return '';
}
$return = '';
$intSpacing = 20;
$childs = array();
// Check whether there are child records
if (!$blnNoRecursion) {
$objNodes = $this->Database->prepare("SELECT id FROM tl_page WHERE pid=?" . (!empty($arrFound) ? " AND id IN(" . implode(',', array_map('intval', $arrFound)) . ")" : '') . " ORDER BY sorting")->execute($id);
if ($objNodes->numRows) {
$childs = $objNodes->fetchEach('id');
}
}
$return .= "\n " . '<li class="' . ($objPage->type == 'root' ? 'tl_folder' : 'tl_file') . ' toggle_select hover-div"><div class="tl_left" style="padding-left:' . ($intMargin + $intSpacing) . 'px">';
$folderAttribute = 'style="margin-left:20px"';
$session[$node][$id] = is_numeric($session[$node][$id]) ? $session[$node][$id] : 0;
$level = $intMargin / $intSpacing + 1;
$blnIsOpen = !empty($arrFound) || $session[$node][$id] == 1 || in_array($id, $this->arrNodes);
if (!empty($childs)) {
$folderAttribute = '';
$img = $blnIsOpen ? 'folMinus.svg' : 'folPlus.svg';
$alt = $blnIsOpen ? $GLOBALS['TL_LANG']['MSC']['collapseNode'] : $GLOBALS['TL_LANG']['MSC']['expandNode'];
$return .= '<a href="' . \Backend::addToUrl($flag . 'tg=' . $id) . '" title="' . \StringUtil::specialchars($alt) . '" onclick="return AjaxRequest.togglePagetree(this,\'' . $xtnode . '_' . $id . '\',\'' . $this->strField . '\',\'' . $this->strName . '\',' . $level . ')">' . \Image::getHtml($img, '', 'style="margin-right:2px"') . '</a>';
}
// Set the protection status
$objPage->protected = $objPage->protected || $protectedPage;
// Add the current page
if (!empty($childs)) {
$return .= \Image::getHtml($this->getPageStatusIcon($objPage), '', $folderAttribute) . ' <a href="' . \Backend::addToUrl('pn=' . $objPage->id) . '" title="' . \StringUtil::specialchars($objPage->title . ' (' . $objPage->alias . \Config::get('urlSuffix') . ')') . '">' . ($objPage->type == 'root' ? '<strong>' : '') . $objPage->title . ($objPage->type == 'root' ? '</strong>' : '') . '</a></div> <div class="tl_right">';
} else {
$return .= \Image::getHtml($this->getPageStatusIcon($objPage), '', $folderAttribute) . ' ' . ($objPage->type == 'root' ? '<strong>' : '') . $objPage->title . ($objPage->type == 'root' ? '</strong>' : '') . '</div> <div class="tl_right">';
}
// Add checkbox or radio button
switch ($this->fieldType) {
case 'checkbox':
$return .= '<input type="checkbox" name="' . $this->strName . '[]" id="' . $this->strName . '_' . $id . '" class="tl_tree_checkbox" value="' . \StringUtil::specialchars($id) . '" onfocus="Backend.getScrollOffset()"' . static::optionChecked($id, $this->varValue) . '>';
break;
default:
case 'radio':
$return .= '<input type="radio" name="' . $this->strName . '" id="' . $this->strName . '_' . $id . '" class="tl_tree_radio" value="' . \StringUtil::specialchars($id) . '" onfocus="Backend.getScrollOffset()"' . static::optionChecked($id, $this->varValue) . '>';
break;
}
$return .= '</div><div style="clear:both"></div></li>';
// Begin a new submenu
if ($blnIsOpen || !empty($childs) && $objSessionBag->get('page_selector_search') != '') {
$return .= '<li class="parent" id="' . $node . '_' . $id . '"><ul class="level_' . $level . '">';
for ($k = 0, $c = count($childs); $k < $c; $k++) {
$return .= $this->renderPagetree($childs[$k], $intMargin + $intSpacing, $objPage->protected, $blnNoRecursion, $arrFound);
}
$return .= '</ul></li>';
}
return $return;
}
/**
* Generate the module
*/
protected function compile()
{
/** @var PageModel $objPage */
global $objPage;
$items = array();
$groups = array();
// Get all groups of the current front end user
if (FE_USER_LOGGED_IN) {
$this->import('FrontendUser', 'User');
$groups = $this->User->groups;
}
// Get all active pages
$objPages = \PageModel::findPublishedRegularWithoutGuestsByIds($this->pages);
// Return if there are no pages
if ($objPages === null) {
return;
}
$arrPages = array();
// Sort the array keys according to the given order
if ($this->orderPages != '') {
$tmp = \StringUtil::deserialize($this->orderPages);
if (!empty($tmp) && is_array($tmp)) {
$arrPages = array_map(function () {
}, array_flip($tmp));
}
}
// Add the items to the pre-sorted array
while ($objPages->next()) {
$arrPages[$objPages->id] = $objPages->current();
}
$arrPages = array_values(array_filter($arrPages));
// Set default template
if ($this->navigationTpl == '') {
$this->navigationTpl = 'nav_default';
}
/** @var FrontendTemplate|object $objTemplate */
$objTemplate = new \FrontendTemplate($this->navigationTpl);
$objTemplate->type = get_class($this);
$objTemplate->cssID = $this->cssID;
// see #4897 and 6129
$objTemplate->level = 'level_1';
/** @var PageModel[] $arrPages */
foreach ($arrPages as $objModel) {
$_groups = \StringUtil::deserialize($objModel->groups);
// Do not show protected pages unless a back end or front end user is logged in
if (!$objModel->protected || BE_USER_LOGGED_IN || is_array($_groups) && count(array_intersect($_groups, $groups)) || $this->showProtected) {
// Get href
switch ($objModel->type) {
case 'redirect':
$href = $objModel->url;
break;
case 'forward':
if (($objNext = $objModel->getRelated('jumpTo')) instanceof PageModel) {
/** @var PageModel $objNext */
$href = $objNext->getFrontendUrl();
break;
}
// DO NOT ADD A break; STATEMENT
// DO NOT ADD A break; STATEMENT
default:
$href = $objModel->getFrontendUrl();
break;
}
$trail = in_array($objModel->id, $objPage->trail);
// Active page
if ($objPage->id == $objModel->id && $href == \Environment::get('request')) {
$strClass = trim($objModel->cssClass);
$row = $objModel->row();
$row['isActive'] = true;
$row['isTrail'] = false;
$row['class'] = trim('active ' . $strClass);
$row['title'] = \StringUtil::specialchars($objModel->title, true);
$row['pageTitle'] = \StringUtil::specialchars($objModel->pageTitle, true);
$row['link'] = $objModel->title;
$row['href'] = $href;
$row['nofollow'] = strncmp($objModel->robots, 'noindex,nofollow', 16) === 0;
$row['target'] = '';
$row['description'] = str_replace(array("\n", "\r"), array(' ', ''), $objModel->description);
// Override the link target
if ($objModel->type == 'redirect' && $objModel->target) {
$row['target'] = ' target="_blank"';
}
$items[] = $row;
} else {
$strClass = trim($objModel->cssClass . ($trail ? ' trail' : ''));
$row = $objModel->row();
$row['isActive'] = false;
$row['isTrail'] = $trail;
$row['class'] = $strClass;
$row['title'] = \StringUtil::specialchars($objModel->title, true);
$row['pageTitle'] = \StringUtil::specialchars($objModel->pageTitle, true);
$row['link'] = $objModel->title;
$row['href'] = $href;
$row['nofollow'] = strncmp($objModel->robots, 'noindex,nofollow', 16) === 0;
$row['target'] = '';
$row['description'] = str_replace(array("\n", "\r"), array(' ', ''), $objModel->description);
// Override the link target
if ($objModel->type == 'redirect' && $objModel->target) {
$row['target'] = ' target="_blank"';
