/**
* Exempt folders from the synchronisation (see #4522)
*
* @param \RecursiveIterator $iterator The iterator object
*/
public function __construct(\RecursiveIterator $iterator)
{
if (\Config::get('fileSyncExclude') != '') {
$this->arrExempt = array_map(function ($e) {
return \Config::get('uploadPath') . '/' . $e;
}, \StringUtil::trimsplit(',', \Config::get('fileSyncExclude')));
}
parent::__construct($iterator);
}
/**
* Change the palette of the current table and switch to edit mode
*
* @return string
*/
public function generate()
{
$this->import('BackendUser', 'User');
$GLOBALS['TL_DCA'][$this->table]['config']['closed'] = true;
$GLOBALS['TL_DCA'][$this->table]['config']['hideVersionMenu'] = true;
$GLOBALS['TL_DCA'][$this->table]['palettes'] = array('__selector__' => $GLOBALS['TL_DCA'][$this->table]['palettes']['__selector__'], 'default' => $GLOBALS['TL_DCA'][$this->table]['palettes']['login']);
$arrFields = \StringUtil::trimsplit('[,;]', $GLOBALS['TL_DCA'][$this->table]['palettes']['default']);
foreach ($arrFields as $strField) {
$GLOBALS['TL_DCA'][$this->table]['fields'][$strField]['exclude'] = false;
}
return $this->objDc->edit($this->User->id);
}
/**
* {@inheritdoc}
*/
public function run()
{
$statement = $this->connection->query("SELECT id, sections, sPosition FROM tl_layout WHERE sections!=''");
while (false !== ($layout = $statement->fetch(\PDO::FETCH_OBJ))) {
$sections = \StringUtil::trimsplit(',', $layout->sections);
if (!empty($sections) && is_array($sections)) {
$set = [];
foreach ($sections as $section) {
$set[$section] = ['title' => $section, 'id' => $section, 'template' => 'block_section', 'position' => $layout->sPosition];
}
$stmt = $this->connection->prepare('UPDATE tl_layout SET sections=:sections WHERE id=:id');
$stmt->execute([':sections' => serialize(array_values($set)), ':id' => $layout->id]);
}
}
$this->connection->query("ALTER TABLE `tl_layout` ADD `combineScripts` char(1) NOT NULL default ''");
$this->connection->query("UPDATE tl_layout SET combineScripts='1'");
}
/**
* Generate the markup for the default uploader
*
* @return string
*/
public function generateMarkup()
{
// Maximum file size in MB
$intMaxSize = round($this->getMaximumUploadSize() / 1024 / 1024);
// String of accepted file extensions
$strAccepted = implode(',', array_map(function ($a) {
return '.' . $a;
}, \StringUtil::trimsplit(',', strtolower(\Config::get('uploadTypes')))));
// Add the scripts
$GLOBALS['TL_CSS'][] = 'assets/dropzone/css/dropzone.min.css';
$GLOBALS['TL_JAVASCRIPT'][] = 'assets/dropzone/js/dropzone.min.js';
// Generate the markup
$return = '
<input type="hidden" name="action" value="fileupload">
<div class="fallback">
<input type="file" name="' . $this->strName . '[]" class="tl_upload_field" onfocus="Backend.getScrollOffset()" multiple>
</div>
<div class="dz-container">
<div class="dz-default dz-message">
<span>' . $GLOBALS['TL_LANG']['tl_files']['dropzone'] . '</span>
</div>
<div class="dropzone-previews"></div>
</div>
<script>
window.addEvent("domready", function() {
new Dropzone("#tl_files", {
paramName: "' . $this->strName . '",
maxFilesize: ' . $intMaxSize . ',
acceptedFiles: "' . $strAccepted . '",
previewsContainer: ".dropzone-previews",
uploadMultiple: true
}).on("drop", function() {
$$(".dz-message").setStyle("padding", "12px 18px 0");
});
$$("div.tl_formbody_submit").setStyle("display", "none");
});
</script>';
if (isset($GLOBALS['TL_LANG']['tl_files']['fileupload'][1])) {
$return .= '
<p class="tl_help tl_tip">' . sprintf($GLOBALS['TL_LANG']['tl_files']['fileupload'][1], \System::getReadableSize($this->getMaximumUploadSize()), \Config::get('gdMaxImgWidth') . 'x' . \Config::get('gdMaxImgHeight')) . '</p>';
}
return $return;
}
/**
* Return if the file does not exist
*
* @return string
*/
public function generate()
{
// Return if there is no file
if ($this->singleSRC == '') {
return '';
}
$objFile = \FilesModel::findByUuid($this->singleSRC);
if ($objFile === null) {
return '';
}
$allowedDownload = \StringUtil::trimsplit(',', strtolower(\Config::get('allowedDownload')));
// Return if the file type is not allowed
if (!in_array($objFile->extension, $allowedDownload)) {
return '';
}
$file = \Input::get('file', true);
// Send the file to the browser and do not send a 404 header (see #4632)
if ($file != '' && $file == $objFile->path) {
\Controller::sendFileToBrowser($file);
}
$this->singleSRC = $objFile->path;
return parent::generate();
}
/**
* Generate the widget and return it as string
*
* @return string
*/
public function generate()
{
$arrSet = array();
$arrValues = array();
$blnHasOrder = $this->orderField != '' && is_array($this->{$this->orderField});
if (!empty($this->varValue)) {
$objFiles = \FilesModel::findMultipleByUuids((array) $this->varValue);
$allowedDownload = \StringUtil::trimsplit(',', strtolower(\Config::get('allowedDownload')));
if ($objFiles !== null) {
while ($objFiles->next()) {
// File system and database seem not in sync
if (!file_exists(TL_ROOT . '/' . $objFiles->path)) {
continue;
}
$arrSet[$objFiles->id] = $objFiles->uuid;
// Show files and folders
if (!$this->isGallery && !$this->isDownloads) {
if ($objFiles->type == 'folder') {
$arrValues[$objFiles->uuid] = \Image::getHtml('folderC.svg') . ' ' . $objFiles->path;
} else {
$objFile = new \File($objFiles->path);
$strInfo = $objFiles->path . ' <span class="tl_gray">(' . $this->getReadableSize($objFile->size) . ($objFile->isImage ? ', ' . $objFile->width . 'x' . $objFile->height . ' px' : '') . ')</span>';
if ($objFile->isImage) {
$image = \Image::getPath('placeholder.svg');
if (($objFile->isSvgImage || $objFile->height <= \Config::get('gdMaxImgHeight') && $objFile->width <= \Config::get('gdMaxImgWidth')) && $objFile->viewWidth && $objFile->viewHeight) {
$image = \Image::get($objFiles->path, 80, 60, 'center_center');
}
$arrValues[$objFiles->uuid] = \Image::getHtml($image, '', 'class="gimage" title="' . \StringUtil::specialchars($strInfo) . '"');
} else {
$arrValues[$objFiles->uuid] = \Image::getHtml($objFile->icon) . ' ' . $strInfo;
}
}
} else {
if ($objFiles->type == 'folder') {
$objSubfiles = \FilesModel::findByPid($objFiles->uuid);
if ($objSubfiles === null) {
continue;
}
while ($objSubfiles->next()) {
// Skip subfolders
if ($objSubfiles->type == 'folder') {
continue;
}
$objFile = new \File($objSubfiles->path);
$strInfo = '<span class="dirname">' . dirname($objSubfiles->path) . '/</span>' . $objFile->basename . ' <span class="tl_gray">(' . $this->getReadableSize($objFile->size) . ($objFile->isImage ? ', ' . $objFile->width . 'x' . $objFile->height . ' px' : '') . ')</span>';
if ($this->isGallery) {
// Only show images
if ($objFile->isImage) {
$image = \Image::getPath('placeholder.svg');
if (($objFile->isSvgImage || $objFile->height <= \Config::get('gdMaxImgHeight') && $objFile->width <= \Config::get('gdMaxImgWidth')) && $objFile->viewWidth && $objFile->viewHeight) {
$image = \Image::get($objSubfiles->path, 80, 60, 'center_center');
}
$arrValues[$objSubfiles->uuid] = \Image::getHtml($image, '', 'class="gimage" title="' . \StringUtil::specialchars($strInfo) . '"');
}
} else {
// Only show allowed download types
if (in_array($objFile->extension, $allowedDownload) && !preg_match('/^meta(_[a-z]{2})?\\.txt$/', $objFile->basename)) {
$arrValues[$objSubfiles->uuid] = \Image::getHtml($objFile->icon) . ' ' . $strInfo;
}
}
}
} else {
$objFile = new \File($objFiles->path);
$strInfo = '<span class="dirname">' . dirname($objFiles->path) . '/</span>' . $objFile->basename . ' <span class="tl_gray">(' . $this->getReadableSize($objFile->size) . ($objFile->isImage ? ', ' . $objFile->width . 'x' . $objFile->height . ' px' : '') . ')</span>';
if ($this->isGallery) {
// Only show images
if ($objFile->isImage) {
$image = \Image::getPath('placeholder.svg');
if (($objFile->isSvgImage || $objFile->height <= \Config::get('gdMaxImgHeight') && $objFile->width <= \Config::get('gdMaxImgWidth')) && $objFile->viewWidth && $objFile->viewHeight) {
$image = \Image::get($objFiles->path, 80, 60, 'center_center');
}
$arrValues[$objFiles->uuid] = \Image::getHtml($image, '', 'class="gimage removable" title="' . \StringUtil::specialchars($strInfo) . '"');
}
} else {
// Only show allowed download types