}
$items[] = $row;
}
}
}
// Add classes first and last
$items[0]['class'] = trim($items[0]['class'] . ' first');
$last = count($items) - 1;
$items[$last]['class'] = trim($items[$last]['class'] . ' last');
$objTemplate->items = $items;
$this->Template->request = \Environment::get('indexFreeRequest');
$this->Template->skipId = 'skipNavigation' . $this->id;
$this->Template->skipNavigation = \StringUtil::specialchars($GLOBALS['TL_LANG']['MSC']['skipNavigation']);
$this->Template->items = !empty($items) ? $objTemplate->parse() : '';
}
/**
* Run the controller and parse the template
*
* @return Response
*/
public function run()
{
/** @var SessionInterface $objSession */
$objSession = \System::getContainer()->get('session');
/** @var BackendTemplate|object $objTemplate */
$objTemplate = new \BackendTemplate('be_picker');
$objTemplate->main = '';
// Ajax request
if ($_POST && \Environment::get('isAjaxRequest')) {
$this->objAjax = new \Ajax(\Input::post('action'));
$this->objAjax->executePreActions();
}
$strTable = \Input::get('table');
$strField = \Input::get('field');
// Define the current ID
define('CURRENT_ID', \Input::get('table') ? $objSession->get('CURRENT_ID') : \Input::get('id'));
$this->loadDataContainer($strTable);
$strDriver = 'DC_' . $GLOBALS['TL_DCA'][$strTable]['config']['dataContainer'];
$objDca = new $strDriver($strTable);
$objDca->field = $strField;
// Set the active record
if ($this->Database->tableExists($strTable)) {
/** @var Model $strModel */
$strModel = \Model::getClassFromTable($strTable);
if (class_exists($strModel)) {
$objModel = $strModel::findByPk(\Input::get('id'));
if ($objModel !== null) {
$objDca->activeRecord = $objModel;
}
}
}
// AJAX request
if ($_POST && \Environment::get('isAjaxRequest')) {
$this->objAjax->executePostActions($objDca);
}
$objSession->set('filePickerRef', \Environment::get('request'));
$arrValues = array_filter(explode(',', \Input::get('value')));
// Call the load_callback
if (is_array($GLOBALS['TL_DCA'][$strTable]['fields'][$strField]['load_callback'])) {
foreach ($GLOBALS['TL_DCA'][$strTable]['fields'][$strField]['load_callback'] as $callback) {
if (is_array($callback)) {
$this->import($callback[0]);
$arrValues = $this->{$callback[0]}->{$callback[1]}($arrValues, $objDca);
} elseif (is_callable($callback)) {
$arrValues = $callback($arrValues, $objDca);
}
}
}
/** @var PageSelector $strClass */
$strClass = $GLOBALS['BE_FFL']['pageSelector'];
/** @var PageSelector $objPageTree */
$objPageTree = new $strClass($strClass::getAttributesFromDca($GLOBALS['TL_DCA'][$strTable]['fields'][$strField], $strField, $arrValues, $strField, $strTable, $objDca));
/** @var AttributeBagInterface $objSessionBag */
$objSessionBag = $objSession->getBag('contao_backend');
$objTemplate->main = $objPageTree->generate();
$objTemplate->theme = \Backend::getTheme();
$objTemplate->base = \Environment::get('base');
$objTemplate->language = $GLOBALS['TL_LANGUAGE'];
$objTemplate->title = \StringUtil::specialchars($GLOBALS['TL_LANG']['MSC']['pagepicker']);
$objTemplate->charset = \Config::get('characterSet');
$objTemplate->addSearch = true;
$objTemplate->search = $GLOBALS['TL_LANG']['MSC']['search'];
$objTemplate->action = ampersand(\Environment::get('request'));
$objTemplate->value = $objSessionBag->get('page_selector_search');
$objTemplate->breadcrumb = $GLOBALS['TL_DCA']['tl_page']['list']['sorting']['breadcrumb'];
if ($this->User->hasAccess('page', 'modules')) {
$objTemplate->manager = $GLOBALS['TL_LANG']['MSC']['pageManager'];
$objTemplate->managerHref = 'contao/main.php?do=page&popup=1';
}
if (\Input::get('switch') && $this->User->hasAccess('files', 'modules')) {
$objTemplate->switch = $GLOBALS['TL_LANG']['MSC']['filePicker'];
$objTemplate->switchHref = str_replace('contao/page?', 'contao/file?', ampersand(\Environment::get('request')));
}
return $objTemplate->getResponse();
}
/**
* Recursively get all quicknav pages and return them as array
*
* @param integer $pid
* @param integer $level
* @param string $host
* @param string $language
*
* @return array
*/
protected function getQuicknavPages($pid, $level = 1, $host = null, $language = null)
{
/** @var PageModel $objPage */
global $objPage;
$groups = array();
$arrPages = array();
// Get all groups of the current front end user
if (FE_USER_LOGGED_IN) {
$this->import('FrontendUser', 'User');
$groups = $this->User->groups;
}
// Get all active subpages
$objSubpages = \PageModel::findPublishedRegularWithoutGuestsByPid($pid);
if ($objSubpages === null) {
return array();
}
++$level;
foreach ($objSubpages as $objSubpage) {
$_groups = \StringUtil::deserialize($objSubpage->groups);
// Override the domain (see #3765)
if ($host !== null) {
$objSubpage->domain = $host;
}
// Do not show protected pages unless a back end or front end user is logged in
if (!$objSubpage->protected || !is_array($_groups) && FE_USER_LOGGED_IN || BE_USER_LOGGED_IN || is_array($_groups) && array_intersect($_groups, $groups) || $this->showProtected) {
// Do not skip the current page here! (see #4523)
// Check hidden pages
if (!$objSubpage->hide || $this->showHidden) {
$arrPages[] = array('level' => $level - 2, 'title' => \StringUtil::specialchars(\StringUtil::stripInsertTags($objSubpage->pageTitle ?: $objSubpage->title)), 'href' => $objSubpage->getFrontendUrl(), 'link' => \StringUtil::stripInsertTags($objSubpage->title));
// Subpages
if (!$this->showLevel || $this->showLevel >= $level || !$this->hardLimit && ($objPage->id == $objSubpage->id || in_array($objPage->id, $this->Database->getChildRecords($objSubpage->id, 'tl_page')))) {
$subpages = $this->getQuicknavPages($objSubpage->id, $level);
if (is_array($subpages)) {
$arrPages = array_merge($arrPages, $subpages);
}
}
}
}
}
return $arrPages;
}
/**
* Recursively get all allowed files and return them as string
*
* @param string $strFolder
* @param integer $level
* @param string $strFilter
*
* @return string
*/
protected function doCreateFileList($strFolder = null, $level = -1, $strFilter = '')
{
// Deprecated since Contao 4.0, to be removed in Contao 5.0
if ($strFilter === true) {
@trigger_error('Passing "true" to Backend::doCreateFileList() has been deprecated and will no longer work in Contao 5.0.', E_USER_DEPRECATED);
$strFilter = 'gif,jpg,jpeg,png';
}
$arrPages = scan(TL_ROOT . '/' . $strFolder);
// Empty folder
if (empty($arrPages)) {
return '';
}
// Protected folder
if (array_search('.htaccess', $arrPages) !== false) {
return '';
}
++$level;
$strFolders = '';
$strFiles = '';
// Recursively list all files and folders
foreach ($arrPages as $strFile) {
if (strncmp($strFile, '.', 1) === 0) {
continue;
}
// Folders
if (is_dir(TL_ROOT . '/' . $strFolder . '/' . $strFile)) {
$strFolders .= $this->doCreateFileList($strFolder . '/' . $strFile, $level, $strFilter);
} else {
// Filter images
if ($strFilter != '' && !preg_match('/\\.(' . str_replace(',', '|', $strFilter) . ')$/i', $strFile)) {
continue;
}
$strFiles .= sprintf('<option value="%s"%s>%s</option>', $strFolder . '/' . $strFile, $strFolder . '/' . $strFile == \Input::get('value') ? ' selected="selected"' : '', \StringUtil::specialchars($strFile));
}
}
if (strlen($strFiles)) {
return '<optgroup label="' . \StringUtil::specialchars($strFolder) . '">' . $strFiles . $strFolders . '</optgroup>';
}
return $strFiles . $strFolders;
}
/**
* Generate the module
*/
protected function compile()
{
// Show logout form
if (FE_USER_LOGGED_IN) {
$this->import('FrontendUser', 'User');
$this->Template->logout = true;
$this->Template->formId = 'tl_logout_' . $this->id;
$this->Template->slabel = \StringUtil::specialchars($GLOBALS['TL_LANG']['MSC']['logout']);
$this->Template->loggedInAs = sprintf($GLOBALS['TL_LANG']['MSC']['loggedInAs'], $this->User->username);
$this->Template->action = ampersand(\Environment::get('indexFreeRequest'));
if ($this->User->lastLogin > 0) {
/** @var PageModel $objPage */
global $objPage;
$this->Template->lastLogin = sprintf($GLOBALS['TL_LANG']['MSC']['lastLogin'][1], \Date::parse($objPage->datimFormat, $this->User->lastLogin));
}
return;
}
$flashBag = \System::getContainer()->get('session')->getFlashBag();
if ($flashBag->has($this->strFlashType)) {
$this->Template->hasError = true;
$this->Template->message = $flashBag->get($this->strFlashType)[0];
}
$this->Template->username = $GLOBALS['TL_LANG']['MSC']['username'];
$this->Template->password = $GLOBALS['TL_LANG']['MSC']['password'][0];
$this->Template->action = ampersand(\Environment::get('indexFreeRequest'));
$this->Template->slabel = \StringUtil::specialchars($GLOBALS['TL_LANG']['MSC']['login']);
$this->Template->value = \StringUtil::specialchars(\Input::post('username'));
$this->Template->formId = 'tl_login_' . $this->id;
$this->Template->autologin = $this->autologin && \Config::get('autologin') > 0;
$this->Template->autoLabel = $GLOBALS['TL_LANG']['MSC']['autologin'];
}
/**
* Generate the module
*/
protected function compile()
{
$this->import('FrontendUser', 'User');
// Initialize the password widget
$arrField = array('name' => 'password', 'inputType' => 'text', 'label' => $GLOBALS['TL_LANG']['MSC']['password'][0], 'eval' => array('hideInput' => true, 'mandatory' => true, 'required' => true));
$objWidget = new \FormTextField(\FormTextField::getAttributesFromDca($arrField, $arrField['name']));
$objWidget->rowClass = 'row_0 row_first even';
$strFormId = 'tl_close_account_' . $this->id;
// Validate widget
if (\Input::post('FORM_SUBMIT') == $strFormId) {
$objWidget->validate();
// Validate the password
if (!$objWidget->hasErrors()) {
// The password has been generated with crypt()
if (\Encryption::test($this->User->password)) {
$blnAuthenticated = \Encryption::verify($objWidget->value, $this->User->password);
} else {
list($strPassword, $strSalt) = explode(':', $this->User->password);
$blnAuthenticated = $strSalt == '' ? $strPassword === sha1($objWidget->value) : $strPassword === sha1($strSalt . $objWidget->value);
}
if (!$blnAuthenticated) {
$objWidget->value = '';
$objWidget->addError($GLOBALS['TL_LANG']['ERR']['invalidPass']);
}
}
// Close account
if (!$objWidget->hasErrors()) {
// HOOK: send account ID
if (isset($GLOBALS['TL_HOOKS']['closeAccount']) && is_array($GLOBALS['TL_HOOKS']['closeAccount'])) {
foreach ($GLOBALS['TL_HOOKS']['closeAccount'] as $callback) {
$this->import($callback[0]);
$this->{$callback[0]}->{$callback[1]}($this->User->id, $this->reg_close, $this);
}
}
$objMember = \MemberModel::findByPk($this->User->id);
// Remove the account
if ($this->reg_close == 'close_delete') {
$objMember->delete();
$this->log('User account ID ' . $this->User->id . ' (' . \Idna::decodeEmail($this->User->email) . ') has been deleted', __METHOD__, TL_ACCESS);
} else {
$objMember->disable = 1;
$objMember->tstamp = time();
$objMember->save();
$this->log('User account ID ' . $this->User->id . ' (' . \Idna::decodeEmail($this->User->email) . ') has been deactivated', __METHOD__, TL_ACCESS);
}
$this->User->logout();
// Check whether there is a jumpTo page
if (($objJumpTo = $this->objModel->getRelated('jumpTo')) instanceof PageModel) {
$this->jumpToOrReload($objJumpTo->row());
}
$this->reload();
}
}
$this->Template->fields = $objWidget->parse();
$this->Template->formId = $strFormId;
$this->Template->action = \Environment::get('indexFreeRequest');
$this->Template->slabel = \StringUtil::specialchars($GLOBALS['TL_LANG']['MSC']['closeAccount']);
$this->Template->rowLast = 'row_1 row_last odd';
}
/**
* Generate the module
*/
protected function compile()
{
// Get the root page
if (!($objTarget = $this->objModel->getRelated('rootPage')) instanceof PageModel) {
return;
}
$groups = array();
// Get all groups of the current front end user
if (FE_USER_LOGGED_IN) {
$this->import('FrontendUser', 'User');
$groups = $this->User->groups;
}
// Get all book pages
$this->arrPages[$objTarget->id] = $objTarget;
$this->getBookPages($objTarget->id, $groups, time());
/** @var PageModel $objPage */
global $objPage;
// Upper page
if ($objPage->id != $objTarget->id) {
$intKey = $objPage->pid;
// Skip forward pages (see #5074)
while ($this->arrPages[$intKey]->type == 'forward' && isset($this->arrPages[$intKey]->pid)) {
$intKey = $this->arrPages[$intKey]->pid;
}
// Hide the link if the reference page is a forward page (see #5374)
if (isset($this->arrPages[$intKey])) {
$this->Template->hasUp = true;
$this->Template->upHref = $this->arrPages[$intKey]->getFrontendUrl();
$this->Template->upTitle = \StringUtil::specialchars($this->arrPages[$intKey]->title, true);
$this->Template->upPageTitle = \StringUtil::specialchars($this->arrPages[$intKey]->pageTitle, true);
$this->Template->upLink = $GLOBALS['TL_LANG']['MSC']['up'];
}
}
$arrLookup = array_keys($this->arrPages);
$intCurrent = array_search($objPage->id, $arrLookup);
// HOOK: add pagination info
$this->Template->currentPage = $intCurrent;
$this->Template->pageCount = count($arrLookup);
// Previous page
if ($intCurrent > 0) {
$current = $intCurrent;
$intKey = $arrLookup[$current - 1];
// Skip forward pages (see #5074)
while ($this->arrPages[$intKey]->type == 'forward' && isset($arrLookup[--$current])) {
$intKey = $arrLookup[$current - 1];
}
$this->Template->hasPrev = true;
$this->Template->prevHref = $this->arrPages[$intKey]->getFrontendUrl();
$this->Template->prevTitle = \StringUtil::specialchars($this->arrPages[$intKey]->title, true);
$this->Template->prevPageTitle = \StringUtil::specialchars($this->arrPages[$intKey]->pageTitle, true);
$this->Template->prevLink = $this->arrPages[$intKey]->title;
}
// Next page
if ($intCurrent < count($arrLookup) - 1) {
$current = $intCurrent;
$intKey = $arrLookup[$current + 1];
// Skip forward pages (see #5074)