if (in_array($objFile->extension, $allowedDownload) && !preg_match('/^meta(_[a-z]{2})?\\.txt$/', $objFile->basename)) {
$arrValues[$objFiles->uuid] = \Image::getHtml($objFile->icon) . ' ' . $strInfo;
}
}
}
}
}
}
// Apply a custom sort order
if ($blnHasOrder) {
$arrNew = array();
foreach ((array) $this->{$this->orderField} as $i) {
if (isset($arrValues[$i])) {
$arrNew[$i] = $arrValues[$i];
unset($arrValues[$i]);
}
}
if (!empty($arrValues)) {
foreach ($arrValues as $k => $v) {
$arrNew[$k] = $v;
}
}
$arrValues = $arrNew;
unset($arrNew);
}
}
// Convert the binary UUIDs
$strSet = implode(',', array_map('StringUtil::binToUuid', $arrSet));
$strOrder = $blnHasOrder ? implode(',', array_map('StringUtil::binToUuid', $this->{$this->orderField})) : '';
$return = '<input type="hidden" name="' . $this->strName . '" id="ctrl_' . $this->strId . '" value="' . $strSet . '">' . ($blnHasOrder ? '
<input type="hidden" name="' . $this->strOrderName . '" id="ctrl_' . $this->strOrderId . '" value="' . $strOrder . '">' : '') . '
<div class="selector_container">' . ($blnHasOrder && count($arrValues) > 1 ? '
<p class="sort_hint">' . $GLOBALS['TL_LANG']['MSC']['dragItemsHint'] . '</p>' : '') . '
<ul id="sort_' . $this->strId . '" class="' . trim(($blnHasOrder ? 'sortable ' : '') . ($this->isGallery ? 'sgallery' : '')) . '">';
foreach ($arrValues as $k => $v) {
$return .= '<li data-id="' . \StringUtil::binToUuid($k) . '">' . $v . '</li>';
}
$return .= '</ul>
<p><a href="contao/file.php?do=' . \Input::get('do') . '&table=' . $this->strTable . '&field=' . $this->strField . '&act=show&id=' . $this->activeRecord->id . '&value=' . implode(',', array_keys($arrSet)) . '&rt=' . REQUEST_TOKEN . '" class="tl_submit" onclick="Backend.getScrollOffset();Backend.openModalSelector({\'width\':768,\'title\':\'' . \StringUtil::specialchars(str_replace("'", "\\'", $GLOBALS['TL_DCA'][$this->strTable]['fields'][$this->strField]['label'][0])) . '\',\'url\':this.href,\'id\':\'' . $this->strId . '\'});return false">' . $GLOBALS['TL_LANG']['MSC']['changeSelection'] . '</a></p>' . ($blnHasOrder ? '
<script>Backend.makeMultiSrcSortable("sort_' . $this->strId . '", "ctrl_' . $this->strOrderId . '", "ctrl_' . $this->strId . '")</script>' : '') . '
</div>';
if (!\Environment::get('isAjaxRequest')) {
$return = '<div>' . $return . '</div>';
}
return $return;
}
/**
* Create a new object to handle an image
*
* @param File $file A file instance of the original image
*
* @throws \InvalidArgumentException If the file does not exists or cannot be processed
*/
public function __construct(File $file)
{
// Check whether the file exists
if (!$file->exists()) {
// Handle public bundle resources
if (file_exists(TL_ROOT . '/web/' . $file->path)) {
$file = new \File('web/' . $file->path);
} else {
throw new \InvalidArgumentException('Image "' . $file->path . '" could not be found');
}
}
$this->fileObj = $file;
$arrAllowedTypes = \StringUtil::trimsplit(',', strtolower(\Config::get('validImageTypes')));
// Check the file type
if (!in_array($this->fileObj->extension, $arrAllowedTypes)) {
throw new \InvalidArgumentException('Image type "' . $this->fileObj->extension . '" was not allowed to be processed');
}
}
/**
* Return all layout sections as array
*
* @return array
*/
public function getLayoutSections()
{
$arrCustom = array();
$arrSections = array('header', 'left', 'right', 'main', 'footer');
// Check for custom layout sections
$objLayout = $this->Database->query("SELECT sections FROM tl_layout WHERE sections!=''");
while ($objLayout->next()) {
$arrCustom = array_merge($arrCustom, StringUtil::trimsplit(',', $objLayout->sections));
}
$arrCustom = array_unique($arrCustom);
// Add the custom layout sections
if (!empty($arrCustom) && is_array($arrCustom)) {
$arrSections = array_merge($arrSections, $arrCustom);
}
return $arrSections;
}
/**
* Check the uploaded files and move them to the target directory
*
* @param string $strTarget
*
* @return array
*
* @throws \Exception
*/
public function uploadTo($strTarget)
{
if ($strTarget == '' || \Validator::isInsecurePath($strTarget)) {
throw new \InvalidArgumentException('Invalid target path ' . $strTarget);
}
$maxlength_kb = $this->getMaximumUploadSize();
$maxlength_kb_readable = $this->getReadableSize($maxlength_kb);
$arrUploaded = array();
$arrFiles = $this->getFilesFromGlobal();
foreach ($arrFiles as $file) {
// Sanitize the filename
try {
$file['name'] = \StringUtil::sanitizeFileName($file['name']);
} catch (\InvalidArgumentException $e) {
\Message::addError($GLOBALS['TL_LANG']['ERR']['filename']);
$this->blnHasError = true;
continue;
}
// Invalid file name
if (!\Validator::isValidFileName($file['name'])) {
\Message::addError($GLOBALS['TL_LANG']['ERR']['filename']);
$this->blnHasError = true;
} elseif (!is_uploaded_file($file['tmp_name'])) {
if ($file['error'] == 1 || $file['error'] == 2) {
\Message::addError(sprintf($GLOBALS['TL_LANG']['ERR']['filesize'], $maxlength_kb_readable));
$this->log('File "' . $file['name'] . '" exceeds the maximum file size of ' . $maxlength_kb_readable, __METHOD__, TL_ERROR);
$this->blnHasError = true;
} elseif ($file['error'] == 3) {
\Message::addError(sprintf($GLOBALS['TL_LANG']['ERR']['filepartial'], $file['name']));
$this->log('File "' . $file['name'] . '" was only partially uploaded', __METHOD__, TL_ERROR);
$this->blnHasError = true;
} elseif ($file['error'] > 0) {
\Message::addError(sprintf($GLOBALS['TL_LANG']['ERR']['fileerror'], $file['error'], $file['name']));
$this->log('File "' . $file['name'] . '" could not be uploaded (error ' . $file['error'] . ')', __METHOD__, TL_ERROR);
$this->blnHasError = true;
}
} elseif ($file['size'] > $maxlength_kb) {
\Message::addError(sprintf($GLOBALS['TL_LANG']['ERR']['filesize'], $maxlength_kb_readable));
$this->log('File "' . $file['name'] . '" exceeds the maximum file size of ' . $maxlength_kb_readable, __METHOD__, TL_ERROR);
$this->blnHasError = true;
} else {
$strExtension = strtolower(substr($file['name'], strrpos($file['name'], '.') + 1));
// File type not allowed
if (!in_array($strExtension, \StringUtil::trimsplit(',', strtolower(\Config::get('uploadTypes'))))) {
\Message::addError(sprintf($GLOBALS['TL_LANG']['ERR']['filetype'], $strExtension));
$this->log('File type "' . $strExtension . '" is not allowed to be uploaded (' . $file['name'] . ')', __METHOD__, TL_ERROR);
$this->blnHasError = true;
} else {
$this->import('Files');
$strNewFile = $strTarget . '/' . $file['name'];
// Set CHMOD and resize if neccessary
if ($this->Files->move_uploaded_file($file['tmp_name'], $strNewFile)) {
$this->Files->chmod($strNewFile, \Config::get('defaultFileChmod'));
$blnResized = $this->resizeUploadedImage($strNewFile);
// Notify the user
if (!$blnResized) {
\Message::addConfirmation(sprintf($GLOBALS['TL_LANG']['MSC']['fileUploaded'], $file['name']));
$this->log('File "' . $file['name'] . '" uploaded successfully', __METHOD__, TL_FILES);
}
$arrUploaded[] = $strNewFile;
}
}
}
}
return $arrUploaded;
}
/**
* Create a format definition and insert it into the database
*
* @param array $arrDefinition
*/
protected function createDefinition($arrDefinition)
{
$arrSet = array('pid' => $arrDefinition['pid'], 'sorting' => $arrDefinition['sorting'], 'tstamp' => time(), 'comment' => $arrDefinition['comment'], 'category' => $arrDefinition['category'], 'selector' => $arrDefinition['selector']);
$arrAttributes = \StringUtil::trimsplit(';', $arrDefinition['attributes']);
foreach ($arrAttributes as $strDefinition) {
// Skip empty definitions
if (trim($strDefinition) == '') {
continue;
}
// Handle keywords, variables and functions (see #7448)
if (strpos($strDefinition, 'important') !== false || strpos($strDefinition, 'transparent') !== false || strpos($strDefinition, 'inherit') !== false || strpos($strDefinition, '$') !== false || strpos($strDefinition, '(') !== false) {
$arrSet['own'][] = $strDefinition;
continue;
}
$arrChunks = array_map('trim', explode(':', $strDefinition, 2));
$strKey = strtolower($arrChunks[0]);
switch ($strKey) {
case 'width':
case 'height':
if ($arrChunks[1] == 'auto') {
$strUnit = '';
$varValue = 'auto';
} else {
$strUnit = preg_replace('/[^acehimnprtvwx%]/', '', $arrChunks[1]);
$varValue = preg_replace('/[^0-9.-]+/', '', $arrChunks[1]);
}
$arrSet['size'] = 1;