while ($this->arrPages[$intKey]->type == 'forward' && isset($arrLookup[++$current])) {
$intKey = $arrLookup[$current + 1];
}
$this->Template->hasNext = true;
$this->Template->nextHref = $this->arrPages[$intKey]->getFrontendUrl();
$this->Template->nextTitle = \StringUtil::specialchars($this->arrPages[$intKey]->title, true);
$this->Template->nextPageTitle = \StringUtil::specialchars($this->arrPages[$intKey]->pageTitle, true);
$this->Template->nextLink = $this->arrPages[$intKey]->title;
}
}
/**
* Render the versions dropdown menu
*
* @return string
*/
public function renderDropdown()
{
$objVersion = $this->Database->prepare("SELECT tstamp, version, username, active FROM tl_version WHERE fromTable=? AND pid=? ORDER BY version DESC")->execute($this->strTable, $this->intPid);
if ($objVersion->numRows < 2) {
return '';
}
$versions = '';
while ($objVersion->next()) {
$versions .= '
<option value="' . $objVersion->version . '"' . ($objVersion->active ? ' selected="selected"' : '') . '>' . $GLOBALS['TL_LANG']['MSC']['version'] . ' ' . $objVersion->version . ' (' . \Date::parse(\Config::get('datimFormat'), $objVersion->tstamp) . ') ' . $objVersion->username . '</option>';
}
return '
<div class="tl_version_panel">
<form action="' . ampersand(\Environment::get('request'), true) . '" id="tl_version" class="tl_form" method="post">
<div class="tl_formbody">
<input type="hidden" name="FORM_SUBMIT" value="tl_version">
<input type="hidden" name="REQUEST_TOKEN" value="' . REQUEST_TOKEN . '">
<select name="version" class="tl_select">' . $versions . '
</select>
<button type="submit" name="showVersion" id="showVersion" class="tl_submit">' . $GLOBALS['TL_LANG']['MSC']['restore'] . '</button>
<a href="' . \Backend::addToUrl('versions=1&popup=1') . '" title="' . \StringUtil::specialchars($GLOBALS['TL_LANG']['MSC']['showDifferences']) . '" onclick="Backend.openModalIframe({\'width\':768,\'title\':\'' . \StringUtil::specialchars(str_replace("'", "\\'", sprintf($GLOBALS['TL_LANG']['MSC']['recordOfTable'], $this->intPid, $this->strTable))) . '\',\'url\':this.href});return false">' . \Image::getHtml('diff.svg') . '</a>
</div>
</form>
</div>
';
}
/**
* Add a form to create new comments
*
* @param FrontendTemplate|object $objTemplate
* @param \stdClass $objConfig
* @param string $strSource
* @param integer $intParent
* @param mixed $varNotifies
*/
protected function renderCommentForm(FrontendTemplate $objTemplate, \stdClass $objConfig, $strSource, $intParent, $varNotifies)
{
$this->import('FrontendUser', 'User');
// Access control
if ($objConfig->requireLogin && !FE_USER_LOGGED_IN) {
$objTemplate->requireLogin = true;
$objTemplate->login = $GLOBALS['TL_LANG']['MSC']['com_login'];
return;
}
// Confirm or remove a subscription
if (\Input::get('token')) {
static::changeSubscriptionStatus($objTemplate);
return;
}
// Form fields
$arrFields = array('name' => array('name' => 'name', 'label' => $GLOBALS['TL_LANG']['MSC']['com_name'], 'value' => trim($this->User->firstname . ' ' . $this->User->lastname), 'inputType' => 'text', 'eval' => array('mandatory' => true, 'maxlength' => 64)), 'email' => array('name' => 'email', 'label' => $GLOBALS['TL_LANG']['MSC']['com_email'], 'value' => $this->User->email, 'inputType' => 'text', 'eval' => array('rgxp' => 'email', 'mandatory' => true, 'maxlength' => 128, 'decodeEntities' => true)), 'website' => array('name' => 'website', 'label' => $GLOBALS['TL_LANG']['MSC']['com_website'], 'inputType' => 'text', 'eval' => array('rgxp' => 'url', 'maxlength' => 128, 'decodeEntities' => true)));
// Captcha
if (!$objConfig->disableCaptcha) {
$arrFields['captcha'] = array('name' => 'captcha', 'label' => $GLOBALS['TL_LANG']['MSC']['securityQuestion'], 'inputType' => 'captcha', 'eval' => array('mandatory' => true));
}
// Comment field
$arrFields['comment'] = array('name' => 'comment', 'label' => $GLOBALS['TL_LANG']['MSC']['com_comment'], 'inputType' => 'textarea', 'eval' => array('mandatory' => true, 'rows' => 4, 'cols' => 40, 'preserveTags' => true));
// Notify me of new comments
$arrFields['notify'] = array('name' => 'notify', 'label' => '', 'inputType' => 'checkbox', 'options' => array(1 => $GLOBALS['TL_LANG']['MSC']['com_notify']));
$doNotSubmit = false;
$arrWidgets = array();
$strFormId = 'com_' . $strSource . '_' . $intParent;
// Initialize the widgets
foreach ($arrFields as $arrField) {
/** @var Widget $strClass */
$strClass = $GLOBALS['TL_FFL'][$arrField['inputType']];
// Continue if the class is not defined
if (!class_exists($strClass)) {
continue;
}
$arrField['eval']['required'] = $arrField['eval']['mandatory'];
/** @var Widget $objWidget */
$objWidget = new $strClass($strClass::getAttributesFromDca($arrField, $arrField['name'], $arrField['value']));
// Validate the widget
if (\Input::post('FORM_SUBMIT') == $strFormId) {
$objWidget->validate();
if ($objWidget->hasErrors()) {
$doNotSubmit = true;
}
}
$arrWidgets[$arrField['name']] = $objWidget;
}
$objTemplate->fields = $arrWidgets;
$objTemplate->submit = $GLOBALS['TL_LANG']['MSC']['com_submit'];
$objTemplate->action = ampersand(\Environment::get('request'));
$objTemplate->messages = '';
// Deprecated since Contao 4.0, to be removed in Contao 5.0
$objTemplate->formId = $strFormId;
$objTemplate->hasError = $doNotSubmit;
// Do not index or cache the page with the confirmation message
if ($_SESSION['TL_COMMENT_ADDED']) {
/** @var PageModel $objPage */
global $objPage;
$objPage->noSearch = 1;
$objPage->cache = 0;
$objTemplate->confirm = $GLOBALS['TL_LANG']['MSC']['com_confirm'];
$_SESSION['TL_COMMENT_ADDED'] = false;
}
// Store the comment
if (!$doNotSubmit && \Input::post('FORM_SUBMIT') == $strFormId) {
$strWebsite = $arrWidgets['website']->value;
// Add http:// to the website
if ($strWebsite != '' && !preg_match('@^(https?://|ftp://|mailto:|#)@i', $strWebsite)) {
$strWebsite = 'http://' . $strWebsite;
}
// Do not parse any tags in the comment
$strComment = \StringUtil::specialchars(trim($arrWidgets['comment']->value));
$strComment = str_replace(array('&', '<', '>'), array('[&]', '[lt]', '[gt]'), $strComment);
// Remove multiple line feeds
$strComment = preg_replace('@\\n\\n+@', "\n\n", $strComment);
// Parse BBCode
if ($objConfig->bbcode) {
$strComment = $this->parseBbCode($strComment);
}
// Prevent cross-site request forgeries
$strComment = preg_replace('/(href|src|on[a-z]+)="[^"]*(contao\\/main\\.php|typolight\\/main\\.php|javascript|vbscri?pt|script|alert|document|cookie|window)[^"]*"+/i', '$1="#"', $strComment);
$time = time();
// Prepare the record
$arrSet = array('tstamp' => $time, 'source' => $strSource, 'parent' => $intParent, 'name' => $arrWidgets['name']->value, 'email' => $arrWidgets['email']->value, 'website' => $strWebsite, 'comment' => $this->convertLineFeeds($strComment), 'ip' => $this->anonymizeIp(\Environment::get('ip')), 'date' => $time, 'published' => $objConfig->moderate ? '' : 1);
// Store the comment
$objComment = new \CommentsModel();
$objComment->setRow($arrSet)->save();
// Store the subscription
if ($arrWidgets['notify']->value) {
static::addCommentsSubscription($objComment);
}
// HOOK: add custom logic
if (isset($GLOBALS['TL_HOOKS']['addComment']) && is_array($GLOBALS['TL_HOOKS']['addComment'])) {
foreach ($GLOBALS['TL_HOOKS']['addComment'] as $callback) {
$this->import($callback[0]);
$this->{$callback[0]}->{$callback[1]}($objComment->id, $arrSet, $this);
}
}
// Prepare the notification mail
$objEmail = new \Email();
$objEmail->from = $GLOBALS['TL_ADMIN_EMAIL'];
$objEmail->fromName = $GLOBALS['TL_ADMIN_NAME'];
$objEmail->subject = sprintf($GLOBALS['TL_LANG']['MSC']['com_subject'], \Idna::decode(\Environment::get('host')));
// Convert the comment to plain text
$strComment = strip_tags($strComment);
$strComment = \StringUtil::decodeEntities($strComment);
$strComment = str_replace(array('[&]', '[lt]', '[gt]'), array('&', '<', '>'), $strComment);
// Add the comment details
$objEmail->text = sprintf($GLOBALS['TL_LANG']['MSC']['com_message'], $arrSet['name'] . ' (' . $arrSet['email'] . ')', $strComment, \Idna::decode(\Environment::get('base')) . \Environment::get('request'), \Idna::decode(\Environment::get('base')) . 'contao?do=comments&act=edit&id=' . $objComment->id);
// Add a moderation hint to the e-mail (see #7478)
if ($objConfig->moderate) {
$objEmail->text .= "\n" . $GLOBALS['TL_LANG']['MSC']['com_moderated'] . "\n";
}
// Do not send notifications twice
if (is_array($varNotifies)) {
$objEmail->sendTo(array_unique($varNotifies));
} elseif ($varNotifies != '') {
$objEmail->sendTo($varNotifies);
// see #5443
}
// Pending for approval
if ($objConfig->moderate) {
$_SESSION['TL_COMMENT_ADDED'] = true;
} else {
static::notifyCommentsSubscribers($objComment);
}
$this->reload();
}
}
/**
* Generate the content element
*/
protected function compile()
{
/** @var PageModel $objPage */
global $objPage;
$images = array();
$auxDate = array();
$objFiles = $this->objFiles;
// Get all images
while ($objFiles->next()) {
// Continue if the files has been processed or does not exist
if (isset($images[$objFiles->path]) || !file_exists(TL_ROOT . '/' . $objFiles->path)) {
continue;
}
// Single files
if ($objFiles->type == 'file') {
$objFile = new \File($objFiles->path);
if (!$objFile->isImage) {
continue;
}
$arrMeta = $this->getMetaData($objFiles->meta, $objPage->language);
if (empty($arrMeta)) {
if ($this->metaIgnore) {
continue;
} elseif ($objPage->rootFallbackLanguage !== null) {
$arrMeta = $this->getMetaData($objFiles->meta, $objPage->rootFallbackLanguage);
}
}
// Use the file name as title if none is given
if ($arrMeta['title'] == '') {
$arrMeta['title'] = \StringUtil::specialchars($objFile->basename);
}
// Add the image
$images[$objFiles->path] = array('id' => $objFiles->id, 'uuid' => $objFiles->uuid, 'name' => $objFile->basename, 'singleSRC' => $objFiles->path, 'title' => \StringUtil::specialchars($arrMeta['title']), 'alt' => \StringUtil::specialchars($arrMeta['alt']), 'imageUrl' => $arrMeta['link'], 'caption' => $arrMeta['caption']);
$auxDate[] = $objFile->mtime;
} else {
$objSubfiles = \FilesModel::findByPid($objFiles->uuid);
if ($objSubfiles === null) {
continue;
}
while ($objSubfiles->next()) {
// Skip subfolders
if ($objSubfiles->type == 'folder') {
continue;
}
$objFile = new \File($objSubfiles->path);
if (!$objFile->isImage) {
continue;
}
$arrMeta = $this->getMetaData($objSubfiles->meta, $objPage->language);
if (empty($arrMeta)) {
if ($this->metaIgnore) {
continue;
} elseif ($objPage->rootFallbackLanguage !== null) {
$arrMeta = $this->getMetaData($objSubfiles->meta, $objPage->rootFallbackLanguage);
}
}
// Use the file name as title if none is given
if ($arrMeta['title'] == '') {
$arrMeta['title'] = \StringUtil::specialchars($objFile->basename);
}
// Add the image
$images[$objSubfiles->path] = array('id' => $objSubfiles->id, 'uuid' => $objSubfiles->uuid, 'name' => $objFile->basename, 'singleSRC' => $objSubfiles->path, 'title' => \StringUtil::specialchars($arrMeta['title']), 'alt' => \StringUtil::specialchars($arrMeta['alt']), 'imageUrl' => $arrMeta['link'], 'caption' => $arrMeta['caption']);
$auxDate[] = $objFile->mtime;
}
}
}
// Sort array
switch ($this->sortBy) {
default:
case 'name_asc':
uksort($images, 'basename_natcasecmp');
break;
case 'name_desc':
uksort($images, 'basename_natcasercmp');
break;
case 'date_asc':
array_multisort($images, SORT_NUMERIC, $auxDate, SORT_ASC);
break;
case 'date_desc':
array_multisort($images, SORT_NUMERIC, $auxDate, SORT_DESC);
break;
// Deprecated since Contao 4.0, to be removed in Contao 5.0
// Deprecated since Contao 4.0, to be removed in Contao 5.0
case 'meta':
@trigger_error('The "meta" key in ContentGallery::compile() has been deprecated and will no longer work in Contao 5.0.', E_USER_DEPRECATED);
// no break;
// no break;
case 'custom':
if ($this->orderSRC != '') {
$tmp = \StringUtil::deserialize($this->orderSRC);
if (!empty($tmp) && is_array($tmp)) {
// Remove all values
$arrOrder = array_map(function () {
}, array_flip($tmp));
// Move the matching elements to their position in $arrOrder
foreach ($images as $k => $v) {
if (array_key_exists($v['uuid'], $arrOrder)) {
$arrOrder[$v['uuid']] = $v;
unset($images[$k]);
}
}
// Append the left-over images at the end
if (!empty($images)) {
$arrOrder = array_merge($arrOrder, array_values($images));
}
// Remove empty (unreplaced) entries
$images = array_values(array_filter($arrOrder));
unset($arrOrder);
}
}
break;
case 'random':
shuffle($images);
$this->Template->isRandomOrder = true;
break;
}
$images = array_values($images);
// Limit the total number of items (see #2652)
if ($this->numberOfItems > 0) {
$images = array_slice($images, 0, $this->numberOfItems);
}
$offset = 0;
$total = count($images);
$limit = $total;
// Paginate the result of not randomly sorted (see #8033)
if ($this->perPage > 0 && $this->sortBy != 'random') {
// Get the current page
$id = 'page_g' . $this->id;
$page = \Input::get($id) !== null ? \Input::get($id) : 1;
// Do not index or cache the page if the page number is outside the range
if ($page < 1 || $page > max(ceil($total / $this->perPage), 1)) {
throw new PageNotFoundException('Page not found: ' . \Environment::get('uri'));
}
// Set limit and offset
$offset = ($page - 1) * $this->perPage;
$limit = min($this->perPage + $offset, $total);
$objPagination = new \Pagination($total, $this->perPage, \Config::get('maxPaginationLinks'), $id);
$this->Template->pagination = $objPagination->generate("\n ");
}
$rowcount = 0;
$colwidth = floor(100 / $this->perRow);
$intMaxWidth = TL_MODE == 'BE' ? floor(640 / $this->perRow) : floor(\Config::get('maxImageWidth') / $this->perRow);