$arrSet[$strKey]['value'] = $varValue;
$arrSet[$strKey]['unit'] = $strUnit;
break;
case 'min-width':
case 'min-height':
$strName = str_replace('-', '', $strKey);
if ($arrChunks[1] == 'inherit') {
$strUnit = '';
$varValue = 'inherit';
} else {
$strUnit = preg_replace('/[^acehimnprtvwx%]/', '', $arrChunks[1]);
$varValue = preg_replace('/[^0-9.-]+/', '', $arrChunks[1]);
}
$arrSet['size'] = 1;
$arrSet[$strName]['value'] = $varValue;
$arrSet[$strName]['unit'] = $strUnit;
break;
case 'max-width':
case 'max-height':
$strName = str_replace('-', '', $strKey);
if ($arrChunks[1] == 'inherit' || $arrChunks[1] == 'none') {
$strUnit = '';
$varValue = $arrChunks[1];
} else {
$strUnit = preg_replace('/[^acehimnprtvwx%]/', '', $arrChunks[1]);
$varValue = preg_replace('/[^0-9.-]+/', '', $arrChunks[1]);
}
$arrSet['size'] = 1;
$arrSet[$strName]['value'] = $varValue;
$arrSet[$strName]['unit'] = $strUnit;
break;
case 'top':
case 'right':
case 'bottom':
case 'left':
if ($arrChunks[1] == 'auto') {
$strUnit = '';
$varValue = 'auto';
} elseif (isset($arrSet['trbl']['unit'])) {
$arrSet['own'][] = $strDefinition;
break;
} else {
$strUnit = preg_replace('/[^acehimnprtvwx%]/', '', $arrChunks[1]);
$varValue = preg_replace('/[^0-9.-]+/', '', $arrChunks[1]);
}
$arrSet['positioning'] = 1;
$arrSet['trbl'][$strKey] = $varValue;
if ($strUnit != '') {
$arrSet['trbl']['unit'] = $strUnit;
}
break;
case 'position':
case 'overflow':
case 'clear':
case 'display':
$arrSet['positioning'] = 1;
$arrSet[$strKey] = $arrChunks[1];
break;
case 'float':
$arrSet['positioning'] = 1;
$arrSet['floating'] = $arrChunks[1];
break;
case 'margin':
case 'padding':
$arrSet['alignment'] = 1;
$arrTRBL = preg_split('/\\s+/', $arrChunks[1]);
$arrUnits = array();
switch (count($arrTRBL)) {
case 1:
if ($arrTRBL[0] == 'auto') {
$strUnit = '';
$varValue = 'auto';
} else {
$strUnit = preg_replace('/[^acehimnprtvwx%]/', '', $arrTRBL[0]);
$varValue = preg_replace('/[^0-9.-]+/', '', $arrTRBL[0]);
}
$arrSet[$strKey] = array('top' => $varValue, 'right' => $varValue, 'bottom' => $varValue, 'left' => $varValue, 'unit' => $strUnit);
break;
case 2:
if ($arrTRBL[0] == 'auto') {
$varValue_1 = 'auto';
} else {
$arrUnits[] = preg_replace('/[^acehimnprtvwx%]/', '', $arrTRBL[0]);
$varValue_1 = preg_replace('/[^0-9.-]+/', '', $arrTRBL[0]);
}
if ($arrTRBL[1] == 'auto') {
$varValue_2 = 'auto';
} else {
$arrUnits[] = preg_replace('/[^acehimnprtvwx%]/', '', $arrTRBL[1]);
$varValue_2 = preg_replace('/[^0-9.-]+/', '', $arrTRBL[1]);
}
// Move to custom section if there are different units
if (count(array_filter(array_unique($arrUnits))) > 1) {
$arrSet['alignment'] = '';
$arrSet['own'][] = $strDefinition;
break;
}
$arrSet[$strKey] = array('top' => $varValue_1, 'right' => $varValue_2, 'bottom' => $varValue_1, 'left' => $varValue_2, 'unit' => '');
// Overwrite the unit
foreach ($arrUnits as $strUnit) {
if ($strUnit != '') {
$arrSet[$strKey]['unit'] = $strUnit;
break;
}
}
break;
case 3:
if ($arrTRBL[0] == 'auto') {
$varValue_1 = 'auto';
} else {
$arrUnits[] = preg_replace('/[^acehimnprtvwx%]/', '', $arrTRBL[0]);
$varValue_1 = preg_replace('/[^0-9.-]+/', '', $arrTRBL[0]);
}
if ($arrTRBL[1] == 'auto') {
$varValue_2 = 'auto';
} else {
$arrUnits[] = preg_replace('/[^acehimnprtvwx%]/', '', $arrTRBL[1]);
$varValue_2 = preg_replace('/[^0-9.-]+/', '', $arrTRBL[1]);
}
if ($arrTRBL[2] == 'auto') {
$varValue_3 = 'auto';
} else {
$arrUnits[] = preg_replace('/[^acehimnprtvwx%]/', '', $arrTRBL[2]);
$varValue_3 = preg_replace('/[^0-9.-]+/', '', $arrTRBL[2]);
}
// Move to custom section if there are different units
if (count(array_filter(array_unique($arrUnits))) > 1) {
$arrSet['alignment'] = '';
$arrSet['own'][] = $strDefinition;
break;
}
$arrSet[$strKey] = array('top' => $varValue_1, 'right' => $varValue_2, 'bottom' => $varValue_3, 'left' => $varValue_2, 'unit' => '');
// Overwrite the unit
foreach ($arrUnits as $strUnit) {
if ($strUnit != '') {
$arrSet[$strKey]['unit'] = $strUnit;
break;
}
}
break;
case 4:
if ($arrTRBL[0] == 'auto') {
$varValue_1 = 'auto';
} else {
$arrUnits[] = preg_replace('/[^acehimnprtvwx%]/', '', $arrTRBL[0]);
$varValue_1 = preg_replace('/[^0-9.-]+/', '', $arrTRBL[0]);
}
if ($arrTRBL[1] == 'auto') {
$varValue_2 = 'auto';
} else {
$arrUnits[] = preg_replace('/[^acehimnprtvwx%]/', '', $arrTRBL[1]);
$varValue_2 = preg_replace('/[^0-9.-]+/', '', $arrTRBL[1]);
}
if ($arrTRBL[2] == 'auto') {
$varValue_3 = 'auto';
} else {
$arrUnits[] = preg_replace('/[^acehimnprtvwx%]/', '', $arrTRBL[2]);
$varValue_3 = preg_replace('/[^0-9.-]+/', '', $arrTRBL[2]);
}
if ($arrTRBL[3] == 'auto') {
$varValue_4 = 'auto';
} else {
$arrUnits[] = preg_replace('/[^acehimnprtvwx%]/', '', $arrTRBL[3]);
$varValue_4 = preg_replace('/[^0-9.-]+/', '', $arrTRBL[3]);
}
// Move to custom section if there are different units
if (count(array_filter(array_unique($arrUnits))) > 1) {
$arrSet['alignment'] = '';
$arrSet['own'][] = $strDefinition;
break;
}
$arrSet[$strKey] = array('top' => $varValue_1, 'right' => $varValue_2, 'bottom' => $varValue_3, 'left' => $varValue_4, 'unit' => '');
// Overwrite the unit
foreach ($arrUnits as $strUnit) {
if ($strUnit != '') {
$arrSet[$strKey]['unit'] = $strUnit;
break;
}
}
break;
}
break;
case 'margin-top':
case 'margin-right':
case 'margin-bottom':
case 'margin-left':
$arrSet['alignment'] = 1;
$strName = str_replace('margin-', '', $strKey);
if ($arrChunks[1] == 'auto') {
$strUnit = '';
$varValue = 'auto';
} else {
$strUnit = preg_replace('/[^acehimnprtvwx%]/', '', $arrChunks[1]);
$varValue = preg_replace('/[^0-9.-]+/', '', $arrChunks[1]);
}
$arrSet['margin'][$strName] = $varValue;
if (empty($arrSet['margin']['unit'])) {
$arrSet['margin']['unit'] = $strUnit;
}
break;
case 'padding-top':
case 'padding-right':
case 'padding-bottom':
case 'padding-left':
$arrSet['alignment'] = 1;
$strName = str_replace('padding-', '', $strKey);
$varValue = preg_replace('/[^0-9.-]+/', '', $arrChunks[1]);
$strUnit = preg_replace('/[^acehimnprtvwx%]/', '', $arrChunks[1]);
$arrSet['padding'][$strName] = $varValue;
$arrSet['padding']['unit'] = $strUnit;
break;
case 'align':
case 'text-align':
case 'vertical-align':
case 'white-space':
$arrSet['alignment'] = 1;
$arrSet[str_replace('-', '', $strKey)] = $arrChunks[1];
break;
case 'background-color':
if (!preg_match('/^#[a-f0-9]+$/i', $arrChunks[1])) {
$arrSet['own'][] = $strDefinition;
} else {
$arrSet['background'] = 1;
$arrSet['bgcolor'] = str_replace('#', '', $arrChunks[1]);
}
break;
case 'background-image':
$url = preg_replace('/url\\(["\']?([^"\')]+)["\']?\\)/i', '$1', $arrChunks[1]);
if (strncmp($url, '-', 1) === 0) {
// Ignore vendor prefixed commands
} elseif (strncmp($url, 'radial-gradient', 15) === 0) {
$arrSet['own'][] = $strDefinition;
// radial gradients (see #4640)
} else {
$arrSet['background'] = 1;
// Handle linear gradients (see #4640)
if (strncmp($url, 'linear-gradient', 15) === 0) {
$colors = \StringUtil::trimsplit(',', preg_replace('/linear-gradient ?\\(([^\\)]+)\\)/', '$1', $url));
$arrSet['gradientAngle'] = array_shift($colors);
$arrSet['gradientColors'] = serialize($colors);
} else {
$arrSet['bgimage'] = $url;
}
}
break;
case 'background-position':
$arrSet['background'] = 1;
if (preg_match('/[0-9]+/', $arrChunks[1])) {
$arrSet['own'][] = $strDefinition;
} else {
$arrSet['bgposition'] = $arrChunks[1];
}
break;
case 'background-repeat':
$arrSet['background'] = 1;
$arrSet['bgrepeat'] = $arrChunks[1];
break;
case 'border':
if ($arrChunks[1] == 'none') {
$arrSet['own'][] = $strDefinition;
break;
}
$arrWSC = preg_split('/\\s+/', $arrChunks[1]);
if ($arrWSC[2] != '' && !preg_match('/^#[a-f0-9]+$/i', $arrWSC[2])) {
$arrSet['own'][] = $strDefinition;
break;
}
$arrSet['border'] = 1;
$varValue = preg_replace('/[^0-9.-]+/', '', $arrWSC[0]);
$strUnit = preg_replace('/[^acehimnprtvwx%]/', '', $arrWSC[0]);
$arrSet['borderwidth'] = array('top' => $varValue, 'right' => $varValue, 'bottom' => $varValue, 'left' => $varValue, 'unit' => $strUnit);
if ($arrWSC[1] != '') {
$arrSet['borderstyle'] = $arrWSC[1];
}
if ($arrWSC[2] != '') {
$arrSet['bordercolor'] = str_replace('#', '', $arrWSC[2]);
}
break;
case 'border-top':
case 'border-right':
case 'border-bottom':
case 'border-left':
if ($arrChunks[1] == 'none') {
$arrSet['own'][] = $strDefinition;