$strLightboxId = 'lightbox[lb' . $this->id . ']';
$body = array();
// Rows
for ($i = $offset; $i < $limit; $i = $i + $this->perRow) {
$class_tr = '';
if ($rowcount == 0) {
$class_tr .= ' row_first';
}
if ($i + $this->perRow >= $limit) {
$class_tr .= ' row_last';
}
$class_eo = $rowcount % 2 == 0 ? ' even' : ' odd';
// Columns
for ($j = 0; $j < $this->perRow; $j++) {
$class_td = '';
if ($j == 0) {
$class_td .= ' col_first';
}
if ($j == $this->perRow - 1) {
$class_td .= ' col_last';
}
$objCell = new \stdClass();
$key = 'row_' . $rowcount . $class_tr . $class_eo;
// Empty cell
if (!is_array($images[$i + $j]) || $j + $i >= $limit) {
$objCell->colWidth = $colwidth . '%';
$objCell->class = 'col_' . $j . $class_td;
} else {
// Add size and margin
$images[$i + $j]['size'] = $this->size;
$images[$i + $j]['imagemargin'] = $this->imagemargin;
$images[$i + $j]['fullsize'] = $this->fullsize;
$this->addImageToTemplate($objCell, $images[$i + $j], $intMaxWidth, $strLightboxId);
// Add column width and class
$objCell->colWidth = $colwidth . '%';
$objCell->class = 'col_' . $j . $class_td;
}
$body[$key][$j] = $objCell;
}
++$rowcount;
}
$strTemplate = 'gallery_default';
// Use a custom template
if (TL_MODE == 'FE' && $this->galleryTpl != '') {
$strTemplate = $this->galleryTpl;
}
/** @var FrontendTemplate|object $objTemplate */
$objTemplate = new \FrontendTemplate($strTemplate);
$objTemplate->setData($this->arrData);
$objTemplate->body = $body;
$objTemplate->headline = $this->headline;
// see #1603
$this->Template->images = $objTemplate->parse();
}
/**
* Generate the module
*/
protected function compile()
{
// Mark the x and y parameter as used (see #4277)
if (isset($_GET['x'])) {
\Input::get('x');
\Input::get('y');
}
// Trigger the search module from a custom form
if (!isset($_GET['keywords']) && \Input::post('FORM_SUBMIT') == 'tl_search') {
$_GET['keywords'] = \Input::post('keywords');
$_GET['query_type'] = \Input::post('query_type');
$_GET['per_page'] = \Input::post('per_page');
}
$blnFuzzy = $this->fuzzy;
$strQueryType = \Input::get('query_type') ?: $this->queryType;
$strKeywords = trim(\Input::get('keywords'));
$this->Template->uniqueId = $this->id;
$this->Template->queryType = $strQueryType;
$this->Template->keyword = \StringUtil::specialchars($strKeywords);
$this->Template->keywordLabel = $GLOBALS['TL_LANG']['MSC']['keywords'];
$this->Template->optionsLabel = $GLOBALS['TL_LANG']['MSC']['options'];
$this->Template->search = \StringUtil::specialchars($GLOBALS['TL_LANG']['MSC']['searchLabel']);
$this->Template->matchAll = \StringUtil::specialchars($GLOBALS['TL_LANG']['MSC']['matchAll']);
$this->Template->matchAny = \StringUtil::specialchars($GLOBALS['TL_LANG']['MSC']['matchAny']);
$this->Template->action = ampersand(\Environment::get('indexFreeRequest'));
$this->Template->advanced = $this->searchType == 'advanced';
// Redirect page
if ($this->jumpTo && ($objTarget = $this->objModel->getRelated('jumpTo')) instanceof PageModel) {
/** @var PageModel $objTarget */
$this->Template->action = $objTarget->getFrontendUrl();
}
$this->Template->pagination = '';
$this->Template->results = '';
// Execute the search if there are keywords
if ($strKeywords != '' && $strKeywords != '*' && !$this->jumpTo) {
// Reference page
if ($this->rootPage > 0) {
$intRootId = $this->rootPage;
$arrPages = $this->Database->getChildRecords($this->rootPage, 'tl_page');
array_unshift($arrPages, $this->rootPage);
} else {
/** @var PageModel $objPage */
global $objPage;
$intRootId = $objPage->rootId;
$arrPages = $this->Database->getChildRecords($objPage->rootId, 'tl_page');
}
// HOOK: add custom logic (see #5223)
if (isset($GLOBALS['TL_HOOKS']['customizeSearch']) && is_array($GLOBALS['TL_HOOKS']['customizeSearch'])) {
foreach ($GLOBALS['TL_HOOKS']['customizeSearch'] as $callback) {
$this->import($callback[0]);
$this->{$callback[0]}->{$callback[1]}($arrPages, $strKeywords, $strQueryType, $blnFuzzy);
}
}
// Return if there are no pages
if (!is_array($arrPages) || empty($arrPages)) {
return;
}
$strCachePath = str_replace(TL_ROOT . DIRECTORY_SEPARATOR, '', \System::getContainer()->getParameter('kernel.cache_dir'));
$arrResult = null;
$strChecksum = md5($strKeywords . $strQueryType . $intRootId . $blnFuzzy);
$query_starttime = microtime(true);
$strCacheFile = $strCachePath . '/contao/search/' . $strChecksum . '.json';
// Load the cached result
if (file_exists(TL_ROOT . '/' . $strCacheFile)) {
$objFile = new \File($strCacheFile);
if ($objFile->mtime > time() - 1800) {
$arrResult = json_decode($objFile->getContent(), true);
} else {
$objFile->delete();
}
}
// Cache the result
if ($arrResult === null) {
try {
$objSearch = \Search::searchFor($strKeywords, $strQueryType == 'or', $arrPages, 0, 0, $blnFuzzy);
$arrResult = $objSearch->fetchAllAssoc();
} catch (\Exception $e) {
$this->log('Website search failed: ' . $e->getMessage(), __METHOD__, TL_ERROR);
$arrResult = array();
}
\File::putContent($strCacheFile, json_encode($arrResult));
}
$query_endtime = microtime(true);
// Sort out protected pages
if (\Config::get('indexProtected') && !BE_USER_LOGGED_IN) {
$this->import('FrontendUser', 'User');
foreach ($arrResult as $k => $v) {
if ($v['protected']) {
if (!FE_USER_LOGGED_IN) {
unset($arrResult[$k]);
} else {
$groups = \StringUtil::deserialize($v['groups']);
if (!is_array($groups) || empty($groups) || !count(array_intersect($groups, $this->User->groups))) {
unset($arrResult[$k]);
}
}
}
}
$arrResult = array_values($arrResult);
}
$count = count($arrResult);
$this->Template->count = $count;
$this->Template->page = null;
$this->Template->keywords = $strKeywords;
// No results
if ($count < 1) {
$this->Template->header = sprintf($GLOBALS['TL_LANG']['MSC']['sEmpty'], $strKeywords);
$this->Template->duration = substr($query_endtime - $query_starttime, 0, 6) . ' ' . $GLOBALS['TL_LANG']['MSC']['seconds'];
return;
}
$from = 1;
$to = $count;
// Pagination
if ($this->perPage > 0) {
$id = 'page_s' . $this->id;
$page = \Input::get($id) !== null ? \Input::get($id) : 1;
$per_page = \Input::get('per_page') ?: $this->perPage;
// Do not index or cache the page if the page number is outside the range
if ($page < 1 || $page > max(ceil($count / $per_page), 1)) {
throw new PageNotFoundException('Page not found: ' . \Environment::get('uri'));
}
$from = ($page - 1) * $per_page + 1;
$to = $from + $per_page > $count ? $count : $from + $per_page - 1;
// Pagination menu
if ($to < $count || $from > 1) {
$objPagination = new \Pagination($count, $per_page, \Config::get('maxPaginationLinks'), $id);
$this->Template->pagination = $objPagination->generate("\n ");
}
$this->Template->page = $page;
}
// Get the results
for ($i = $from - 1; $i < $to && $i < $count; $i++) {
/** @var FrontendTemplate|object $objTemplate */
$objTemplate = new \FrontendTemplate($this->searchTpl);
$objTemplate->url = $arrResult[$i]['url'];
$objTemplate->link = $arrResult[$i]['title'];
$objTemplate->href = $arrResult[$i]['url'];
$objTemplate->title = \StringUtil::specialchars($arrResult[$i]['title']);
$objTemplate->class = ($i == $from - 1 ? 'first ' : '') . ($i == $to - 1 || $i == $count - 1 ? 'last ' : '') . ($i % 2 == 0 ? 'even' : 'odd');
$objTemplate->relevance = sprintf($GLOBALS['TL_LANG']['MSC']['relevance'], number_format($arrResult[$i]['relevance'] / $arrResult[0]['relevance'] * 100, 2) . '%');
$objTemplate->filesize = $arrResult[$i]['filesize'];
$objTemplate->matches = $arrResult[$i]['matches'];
$arrContext = array();
$arrMatches = \StringUtil::trimsplit(',', $arrResult[$i]['matches']);
// Get the context
foreach ($arrMatches as $strWord) {
$arrChunks = array();
preg_match_all('/(^|\\b.{0,' . $this->contextLength . '}\\PL)' . str_replace('+', '\\+', $strWord) . '(\\PL.{0,' . $this->contextLength . '}\\b|$)/ui', $arrResult[$i]['text'], $arrChunks);
foreach ($arrChunks[0] as $strContext) {
$arrContext[] = ' ' . $strContext . ' ';
}
}
// Shorten the context and highlight all keywords
if (!empty($arrContext)) {
$objTemplate->context = trim(\StringUtil::substrHtml(implode('…', $arrContext), $this->totalLength));
$objTemplate->context = preg_replace('/(\\PL)(' . implode('|', $arrMatches) . ')(\\PL)/ui', '$1<mark class="highlight">$2</mark>$3', $objTemplate->context);
$objTemplate->hasContext = true;
}
$this->Template->results .= $objTemplate->parse();
}
$this->Template->header = vsprintf($GLOBALS['TL_LANG']['MSC']['sResults'], array($from, $to, $count, $strKeywords));
$this->Template->duration = substr($query_endtime - $query_starttime, 0, 6) . ' ' . $GLOBALS['TL_LANG']['MSC']['seconds'];
}
}
/**
* Return a single attribute
*
* @param string $strKey The attribute name
*
* @return string The attribute markup
*/
public function getAttribute($strKey)
{
if (!isset($this->arrAttributes[$strKey])) {
return '';
}
$varValue = $this->arrAttributes[$strKey];
// Prevent the autofocus attribute from being added multiple times (see #8281)
if ($strKey == 'autofocus') {
unset($this->arrAttributes[$strKey]);
}
if ($strKey == 'disabled' || $strKey == 'readonly' || $strKey == 'required' || $strKey == 'autofocus' || $strKey == 'multiple') {
return ' ' . $strKey;
} elseif ($varValue != '') {
return ' ' . $strKey . '="' . \StringUtil::specialchars($varValue) . '"';
}
return '';
}
/**
* Generate the module
*/
protected function compile()
{
/** @var PageModel $objPage */
global $objPage;
$GLOBALS['TL_LANGUAGE'] = $objPage->language;
\System::loadLanguageFile('tl_member');
$this->loadDataContainer('tl_member');
// Call onload_callback (e.g. to check permissions)
if (is_array($GLOBALS['TL_DCA']['tl_member']['config']['onload_callback'])) {
foreach ($GLOBALS['TL_DCA']['tl_member']['config']['onload_callback'] as $callback) {
if (is_array($callback)) {
$this->import($callback[0]);
$this->{$callback[0]}->{$callback[1]}();
} elseif (is_callable($callback)) {
$callback();
}
}
}
// Activate account
if (\Input::get('token') != '') {
$this->activateAcount();
return;
}
if ($this->memberTpl != '') {
/** @var FrontendTemplate|object $objTemplate */
$objTemplate = new \FrontendTemplate($this->memberTpl);
$this->Template = $objTemplate;
$this->Template->setData($this->arrData);
}
$this->Template->fields = '';
$objCaptcha = null;
$doNotSubmit = false;
$strFormId = 'tl_registration_' . $this->id;
// Predefine the group order (other groups will be appended automatically)
$arrGroups = array('personal' => array(), 'address' => array(), 'contact' => array(), 'login' => array(), 'profile' => array());
// Captcha
if (!$this->disableCaptcha) {
$arrCaptcha = array('id' => 'registration', 'label' => $GLOBALS['TL_LANG']['MSC']['securityQuestion'], 'type' => 'captcha', 'mandatory' => true, 'required' => true);
/** @var FormCaptcha $strClass */
$strClass = $GLOBALS['TL_FFL']['captcha'];
// Fallback to default if the class is not defined
if (!class_exists($strClass)) {
$strClass = 'FormCaptcha';
}
/** @var FormCaptcha $objCaptcha */
$objCaptcha = new $strClass($arrCaptcha);
if (\Input::post('FORM_SUBMIT') == $strFormId) {
$objCaptcha->validate();
if ($objCaptcha->hasErrors()) {
$doNotSubmit = true;
}
}
}
$objMember = null;
// Check for a follow-up registration (see #7992)
if (\Input::post('email', true) != '' && ($objMember = \MemberModel::findUnactivatedByEmail(\Input::post('email', true))) !== null) {
$this->resendActivationMail($objMember);
return;
}
$arrUser = array();
$arrFields = array();
$hasUpload = false;
$i = 0;
// Build form
foreach ($this->editable as $field) {
$arrData = $GLOBALS['TL_DCA']['tl_member']['fields'][$field];
// Map checkboxWizards to regular checkbox widgets
if ($arrData['inputType'] == 'checkboxWizard') {
$arrData['inputType'] = 'checkbox';
}
// Map fileTrees to upload widgets (see #8091)
if ($arrData['inputType'] == 'fileTree') {
$arrData['inputType'] = 'upload';
}
/** @var Widget $strClass */
$strClass = $GLOBALS['TL_FFL'][$arrData['inputType']];
// Continue if the class is not defined
if (!class_exists($strClass)) {
continue;
}
$arrData['eval']['required'] = $arrData['eval']['mandatory'];
// Unset the unique field check upon follow-up registrations
if ($objMember !== null && $arrData['eval']['unique'] && \Input::post($field) == $objMember->{$field}) {
$arrData['eval']['unique'] = false;
}
$objWidget = new $strClass($strClass::getAttributesFromDca($arrData, $field, $arrData['default'], '', '', $this));
$objWidget->storeValues = true;
$objWidget->rowClass = 'row_' . $i . ($i == 0 ? ' row_first' : '') . ($i % 2 == 0 ? ' even' : ' odd');
// Increase the row count if its a password field
if ($objWidget instanceof FormPassword) {
$objWidget->rowClassConfirm = 'row_' . ++$i . ($i % 2 == 0 ? ' even' : ' odd');
}
// Validate input
if (\Input::post('FORM_SUBMIT') == $strFormId) {
$objWidget->validate();
$varValue = $objWidget->value;
// Check whether the password matches the username
if ($objWidget instanceof FormPassword && \Encryption::verify(\Input::post('username'), $varValue)) {
$objWidget->addError($GLOBALS['TL_LANG']['ERR']['passwordName']);
}
$rgxp = $arrData['eval']['rgxp'];
// Convert date formats into timestamps (check the eval setting first -> #3063)
if ($varValue != '' && in_array($rgxp, array('date', 'time', 'datim'))) {
try {
$objDate = new \Date($varValue, \Date::getFormatFromRgxp($rgxp));
$varValue = $objDate->tstamp;
} catch (\OutOfBoundsException $e) {
$objWidget->addError(sprintf($GLOBALS['TL_LANG']['ERR']['invalidDate'], $varValue));
}
}
// Make sure that unique fields are unique (check the eval setting first -> #3063)
if ($arrData['eval']['unique'] && $varValue != '' && !$this->Database->isUniqueValue('tl_member', $field, $varValue)) {
$objWidget->addError(sprintf($GLOBALS['TL_LANG']['ERR']['unique'], $arrData['label'][0] ?: $field));