break;
}
$arrWSC = preg_split('/\\s+/', $arrChunks[1]);
if ($arrWSC[2] != '' && !preg_match('/^#[a-f0-9]+$/i', $arrWSC[2])) {
$arrSet['own'][] = $strDefinition;
break;
}
$arrSet['border'] = 1;
$strName = str_replace('border-', '', $strKey);
$varValue = preg_replace('/[^0-9.-]+/', '', $arrWSC[0]);
$strUnit = preg_replace('/[^acehimnprtvwx%]/', '', $arrWSC[0]);
if (isset($arrSet['borderwidth']['unit']) && $arrSet['borderwidth']['unit'] != $strUnit || $arrWSC[1] != '' && isset($arrSet['borderstyle']) && $arrSet['borderstyle'] != $arrWSC[1] || $arrWSC[2] != '' && isset($arrSet['bordercolor']) && $arrSet['bordercolor'] != $arrWSC[2]) {
$arrSet['own'][] = $strDefinition;
break;
}
$arrSet['borderwidth'][$strName] = preg_replace('/[^0-9.-]+/', '', $varValue);
$arrSet['borderwidth']['unit'] = $strUnit;
if ($arrWSC[1] != '') {
$arrSet['borderstyle'] = $arrWSC[1];
}
if ($arrWSC[2] != '') {
$arrSet['bordercolor'] = str_replace('#', '', $arrWSC[2]);
}
break;
case 'border-width':
$arrSet['border'] = 1;
$arrTRBL = preg_split('/\\s+/', $arrChunks[1]);
$strUnit = '';
foreach ($arrTRBL as $v) {
if ($v != 0) {
$strUnit = preg_replace('/[^acehimnprtvwx%]/', '', $arrTRBL[0]);
}
}
switch (count($arrTRBL)) {
case 1:
$varValue = preg_replace('/[^0-9.-]+/', '', $arrTRBL[0]);
$arrSet['borderwidth'] = array('top' => $varValue, 'right' => $varValue, 'bottom' => $varValue, 'left' => $varValue, 'unit' => $strUnit);
break;
case 2:
$varValue_1 = preg_replace('/[^0-9.-]+/', '', $arrTRBL[0]);
$varValue_2 = preg_replace('/[^0-9.-]+/', '', $arrTRBL[1]);
$arrSet['borderwidth'] = array('top' => $varValue_1, 'right' => $varValue_2, 'bottom' => $varValue_1, 'left' => $varValue_2, 'unit' => $strUnit);
break;
case 4:
$arrSet['borderwidth'] = array('top' => preg_replace('/[^0-9.-]+/', '', $arrTRBL[0]), 'right' => preg_replace('/[^0-9.-]+/', '', $arrTRBL[1]), 'bottom' => preg_replace('/[^0-9.-]+/', '', $arrTRBL[2]), 'left' => preg_replace('/[^0-9.-]+/', '', $arrTRBL[3]), 'unit' => $strUnit);
break;
}
break;
case 'border-color':
if (!preg_match('/^#[a-f0-9]+$/i', $arrChunks[1])) {
$arrSet['own'][] = $strDefinition;
} else {
$arrSet['border'] = 1;
$arrSet['bordercolor'] = str_replace('#', '', $arrChunks[1]);
}
break;
case 'border-radius':
$arrSet['border'] = 1;
$arrTRBL = preg_split('/\\s+/', $arrChunks[1]);
$strUnit = '';
foreach ($arrTRBL as $v) {
if ($v != 0) {
$strUnit = preg_replace('/[^acehimnprtvwx%]/', '', $arrTRBL[0]);
}
}
switch (count($arrTRBL)) {
case 1:
$varValue = preg_replace('/[^0-9.-]+/', '', $arrTRBL[0]);
$arrSet['borderradius'] = array('top' => $varValue, 'right' => $varValue, 'bottom' => $varValue, 'left' => $varValue, 'unit' => $strUnit);
break;
case 2:
$varValue_1 = preg_replace('/[^0-9.-]+/', '', $arrTRBL[0]);
$varValue_2 = preg_replace('/[^0-9.-]+/', '', $arrTRBL[1]);
$arrSet['borderradius'] = array('top' => $varValue_1, 'right' => $varValue_2, 'bottom' => $varValue_1, 'left' => $varValue_2, 'unit' => $strUnit);
break;
case 4:
$arrSet['borderradius'] = array('top' => preg_replace('/[^0-9.-]+/', '', $arrTRBL[0]), 'right' => preg_replace('/[^0-9.-]+/', '', $arrTRBL[1]), 'bottom' => preg_replace('/[^0-9.-]+/', '', $arrTRBL[2]), 'left' => preg_replace('/[^0-9.-]+/', '', $arrTRBL[3]), 'unit' => $strUnit);
break;
}
break;
case '-moz-border-radius':
case '-webkit-border-radius':
// Ignore
break;
case 'border-style':
case 'border-collapse':
$arrSet['border'] = 1;
$arrSet[str_replace('-', '', $strKey)] = $arrChunks[1];
break;
case 'border-spacing':
$arrSet['border'] = 1;
$arrSet['borderspacing'] = array('value' => preg_replace('/[^0-9.-]+/', '', $arrChunks[1]), 'unit' => preg_replace('/[^acehimnprtvwx%]/', '', $arrChunks[1]));
break;
case 'font-family':
$arrSet['font'] = 1;
$arrSet[str_replace('-', '', $strKey)] = $arrChunks[1];
break;
case 'font-size':
if (!preg_match('/[0-9]+/', $arrChunks[1])) {
$arrSet['own'][] = $strDefinition;
} else {
$arrSet['font'] = 1;
$arrSet['fontsize'] = array('value' => preg_replace('/[^0-9.-]+/', '', $arrChunks[1]), 'unit' => preg_replace('/[^acehimnprtvwx%]/', '', $arrChunks[1]));
}
break;
case 'font-weight':
if ($arrChunks[1] == 'bold' || $arrChunks[1] == 'normal') {
$arrSet['font'] = 1;
$arrSet['fontstyle'][] = $arrChunks[1];
} else {
$arrSet['own'][] = $strDefinition;
}
break;
case 'font-style':
if ($arrChunks[1] == 'italic') {
$arrSet['font'] = 1;
$arrSet['fontstyle'][] = 'italic';
} else {
$arrSet['own'][] = $strDefinition;
}
break;
case 'text-decoration':
$arrSet['font'] = 1;
switch ($arrChunks[1]) {
case 'underline':
$arrSet['fontstyle'][] = 'underline';
break;
case 'none':
$arrSet['fontstyle'][] = 'notUnderlined';
break;
case 'overline':
case 'line-through':
$arrSet['fontstyle'][] = $arrChunks[1];
break;
}
break;
case 'font-variant':
$arrSet['font'] = 1;
if ($arrChunks[1] == 'small-caps') {
$arrSet['fontstyle'][] = 'small-caps';
} else {
$arrSet['own'][] = $strDefinition;
}
break;
case 'color':
if (!preg_match('/^#[a-f0-9]+$/i', $arrChunks[1])) {
$arrSet['own'][] = $strDefinition;
} else {
$arrSet['font'] = 1;
$arrSet['fontcolor'] = str_replace('#', '', $arrChunks[1]);
}
break;
case 'line-height':
$arrSet['font'] = 1;
$arrSet['lineheight'] = array('value' => preg_replace('/[^0-9.-]+/', '', $arrChunks[1]), 'unit' => preg_replace('/[^acehimnprtvwx%]/', '', $arrChunks[1]));
break;
case 'text-transform':
$arrSet['font'] = 1;
$arrSet['texttransform'] = $arrChunks[1];
break;
case 'text-indent':
case 'letter-spacing':
case 'word-spacing':
$strName = str_replace('-', '', $strKey);
$arrSet['font'] = 1;
$arrSet[$strName] = array('value' => preg_replace('/[^0-9.-]+/', '', $arrChunks[1]), 'unit' => preg_replace('/[^acehimnprtvwx%]/', '', $arrChunks[1]));
break;
case 'list-style-type':
$arrSet['list'] = 1;
$arrSet[str_replace('-', '', $strKey)] = $arrChunks[1];
break;
case 'list-style-image':
$arrSet['list'] = 1;
$arrSet['liststyleimage'] = preg_replace('/url\\(["\']?([^"\')]+)["\']?\\)/i', '$1', $arrChunks[1]);
break;
case 'behavior':
$arrSet['own'][] = $strDefinition;
break;
default:
$blnIsOwn = true;
// Allow custom definitions
if (isset($GLOBALS['TL_HOOKS']['createDefinition']) && is_array($GLOBALS['TL_HOOKS']['createDefinition'])) {
foreach ($GLOBALS['TL_HOOKS']['createDefinition'] as $callback) {
$this->import($callback[0]);
$arrTemp = $this->{$callback[0]}->{$callback[1]}($strKey, $arrChunks[1], $strDefinition, $arrSet);
if ($arrTemp && is_array($arrTemp)) {
$blnIsOwn = false;
$arrSet = array_merge($arrSet, $arrTemp);
}
}
}
// Unknown definition
if ($blnIsOwn) {
$arrSet['own'][] = $strDefinition;
}
break;
}
}
if (!empty($arrSet['own'])) {
$arrSet['own'] = implode(";\n", $arrSet['own']) . ';';
}
$this->Database->prepare("INSERT INTO tl_style %s")->set($arrSet)->execute();
}
/**
* Check if a file or folder is excluded from synchronization
*
* @param string $strPath The relative path
*
* @return bool True if the file or folder is excluded from synchronization
*/
protected static function isFileSyncExclude($strPath)
{
if (\Config::get('uploadPath') == 'templates') {
return true;
}
if (is_file(TL_ROOT . '/' . $strPath)) {
$strPath = dirname($strPath);
}
// Outside the files directory
if (strncmp($strPath . '/', \Config::get('uploadPath') . '/', strlen(\Config::get('uploadPath')) + 1) !== 0) {
return true;
}
// Check the excluded folders
if (\Config::get('fileSyncExclude') != '') {
$arrExempt = array_map(function ($e) {
return \Config::get('uploadPath') . '/' . $e;
}, \StringUtil::trimsplit(',', \Config::get('fileSyncExclude')));
foreach ($arrExempt as $strExempt) {
if (strncmp($strExempt . '/', $strPath . '/', strlen($strExempt) + 1) === 0) {
return true;
}
}
}
return false;
}
/**
* Return all active layout sections as array
*
* @param DataContainer $dc
*
* @return array
*/
public function getActiveLayoutSections(DataContainer $dc)
{
// Show only active sections
if ($dc->activeRecord->pid) {
$arrSections = array();
$objPage = PageModel::findWithDetails($dc->activeRecord->pid);
// Get the layout sections
foreach (array('layout', 'mobileLayout') as $key) {
if (!$objPage->{$key}) {
continue;
}
$objLayout = LayoutModel::findByPk($objPage->{$key});
if ($objLayout === null) {
continue;
}
$arrModules = StringUtil::deserialize($objLayout->modules);
if (empty($arrModules) || !is_array($arrModules)) {
continue;
}
// Find all sections with an article module (see #6094)
foreach ($arrModules as $arrModule) {
if ($arrModule['mod'] == 0 && $arrModule['enable']) {
$arrSections[] = $arrModule['col'];
}
}
}
} else {
$arrSections = array('header', 'left', 'right', 'main', 'footer');
$objLayout = $this->Database->query("SELECT sections FROM tl_layout WHERE sections!=''");
while ($objLayout->next()) {
$arrCustom = StringUtil::trimsplit(',', $objLayout->sections);
// Add the custom layout sections
if (!empty($arrCustom) && is_array($arrCustom)) {
$arrSections = array_merge($arrSections, $arrCustom);
}
}
}
return array_values(array_unique($arrSections));
}
/**
* Return an array that can be used by the database installer
*
* @return array The data array
*/
public function getDbInstallerArray()
{
$return = array();
// Fields
foreach ($this->arrFields as $k => $v) {
if (is_array($v)) {
if (!isset($v['name'])) {
$v['name'] = $k;
}
$return['SCHEMA_FIELDS'][$k] = $v;
} else {
$return['TABLE_FIELDS'][$k] = '`' . $k . '` ' . $v;
}
}
$quote = function ($item) {
return '`' . $item . '`';
};
// Keys
foreach ($this->arrKeys as $k => $v) {
// Handle multi-column indexes (see #5556)
if (strpos($k, ',') !== false) {
$f = array_map($quote, \StringUtil::trimsplit(',', $k));
$k = str_replace(',', '_', $k);
} else {
$f = array($quote($k));
}
// Handle key lengths (see #221)
if (preg_match('/\\([0-9]+\\)/', $v)) {
list($v, $length) = explode('(', rtrim($v, ')'));
$f = array($quote($k) . '(' . $length . ')');
}
if ($v == 'primary') {
$k = 'PRIMARY';
$v = 'PRIMARY KEY (' . implode(', ', $f) . ')';
} elseif ($v == 'index') {
$v = 'KEY `' . $k . '` (' . implode(', ', $f) . ')';
} else {
$v = strtoupper($v) . ' KEY `' . $k . '` (' . implode(', ', $f) . ')';
}
$return['TABLE_CREATE_DEFINITIONS'][$k] = $v;
}
$return['TABLE_OPTIONS'] = '';
// Options
foreach ($this->arrMeta as $k => $v) {
if ($k == 'engine') {
$return['TABLE_OPTIONS'] .= ' ENGINE=' . $v;
} elseif ($k == 'charset') {
$return['TABLE_OPTIONS'] .= ' DEFAULT CHARSET=' . $v;
}
}
return $return;
}
/**
* Create a new template
*
* @return string
*/
public function addNewTemplate()
{
$arrAllTemplates = array();
$arrAllowed = StringUtil::trimsplit(',', strtolower(Config::get('templateFiles')));
/** @var SplFileInfo[] $files */
$files = System::getContainer()->get('contao.resource_finder')->findIn('templates')->files()->name('/\\.(' . implode('|', $arrAllowed) . ')$/');
foreach ($files as $file) {
$strRelpath = str_replace(TL_ROOT . DIRECTORY_SEPARATOR, '', $file->getPathname());
$strModule = preg_replace('@^(vendor|system/modules)/([^/]+(/.*-bundle)?)/.*$@', '$2', strtr($strRelpath, '\\', '/'));
$arrAllTemplates[$strModule][$strRelpath] = basename($strRelpath);
}
$strError = '';
// Copy an existing template
if (Input::post('FORM_SUBMIT') == 'tl_create_template') {
$strOriginal = Input::post('original', true);
if (Validator::isInsecurePath($strOriginal)) {
throw new RuntimeException('Invalid path ' . $strOriginal);
}
$strTarget = Input::post('target', true);
if (Validator::isInsecurePath($strTarget)) {
throw new RuntimeException('Invalid path ' . $strTarget);
}
// Validate the target path
if (strncmp($strTarget, 'templates', 9) !== 0 || !is_dir(TL_ROOT . '/' . $strTarget)) {
$strError = sprintf($GLOBALS['TL_LANG']['tl_templates']['invalid'], $strTarget);
} else {
$blnFound = false;
// Validate the source path
foreach ($arrAllTemplates as $arrTemplates) {
if (isset($arrTemplates[$strOriginal])) {
$blnFound = true;
break;
}
}
if (!$blnFound) {
$strError = sprintf($GLOBALS['TL_LANG']['tl_templates']['invalid'], $strOriginal);
} else {
$strTarget .= '/' . basename($strOriginal);
// Check whether the target file exists
if (file_exists(TL_ROOT . '/' . $strTarget)) {
$strError = sprintf($GLOBALS['TL_LANG']['tl_templates']['exists'], $strTarget);
} else {
$this->import('Files');
$this->Files->copy($strOriginal, $strTarget);
$this->redirect($this->getReferer());
}
}
}
}
$strAllTemplates = '';
// Group the templates by module
foreach ($arrAllTemplates as $k => $v) {
$strAllTemplates .= '<optgroup label="' . $k . '">';
foreach ($v as $kk => $vv) {
$strAllTemplates .= sprintf('<option value="%s"%s>%s</option>', $kk, Input::post('original') == $kk ? ' selected="selected"' : '', $vv);
}
$strAllTemplates .= '</optgroup>';
}
// Show form
return '
<div id="tl_buttons">
<a href="' . $this->getReferer(true) . '" class="header_back" title="' . StringUtil::specialchars($GLOBALS['TL_LANG']['MSC']['backBTTitle']) . '" accesskey="b" onclick="Backend.getScrollOffset()">' . $GLOBALS['TL_LANG']['MSC']['backBT'] . '</a>
</div>' . ($strError != '' ? '
<div class="tl_message">
<p class="tl_error">' . $strError . '</p>
</div>' : '') . '
<form action="' . ampersand(Environment::get('request')) . '" id="tl_create_template" class="tl_form" method="post">
<div class="tl_formbody_edit">
<input type="hidden" name="FORM_SUBMIT" value="tl_create_template">
<input type="hidden" name="REQUEST_TOKEN" value="' . REQUEST_TOKEN . '">
<fieldset class="tl_tbox nolegend">
<div>
<h3><label for="ctrl_original">' . $GLOBALS['TL_LANG']['tl_templates']['original'][0] . '</label></h3>
<select name="original" id="ctrl_original" class="tl_select tl_chosen" onfocus="Backend.getScrollOffset()">' . $strAllTemplates . '</select>' . ($GLOBALS['TL_LANG']['tl_templates']['original'][1] && Config::get('showHelp') ? '
<p class="tl_help tl_tip">' . $GLOBALS['TL_LANG']['tl_templates']['original'][1] . '</p>' : '') . '
</div>
<div>
<h3><label for="ctrl_target">' . $GLOBALS['TL_LANG']['tl_templates']['target'][0] . '</label></h3>
<select name="target" id="ctrl_target" class="tl_select" onfocus="Backend.getScrollOffset()"><option value="templates">templates</option>' . $this->getTargetFolders('templates') . '</select>' . ($GLOBALS['TL_LANG']['tl_templates']['target'][1] && Config::get('showHelp') ? '
<p class="tl_help tl_tip">' . $GLOBALS['TL_LANG']['tl_templates']['target'][1] . '</p>' : '') . '
</div>
</fieldset>
</div>
<div class="tl_formbody_submit">
<div class="tl_submit_container">
<button type="submit" name="create" id="create" class="tl_submit" accesskey="s">' . $GLOBALS['TL_LANG']['tl_templates']['newTpl'] . '</button>
</div>
</div>
</form>';
}
/**
* Generate the content element
*/
protected function compile()
{
/** @var PageModel $objPage */
global $objPage;
$files = array();
$auxDate = array();
$objFiles = $this->objFiles;
$allowedDownload = \StringUtil::trimsplit(',', strtolower(\Config::get('allowedDownload')));
// Get all files
while ($objFiles->next()) {
// Continue if the files has been processed or does not exist
if (isset($files[$objFiles->path]) || !file_exists(TL_ROOT . '/' . $objFiles->path)) {
continue;
}
// Single files
if ($objFiles->type == 'file') {
$objFile = new \File($objFiles->path);
if (!in_array($objFile->extension, $allowedDownload) || preg_match('/^meta(_[a-z]{2})?\\.txt$/', $objFile->basename)) {
continue;
}
$arrMeta = $this->getMetaData($objFiles->meta, $objPage->language);
if (empty($arrMeta)) {
if ($this->metaIgnore) {
continue;
} elseif ($objPage->rootFallbackLanguage !== null) {
$arrMeta = $this->getMetaData($objFiles->meta, $objPage->rootFallbackLanguage);
}
}
// Use the file name as title if none is given
if ($arrMeta['title'] == '') {
$arrMeta['title'] = \StringUtil::specialchars($objFile->basename);
}
$strHref = \Environment::get('request');
// Remove an existing file parameter (see #5683)
if (preg_match('/(&(amp;)?|\\?)file=/', $strHref)) {
$strHref = preg_replace('/(&(amp;)?|\\?)file=[^&]+/', '', $strHref);
}
$strHref .= (strpos($strHref, '?') !== false ? '&' : '?') . 'file=' . \System::urlEncode($objFiles->path);
// Add the image
$files[$objFiles->path] = array('id' => $objFiles->id, 'uuid' => $objFiles->uuid, 'name' => $objFile->basename, 'title' => \StringUtil::specialchars(sprintf($GLOBALS['TL_LANG']['MSC']['download'], $objFile->basename)), 'link' => $arrMeta['title'], 'caption' => $arrMeta['caption'], 'href' => $strHref, 'filesize' => $this->getReadableSize($objFile->filesize, 1), 'icon' => \Image::getPath($objFile->icon), 'mime' => $objFile->mime, 'meta' => $arrMeta, 'extension' => $objFile->extension, 'path' => $objFile->dirname);