}
// Save callback
if ($objWidget->submitInput() && !$objWidget->hasErrors() && is_array($arrData['save_callback'])) {
foreach ($arrData['save_callback'] as $callback) {
try {
if (is_array($callback)) {
$this->import($callback[0]);
$varValue = $this->{$callback[0]}->{$callback[1]}($varValue, null);
} elseif (is_callable($callback)) {
$varValue = $callback($varValue, null);
}
} catch (\Exception $e) {
$objWidget->class = 'error';
$objWidget->addError($e->getMessage());
}
}
}
// Store the current value
if ($objWidget->hasErrors()) {
$doNotSubmit = true;
} elseif ($objWidget->submitInput()) {
// Set the correct empty value (see #6284, #6373)
if ($varValue === '') {
$varValue = $objWidget->getEmptyValue();
}
// Encrypt the value (see #7815)
if ($arrData['eval']['encrypt']) {
$varValue = \Encryption::encrypt($varValue);
}
// Set the new value
$arrUser[$field] = $varValue;
}
}
if ($objWidget instanceof \uploadable) {
$hasUpload = true;
}
$temp = $objWidget->parse();
$this->Template->fields .= $temp;
$arrFields[$arrData['eval']['feGroup']][$field] .= $temp;
++$i;
}
// Captcha
if (!$this->disableCaptcha) {
$objCaptcha->rowClass = 'row_' . $i . ($i == 0 ? ' row_first' : '') . ($i % 2 == 0 ? ' even' : ' odd');
$strCaptcha = $objCaptcha->parse();
$this->Template->fields .= $strCaptcha;
$arrFields['captcha']['captcha'] .= $strCaptcha;
}
$this->Template->rowLast = 'row_' . ++$i . ($i % 2 == 0 ? ' even' : ' odd');
$this->Template->enctype = $hasUpload ? 'multipart/form-data' : 'application/x-www-form-urlencoded';
$this->Template->hasError = $doNotSubmit;
// Create new user if there are no errors
if (\Input::post('FORM_SUBMIT') == $strFormId && !$doNotSubmit) {
$this->createNewUser($arrUser);
}
$this->Template->loginDetails = $GLOBALS['TL_LANG']['tl_member']['loginDetails'];
$this->Template->addressDetails = $GLOBALS['TL_LANG']['tl_member']['addressDetails'];
$this->Template->contactDetails = $GLOBALS['TL_LANG']['tl_member']['contactDetails'];
$this->Template->personalData = $GLOBALS['TL_LANG']['tl_member']['personalData'];
$this->Template->captchaDetails = $GLOBALS['TL_LANG']['MSC']['securityQuestion'];
// Add the groups
foreach ($arrFields as $k => $v) {
// Deprecated since Contao 4.0, to be removed in Contao 5.0
$this->Template->{$k} = $v;
$key = $k . ($k == 'personal' ? 'Data' : 'Details');
$arrGroups[$GLOBALS['TL_LANG']['tl_member'][$key]] = $v;
}
$this->Template->categories = $arrGroups;
$this->Template->formId = $strFormId;
$this->Template->slabel = \StringUtil::specialchars($GLOBALS['TL_LANG']['MSC']['register']);
$this->Template->action = \Environment::get('indexFreeRequest');
// Deprecated since Contao 4.0, to be removed in Contao 5.0
$this->Template->captcha = $arrFields['captcha']['captcha'];
}
/**
* Run the controller and parse the password template
*
* @return Response
*/
public function run()
{
/** @var BackendTemplate|object $objTemplate */
$objTemplate = new \BackendTemplate('be_password');
if (\Input::post('FORM_SUBMIT') == 'tl_password') {
$pw = \Input::postUnsafeRaw('password');
$cnf = \Input::postUnsafeRaw('confirm');
// The passwords do not match
if ($pw != $cnf) {
\Message::addError($GLOBALS['TL_LANG']['ERR']['passwordMatch']);
} elseif (Utf8::strlen($pw) < \Config::get('minPasswordLength')) {
\Message::addError(sprintf($GLOBALS['TL_LANG']['ERR']['passwordLength'], \Config::get('minPasswordLength')));
} elseif ($pw == $this->User->username) {
\Message::addError($GLOBALS['TL_LANG']['ERR']['passwordName']);
} else {
// Make sure the password has been changed
if (\Encryption::verify($pw, $this->User->password)) {
\Message::addError($GLOBALS['TL_LANG']['MSC']['pw_change']);
} else {
$this->loadDataContainer('tl_user');
// Trigger the save_callback
if (is_array($GLOBALS['TL_DCA']['tl_user']['fields']['password']['save_callback'])) {
foreach ($GLOBALS['TL_DCA']['tl_user']['fields']['password']['save_callback'] as $callback) {
if (is_array($callback)) {
$this->import($callback[0]);
$pw = $this->{$callback[0]}->{$callback[1]}($pw);
} elseif (is_callable($callback)) {
$pw = $callback($pw);
}
}
}
$objUser = \UserModel::findByPk($this->User->id);
$objUser->pwChange = '';
$objUser->password = \Encryption::hash($pw);
$objUser->save();
\Message::addConfirmation($GLOBALS['TL_LANG']['MSC']['pw_changed']);
$this->redirect('contao/main.php');
}
}
$this->reload();
}
$objTemplate->theme = \Backend::getTheme();
$objTemplate->messages = \Message::generate();
$objTemplate->base = \Environment::get('base');
$objTemplate->language = $GLOBALS['TL_LANGUAGE'];
$objTemplate->title = \StringUtil::specialchars($GLOBALS['TL_LANG']['MSC']['pw_new']);
$objTemplate->charset = \Config::get('characterSet');
$objTemplate->action = ampersand(\Environment::get('request'));
$objTemplate->headline = $GLOBALS['TL_LANG']['MSC']['pw_change'];
$objTemplate->submitButton = \StringUtil::specialchars($GLOBALS['TL_LANG']['MSC']['continue']);
$objTemplate->password = $GLOBALS['TL_LANG']['MSC']['password'][0];
$objTemplate->confirm = $GLOBALS['TL_LANG']['MSC']['confirm'][0];
return $objTemplate->getResponse();
}
/**
* Generate the module
*/
protected function compile()
{
// Show logout form
if (FE_USER_LOGGED_IN) {
$this->import('FrontendUser', 'User');
$this->Template->logout = true;
$this->Template->formId = 'tl_logout_' . $this->id;
$this->Template->slabel = \StringUtil::specialchars($GLOBALS['TL_LANG']['MSC']['logout']);
$this->Template->loggedInAs = sprintf($GLOBALS['TL_LANG']['MSC']['loggedInAs'], $this->User->username);
$this->Template->action = ampersand(\Environment::get('indexFreeRequest'));
if ($this->User->lastLogin > 0) {
/** @var PageModel $objPage */
global $objPage;
$this->Template->lastLogin = sprintf($GLOBALS['TL_LANG']['MSC']['lastLogin'][1], \Date::parse($objPage->datimFormat, $this->User->lastLogin));
}
return;
}
$blnHasError = false;
if (isset($_SESSION['MESSAGES'][TL_MODE]['TL_ERROR'])) {
$blnHasError = true;
$_SESSION['LOGIN_ERROR'] = $_SESSION['MESSAGES'][TL_MODE]['TL_ERROR'][0];
unset($_SESSION['MESSAGES'][TL_MODE]['TL_ERROR']);
}
if (isset($_SESSION['LOGIN_ERROR'])) {
$blnHasError = true;
$this->Template->message = $_SESSION['LOGIN_ERROR'];
}
$this->Template->hasError = $blnHasError;
$this->Template->username = $GLOBALS['TL_LANG']['MSC']['username'];
$this->Template->password = $GLOBALS['TL_LANG']['MSC']['password'][0];
$this->Template->action = ampersand(\Environment::get('indexFreeRequest'));
$this->Template->slabel = \StringUtil::specialchars($GLOBALS['TL_LANG']['MSC']['login']);
$this->Template->value = \StringUtil::specialchars(\Input::post('username'));
$this->Template->formId = 'tl_login_' . $this->id;
$this->Template->autologin = $this->autologin && \Config::get('autologin') > 0;
$this->Template->autoLabel = $GLOBALS['TL_LANG']['MSC']['autologin'];
}