$auxDate[] = $objFile->mtime;
} else {
$objSubfiles = \FilesModel::findByPid($objFiles->uuid);
if ($objSubfiles === null) {
continue;
}
while ($objSubfiles->next()) {
// Skip subfolders
if ($objSubfiles->type == 'folder') {
continue;
}
$objFile = new \File($objSubfiles->path);
if (!in_array($objFile->extension, $allowedDownload) || preg_match('/^meta(_[a-z]{2})?\\.txt$/', $objFile->basename)) {
continue;
}
$arrMeta = $this->getMetaData($objSubfiles->meta, $objPage->language);
if (empty($arrMeta)) {
if ($this->metaIgnore) {
continue;
} elseif ($objPage->rootFallbackLanguage !== null) {
$arrMeta = $this->getMetaData($objSubfiles->meta, $objPage->rootFallbackLanguage);
}
}
// Use the file name as title if none is given
if ($arrMeta['title'] == '') {
$arrMeta['title'] = \StringUtil::specialchars($objFile->basename);
}
$strHref = \Environment::get('request');
// Remove an existing file parameter (see #5683)
if (preg_match('/(&(amp;)?|\\?)file=/', $strHref)) {
$strHref = preg_replace('/(&(amp;)?|\\?)file=[^&]+/', '', $strHref);
}
$strHref .= (strpos($strHref, '?') !== false ? '&' : '?') . 'file=' . \System::urlEncode($objSubfiles->path);
// Add the image
$files[$objSubfiles->path] = array('id' => $objSubfiles->id, 'uuid' => $objSubfiles->uuid, 'name' => $objFile->basename, 'title' => \StringUtil::specialchars(sprintf($GLOBALS['TL_LANG']['MSC']['download'], $objFile->basename)), 'link' => $arrMeta['title'], 'caption' => $arrMeta['caption'], 'href' => $strHref, 'filesize' => $this->getReadableSize($objFile->filesize, 1), 'icon' => \Image::getPath($objFile->icon), 'mime' => $objFile->mime, 'meta' => $arrMeta, 'extension' => $objFile->extension, 'path' => $objFile->dirname);
$auxDate[] = $objFile->mtime;
}
}
}
// Sort array
switch ($this->sortBy) {
default:
case 'name_asc':
uksort($files, 'basename_natcasecmp');
break;
case 'name_desc':
uksort($files, 'basename_natcasercmp');
break;
case 'date_asc':
array_multisort($files, SORT_NUMERIC, $auxDate, SORT_ASC);
break;
case 'date_desc':
array_multisort($files, SORT_NUMERIC, $auxDate, SORT_DESC);
break;
// Deprecated since Contao 4.0, to be removed in Contao 5.0
// Deprecated since Contao 4.0, to be removed in Contao 5.0
case 'meta':
@trigger_error('The "meta" key in ContentDownloads::compile() has been deprecated and will no longer work in Contao 5.0.', E_USER_DEPRECATED);
// no break;
// no break;
case 'custom':
if ($this->orderSRC != '') {
$tmp = \StringUtil::deserialize($this->orderSRC);
if (!empty($tmp) && is_array($tmp)) {
// Remove all values
$arrOrder = array_map(function () {
}, array_flip($tmp));
// Move the matching elements to their position in $arrOrder
foreach ($files as $k => $v) {
if (array_key_exists($v['uuid'], $arrOrder)) {
$arrOrder[$v['uuid']] = $v;
unset($files[$k]);
}
}
// Append the left-over files at the end
if (!empty($files)) {
$arrOrder = array_merge($arrOrder, array_values($files));
}
// Remove empty (unreplaced) entries
$files = array_values(array_filter($arrOrder));
unset($arrOrder);
}
}
break;
case 'random':
shuffle($files);
break;
}
$this->Template->files = array_values($files);
}
/**
* Replace insert tags with their values
*
* @param string $strBuffer The text with the tags to be replaced
* @param boolean $blnCache If false, non-cacheable tags will be replaced
*
* @return string The text with the replaced tags
*/
protected function doReplace($strBuffer, $blnCache)
{
/** @var PageModel $objPage */
global $objPage;
// Preserve insert tags
if (\Config::get('disableInsertTags')) {
return \StringUtil::restoreBasicEntities($strBuffer);
}
$tags = preg_split('/{{([^{}]+)}}/', $strBuffer, -1, PREG_SPLIT_DELIM_CAPTURE);
if (count($tags) < 2) {
return \StringUtil::restoreBasicEntities($strBuffer);
}
$strBuffer = '';
// Create one cache per cache setting (see #7700)
static $arrItCache;
$arrCache =& $arrItCache[$blnCache];
for ($_rit = 0, $_cnt = count($tags); $_rit < $_cnt; $_rit += 2) {
$strBuffer .= $tags[$_rit];
$strTag = $tags[$_rit + 1];
// Skip empty tags
if ($strTag == '') {
continue;
}
$flags = explode('|', $strTag);
$tag = array_shift($flags);
$elements = explode('::', $tag);
// Load the value from cache
if (isset($arrCache[$strTag]) && !in_array('refresh', $flags)) {
$strBuffer .= $arrCache[$strTag];
continue;
}
// Skip certain elements if the output will be cached
if ($blnCache) {
if ($elements[0] == 'date' || $elements[0] == 'ua' || $elements[0] == 'post' || $elements[0] == 'file' || $elements[1] == 'back' || $elements[1] == 'referer' || $elements[0] == 'request_token' || $elements[0] == 'toggle_view' || strncmp($elements[0], 'cache_', 6) === 0 || in_array('uncached', $flags)) {
$strBuffer .= '{{' . $strTag . '}}';
continue;
}
}
$arrCache[$strTag] = '';
// Replace the tag
switch (strtolower($elements[0])) {
// Date
case 'date':
$arrCache[$strTag] = \Date::parse($elements[1] ?: \Config::get('dateFormat'));
break;
// Accessibility tags
// Accessibility tags
case 'lang':
if ($elements[1] == '') {
$arrCache[$strTag] = '</span>';
} else {
$arrCache[$strTag] = $arrCache[$strTag] = '<span lang="' . $elements[1] . '">';
}
break;
// Line break
// Line break
case 'br':
$arrCache[$strTag] = '<br>';
break;
// E-mail addresses
// E-mail addresses
case 'email':
case 'email_open':
case 'email_url':
if ($elements[1] == '') {
$arrCache[$strTag] = '';
break;
}
$strEmail = \StringUtil::encodeEmail($elements[1]);
// Replace the tag
switch (strtolower($elements[0])) {
case 'email':
$arrCache[$strTag] = '<a href="mailto:' . $strEmail . '" class="email">' . preg_replace('/\\?.*$/', '', $strEmail) . '</a>';
break;
case 'email_open':
$arrCache[$strTag] = '<a href="mailto:' . $strEmail . '" title="' . $strEmail . '" class="email">';
break;
case 'email_url':
$arrCache[$strTag] = $strEmail;
break;
}
break;
// Label tags
// Label tags
case 'label':
$keys = explode(':', $elements[1]);
if (count($keys) < 2) {
$arrCache[$strTag] = '';
break;
}
$file = $keys[0];
// Map the key (see #7217)
switch ($file) {
case 'CNT':
$file = 'countries';
break;
case 'LNG':
$file = 'languages';
break;
case 'MOD':
case 'FMD':
$file = 'modules';
break;
case 'FFL':
$file = 'tl_form_field';
break;
case 'CACHE':
$file = 'tl_page';
break;
case 'XPL':
$file = 'explain';
break;
case 'XPT':
$file = 'exception';
break;
case 'MSC':
case 'ERR':
case 'CTE':
case 'PTY':
case 'FOP':
case 'CHMOD':
case 'DAYS':
case 'MONTHS':
case 'UNITS':
case 'CONFIRM':
case 'DP':
case 'COLS':
$file = 'default';
break;
}
\System::loadLanguageFile($file);
if (count($keys) == 2) {
$arrCache[$strTag] = $GLOBALS['TL_LANG'][$keys[0]][$keys[1]];
} else {
$arrCache[$strTag] = $GLOBALS['TL_LANG'][$keys[0]][$keys[1]][$keys[2]];
}
break;
// Front end user
// Front end user
case 'user':
if (FE_USER_LOGGED_IN) {
$this->import('FrontendUser', 'User');
$value = $this->User->{$elements[1]};
if ($value == '') {
$arrCache[$strTag] = $value;
break;
}
$this->loadDataContainer('tl_member');
if ($GLOBALS['TL_DCA']['tl_member']['fields'][$elements[1]]['inputType'] == 'password') {
$arrCache[$strTag] = '';
break;
}
$value = \StringUtil::deserialize($value);
// Decrypt the value
if ($GLOBALS['TL_DCA']['tl_member']['fields'][$elements[1]]['eval']['encrypt']) {
$value = \Encryption::decrypt($value);
}
$rgxp = $GLOBALS['TL_DCA']['tl_member']['fields'][$elements[1]]['eval']['rgxp'];
$opts = $GLOBALS['TL_DCA']['tl_member']['fields'][$elements[1]]['options'];
$rfrc = $GLOBALS['TL_DCA']['tl_member']['fields'][$elements[1]]['reference'];
if ($rgxp == 'date') {
$arrCache[$strTag] = \Date::parse(\Config::get('dateFormat'), $value);
} elseif ($rgxp == 'time') {
$arrCache[$strTag] = \Date::parse(\Config::get('timeFormat'), $value);
} elseif ($rgxp == 'datim') {
$arrCache[$strTag] = \Date::parse(\Config::get('datimFormat'), $value);
} elseif (is_array($value)) {
$arrCache[$strTag] = implode(', ', $value);
} elseif (is_array($opts) && array_is_assoc($opts)) {
$arrCache[$strTag] = isset($opts[$value]) ? $opts[$value] : $value;
} elseif (is_array($rfrc)) {
$arrCache[$strTag] = isset($rfrc[$value]) ? is_array($rfrc[$value]) ? $rfrc[$value][0] : $rfrc[$value] : $value;
} else {
$arrCache[$strTag] = $value;
}
// Convert special characters (see #1890)
$arrCache[$strTag] = \StringUtil::specialchars($arrCache[$strTag]);
}
break;
// Link
// Link
case 'link':
case 'link_open':
case 'link_url':
case 'link_title':
case 'link_target':
case 'link_name':
$strTarget = null;
// Back link
if ($elements[1] == 'back') {
$strUrl = 'javascript:history.go(-1)';
$strTitle = $GLOBALS['TL_LANG']['MSC']['goBack'];
// No language files if the page is cached
if (!strlen($strTitle)) {
$strTitle = 'Go back';
}
$strName = $strTitle;
} elseif (strncmp($elements[1], 'http://', 7) === 0 || strncmp($elements[1], 'https://', 8) === 0) {
$strUrl = $elements[1];
$strTitle = $elements[1];
$strName = str_replace(array('http://', 'https://'), '', $elements[1]);
} else {
// User login page
if ($elements[1] == 'login') {
if (!FE_USER_LOGGED_IN) {
break;
}
$this->import('FrontendUser', 'User');
$elements[1] = $this->User->loginPage;
}
$objNextPage = \PageModel::findByIdOrAlias($elements[1]);
if ($objNextPage === null) {
break;
}
// Page type specific settings (thanks to Andreas Schempp)
switch ($objNextPage->type) {
case 'redirect':
$strUrl = $objNextPage->url;
if (strncasecmp($strUrl, 'mailto:', 7) === 0) {
$strUrl = \StringUtil::encodeEmail($strUrl);
}
break;
case 'forward':
if ($objNextPage->jumpTo) {
/** @var PageModel $objNext */
$objNext = $objNextPage->getRelated('jumpTo');
} else {
$objNext = \PageModel::findFirstPublishedRegularByPid($objNextPage->id);
}
if ($objNext instanceof PageModel) {
$strUrl = $objNext->getFrontendUrl();
break;
}
// DO NOT ADD A break; STATEMENT
// DO NOT ADD A break; STATEMENT
default:
$strUrl = $objNextPage->getFrontendUrl();
break;
}
$strName = $objNextPage->title;
$strTarget = $objNextPage->target ? ' target="_blank"' : '';
$strTitle = $objNextPage->pageTitle ?: $objNextPage->title;
}
// Replace the tag
switch (strtolower($elements[0])) {
case 'link':
$arrCache[$strTag] = sprintf('<a href="%s" title="%s"%s>%s</a>', $strUrl, \StringUtil::specialchars($strTitle), $strTarget, $strName);
break;
case 'link_open':
$arrCache[$strTag] = sprintf('<a href="%s" title="%s"%s>', $strUrl, \StringUtil::specialchars($strTitle), $strTarget);
break;
case 'link_url':
$arrCache[$strTag] = $strUrl;
break;
case 'link_title':
$arrCache[$strTag] = \StringUtil::specialchars($strTitle);
break;
case 'link_target':
$arrCache[$strTag] = $strTarget;
break;
case 'link_name':
$arrCache[$strTag] = $strName;
break;
}
break;
// Closing link tag
// Closing link tag
case 'link_close':
case 'email_close':
$arrCache[$strTag] = '</a>';
break;
// Insert article
// Insert article
case 'insert_article':
if (($strOutput = $this->getArticle($elements[1], false, true)) !== false) {
$arrCache[$strTag] = ltrim($strOutput);
} else {
$arrCache[$strTag] = '<p class="error">' . sprintf($GLOBALS['TL_LANG']['MSC']['invalidPage'], $elements[1]) . '</p>';
}
break;
// Insert content element
// Insert content element
case 'insert_content':
$arrCache[$strTag] = $this->getContentElement($elements[1]);
break;
// Insert module
// Insert module
case 'insert_module':
$arrCache[$strTag] = $this->getFrontendModule($elements[1]);
break;
// Insert form
// Insert form
case 'insert_form':
$arrCache[$strTag] = $this->getForm($elements[1]);
break;
// Article
// Article
case 'article':
case 'article_open':
case 'article_url':
case 'article_title':
if (($objArticle = \ArticleModel::findByIdOrAlias($elements[1])) === null || !($objPid = $objArticle->getRelated('pid')) instanceof PageModel) {
break;
}
/** @var PageModel $objPid */
$strUrl = $objPid->getFrontendUrl('/articles/' . ($objArticle->alias ?: $objArticle->id));
// Replace the tag
switch (strtolower($elements[0])) {
case 'article':
$arrCache[$strTag] = sprintf('<a href="%s" title="%s">%s</a>', $strUrl, \StringUtil::specialchars($objArticle->title), $objArticle->title);
break;
case 'article_open':
$arrCache[$strTag] = sprintf('<a href="%s" title="%s">', $strUrl, \StringUtil::specialchars($objArticle->title));
break;
case 'article_url':
$arrCache[$strTag] = $strUrl;
break;
case 'article_title':
$arrCache[$strTag] = \StringUtil::specialchars($objArticle->title);
break;
}
break;
// Article teaser
// Article teaser
case 'article_teaser':
$objTeaser = \ArticleModel::findByIdOrAlias($elements[1]);
if ($objTeaser !== null) {
$arrCache[$strTag] = \StringUtil::toHtml5($objTeaser->teaser);
}
break;
// Last update
// Last update
case 'last_update':
$strQuery = "SELECT MAX(tstamp) AS tc";
$bundles = \System::getContainer()->getParameter('kernel.bundles');
if (isset($bundles['ContaoNewsBundle'])) {
$strQuery .= ", (SELECT MAX(tstamp) FROM tl_news) AS tn";
}
if (isset($bundles['ContaoCalendarBundle'])) {
$strQuery .= ", (SELECT MAX(tstamp) FROM tl_calendar_events) AS te";
}
$strQuery .= " FROM tl_content";
$objUpdate = \Database::getInstance()->query($strQuery);
if ($objUpdate->numRows) {
$arrCache[$strTag] = \Date::parse($elements[1] ?: \Config::get('datimFormat'), max($objUpdate->tc, $objUpdate->tn, $objUpdate->te));
}
break;
// Version
// Version
case 'version':
$arrCache[$strTag] = VERSION . '.' . BUILD;
break;
// Request token
// Request token
case 'request_token':
$arrCache[$strTag] = REQUEST_TOKEN;
break;
// POST data
// POST data
case 'post':
$arrCache[$strTag] = \Input::post($elements[1]);
break;
// Mobile/desktop toggle (see #6469)
// Mobile/desktop toggle (see #6469)
case 'toggle_view':
$strUrl = ampersand(\Environment::get('request'));
$strGlue = strpos($strUrl, '?') === false ? '?' : '&';
if (\Input::cookie('TL_VIEW') == 'mobile' || \Environment::get('agent')->mobile && \Input::cookie('TL_VIEW') != 'desktop') {
$arrCache[$strTag] = '<a href="' . $strUrl . $strGlue . 'toggle_view=desktop" class="toggle_desktop" title="' . \StringUtil::specialchars($GLOBALS['TL_LANG']['MSC']['toggleDesktop'][1]) . '">' . $GLOBALS['TL_LANG']['MSC']['toggleDesktop'][0] . '</a>';
} else {
$arrCache[$strTag] = '<a href="' . $strUrl . $strGlue . 'toggle_view=mobile" class="toggle_mobile" title="' . \StringUtil::specialchars($GLOBALS['TL_LANG']['MSC']['toggleMobile'][1]) . '">' . $GLOBALS['TL_LANG']['MSC']['toggleMobile'][0] . '</a>';
}
break;
// Conditional tags (if)
// Conditional tags (if)
case 'iflng':
if ($elements[1] != '' && $elements[1] != $objPage->language) {
for (; $_rit < $_cnt; $_rit += 2) {
if ($tags[$_rit + 1] == 'iflng' || $tags[$_rit + 1] == 'iflng::' . $objPage->language) {
break;
}
}
}
unset($arrCache[$strTag]);
break;
// Conditional tags (if not)
// Conditional tags (if not)
case 'ifnlng':
if ($elements[1] != '') {
$langs = \StringUtil::trimsplit(',', $elements[1]);
if (in_array($objPage->language, $langs)) {
for (; $_rit < $_cnt; $_rit += 2) {
if ($tags[$_rit + 1] == 'ifnlng') {
break;
}
}
}
}
unset($arrCache[$strTag]);
break;
// Environment
// Environment
case 'env':
switch ($elements[1]) {
case 'host':
$arrCache[$strTag] = \Idna::decode(\Environment::get('host'));
break;
case 'http_host':
$arrCache[$strTag] = \Idna::decode(\Environment::get('httpHost'));
break;
case 'url':
$arrCache[$strTag] = \Idna::decode(\Environment::get('url'));
break;
case 'path':
$arrCache[$strTag] = \Idna::decode(\Environment::get('base'));
break;
case 'request':
$arrCache[$strTag] = \Environment::get('indexFreeRequest');
break;
case 'ip':
$arrCache[$strTag] = \Environment::get('ip');
break;
case 'referer':
$arrCache[$strTag] = $this->getReferer(true);
break;
case 'files_url':
$arrCache[$strTag] = TL_FILES_URL;
break;
case 'assets_url':
case 'plugins_url':
case 'script_url':
$arrCache[$strTag] = TL_ASSETS_URL;
break;
case 'base_url':
$arrCache[$strTag] = \System::getContainer()->get('request_stack')->getCurrentRequest()->getBaseUrl();
break;
}
break;
// Page
// Page
case 'page':
if ($elements[1] == 'pageTitle' && $objPage->pageTitle == '') {
$elements[1] = 'title';
} elseif ($elements[1] == 'parentPageTitle' && $objPage->parentPageTitle == '') {
$elements[1] = 'parentTitle';
} elseif ($elements[1] == 'mainPageTitle' && $objPage->mainPageTitle == '') {
$elements[1] = 'mainTitle';
}
// Do not use \StringUtil::specialchars() here (see #4687)
$arrCache[$strTag] = $objPage->{$elements[1]};
break;
// User agent
// User agent
case 'ua':
$ua = \Environment::get('agent');
if ($elements[1] != '') {
$arrCache[$strTag] = $ua->{$elements[1]};
} else {
$arrCache[$strTag] = '';
}
break;
// Abbreviations
// Abbreviations
case 'abbr':
case 'acronym':
if ($elements[1] != '') {
$arrCache[$strTag] = '<abbr title="' . $elements[1] . '">';
} else {
$arrCache[$strTag] = '</abbr>';
}
break;
// Images
// Images
case 'image':
case 'picture':
$width = null;
$height = null;
$alt = '';
$class = '';
$rel = '';
$strFile = $elements[1];
$mode = '';
$size = null;
$strTemplate = 'picture_default';
// Take arguments
if (strpos($elements[1], '?') !== false) {
$arrChunks = explode('?', urldecode($elements[1]), 2);
$strSource = \StringUtil::decodeEntities($arrChunks[1]);
$strSource = str_replace('[&]', '&', $strSource);
$arrParams = explode('&', $strSource);
foreach ($arrParams as $strParam) {
list($key, $value) = explode('=', $strParam);
switch ($key) {
case 'width':
$width = $value;
break;
case 'height':
$height = $value;
break;
case 'alt':
$alt = \StringUtil::specialchars($value);
break;
case 'class':
$class = $value;
break;
case 'rel':
$rel = $value;
break;
case 'mode':
$mode = $value;
break;
case 'size':
$size = (int) $value;
break;
case 'template':
$strTemplate = preg_replace('/[^a-z0-9_]/i', '', $value);
break;
}
}
$strFile = $arrChunks[0];
}
if (\Validator::isUuid($strFile)) {
// Handle UUIDs
$objFile = \FilesModel::findByUuid($strFile);
if ($objFile === null) {
$arrCache[$strTag] = '';
break;
}
$strFile = $objFile->path;
} elseif (is_numeric($strFile)) {
// Handle numeric IDs (see #4805)
$objFile = \FilesModel::findByPk($strFile);
if ($objFile === null) {
$arrCache[$strTag] = '';
break;
}
$strFile = $objFile->path;
} else {
// Check the path
if (\Validator::isInsecurePath($strFile)) {
throw new \RuntimeException('Invalid path ' . $strFile);
}
}
// Check the maximum image width
if (\Config::get('maxImageWidth') > 0 && $width > \Config::get('maxImageWidth')) {
$width = \Config::get('maxImageWidth');
$height = null;
}
// Generate the thumbnail image
try {
// Image
if (strtolower($elements[0]) == 'image') {
$dimensions = '';
$imageObj = \Image::create($strFile, array($width, $height, $mode));
$src = $imageObj->executeResize()->getResizedPath();
$objFile = new \File(rawurldecode($src));
// Add the image dimensions
if (($imgSize = $objFile->imageSize) !== false) {
$dimensions = ' width="' . $imgSize[0] . '" height="' . $imgSize[1] . '"';
}
$arrCache[$strTag] = '<img src="' . TL_FILES_URL . $src . '" ' . $dimensions . ' alt="' . $alt . '"' . ($class != '' ? ' class="' . $class . '"' : '') . '>';
} else {
$picture = \Picture::create($strFile, array(0, 0, $size))->getTemplateData();
$picture['alt'] = $alt;
$picture['class'] = $class;
$pictureTemplate = new \FrontendTemplate($strTemplate);
$pictureTemplate->setData($picture);
$arrCache[$strTag] = $pictureTemplate->parse();
}
// Add a lightbox link
if ($rel != '') {
if (strncmp($rel, 'lightbox', 8) !== 0) {
$attribute = ' rel="' . $rel . '"';
} else {
$attribute = ' data-lightbox="' . substr($rel, 8) . '"';
}
$arrCache[$strTag] = '<a href="' . TL_FILES_URL . $strFile . '"' . ($alt != '' ? ' title="' . $alt . '"' : '') . $attribute . '>' . $arrCache[$strTag] . '</a>';
}
} catch (\Exception $e) {
$arrCache[$strTag] = '';
}
break;
// Files (UUID or template path)
// Files (UUID or template path)
case 'file':
if (\Validator::isUuid($elements[1])) {
$objFile = \FilesModel::findByUuid($elements[1]);
if ($objFile !== null) {
$arrCache[$strTag] = $objFile->path;
break;
}
}
$arrGet = $_GET;
\Input::resetCache();
$strFile = $elements[1];
// Take arguments and add them to the $_GET array
if (strpos($elements[1], '?') !== false) {
$arrChunks = explode('?', urldecode($elements[1]));
$strSource = \StringUtil::decodeEntities($arrChunks[1]);
$strSource = str_replace('[&]', '&', $strSource);
$arrParams = explode('&', $strSource);
foreach ($arrParams as $strParam) {
$arrParam = explode('=', $strParam);
$_GET[$arrParam[0]] = $arrParam[1];
}
$strFile = $arrChunks[0];
}
// Check the path
if (\Validator::isInsecurePath($strFile)) {
throw new \RuntimeException('Invalid path ' . $strFile);
}
// Include .php, .tpl, .xhtml and .html5 files
if (preg_match('/\\.(php|tpl|xhtml|html5)$/', $strFile) && file_exists(TL_ROOT . '/templates/' . $strFile)) {
ob_start();
include TL_ROOT . '/templates/' . $strFile;
$arrCache[$strTag] = ob_get_clean();
}
$_GET = $arrGet;
\Input::resetCache();
break;
// HOOK: pass unknown tags to callback functions
// HOOK: pass unknown tags to callback functions
default:
if (isset($GLOBALS['TL_HOOKS']['replaceInsertTags']) && is_array($GLOBALS['TL_HOOKS']['replaceInsertTags'])) {
foreach ($GLOBALS['TL_HOOKS']['replaceInsertTags'] as $callback) {
$this->import($callback[0]);
$varValue = $this->{$callback[0]}->{$callback[1]}($tag, $blnCache, $arrCache[$strTag], $flags, $tags, $arrCache, $_rit, $_cnt);
// see #6672
// Replace the tag and stop the loop
if ($varValue !== false) {
$arrCache[$strTag] = $varValue;
break;
}
}
}
if (\Config::get('debugMode')) {
$GLOBALS['TL_DEBUG']['unknown_insert_tags'][] = $strTag;
}
break;
}
// Handle the flags
if (!empty($flags)) {
foreach ($flags as $flag) {
switch ($flag) {
case 'addslashes':
case 'stripslashes':
case 'standardize':
case 'ampersand':
case 'specialchars':
case 'nl2br':
case 'nl2br_pre':
case 'strtolower':
case 'utf8_strtolower':
case 'strtoupper':
case 'utf8_strtoupper':
case 'ucfirst':
case 'lcfirst':
case 'ucwords':
case 'trim':
case 'rtrim':
case 'ltrim':
case 'utf8_romanize':
case 'strrev':
case 'urlencode':
case 'rawurlencode':
$arrCache[$strTag] = $flag($arrCache[$strTag]);
break;
case 'encodeEmail':
case 'decodeEntities':
$arrCache[$strTag] = \StringUtil::$flag($arrCache[$strTag]);
break;
case 'number_format':
$arrCache[$strTag] = \System::getFormattedNumber($arrCache[$strTag], 0);
break;
case 'currency_format':
$arrCache[$strTag] = \System::getFormattedNumber($arrCache[$strTag], 2);
break;
case 'readable_size':
$arrCache[$strTag] = \System::getReadableSize($arrCache[$strTag]);
break;
case 'flatten':
if (!is_array($arrCache[$strTag])) {
break;
}
$it = new \RecursiveIteratorIterator(new \RecursiveArrayIterator($arrCache[$strTag]));
$result = array();
foreach ($it as $leafValue) {
$keys = array();
foreach (range(0, $it->getDepth()) as $depth) {
$keys[] = $it->getSubIterator($depth)->key();
}
$result[] = implode('.', $keys) . ': ' . $leafValue;
}
$arrCache[$strTag] = implode(', ', $result);
break;
// HOOK: pass unknown flags to callback functions
// HOOK: pass unknown flags to callback functions
default:
if (isset($GLOBALS['TL_HOOKS']['insertTagFlags']) && is_array($GLOBALS['TL_HOOKS']['insertTagFlags'])) {
foreach ($GLOBALS['TL_HOOKS']['insertTagFlags'] as $callback) {
$this->import($callback[0]);
$varValue = $this->{$callback[0]}->{$callback[1]}($flag, $tag, $arrCache[$strTag], $flags, $blnCache, $tags, $arrCache, $_rit, $_cnt);
// see #5806
// Replace the tag and stop the loop
if ($varValue !== false) {
$arrCache[$strTag] = $varValue;
break;
}
}
}
if (\Config::get('debugMode')) {
$GLOBALS['TL_DEBUG']['unknown_insert_tag_flags'][] = $flag;
}
break;
}
}
}
$strBuffer .= $arrCache[$strTag];
}
return \StringUtil::restoreBasicEntities($strBuffer);
}
/**
* Return the edit file source button
*
* @param array $row
* @param string $href
* @param string $label
* @param string $title
* @param string $icon
* @param string $attributes
*
* @return string
*/
public function editSource($row, $href, $label, $title, $icon, $attributes)
{
if (!$this->User->hasAccess('f5', 'fop')) {
return '';
}
$strDecoded = rawurldecode($row['id']);
if (is_dir(TL_ROOT . '/' . $strDecoded)) {
return '';
}
$objFile = new File($strDecoded);
if (!in_array($objFile->extension, StringUtil::trimsplit(',', strtolower(Config::get('editableFiles'))))) {
return Image::getHtml(preg_replace('/\\.svg$/i', '_.svg', $icon)) . ' ';
}
return '<a href="' . $this->addToUrl($href . '&id=' . $row['id']) . '" title="' . StringUtil::specialchars($title) . '"' . $attributes . '>' . Image::getHtml($icon, $label) . '</a> ';
}
/**
* Validate the input and set the value
*/
public function validate()
{
// No file specified
if (!isset($_FILES[$this->strName]) || empty($_FILES[$this->strName]['name'])) {
if ($this->mandatory) {
if ($this->strLabel == '') {
$this->addError($GLOBALS['TL_LANG']['ERR']['mdtryNoLabel']);
} else {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['mandatory'], $this->strLabel));
}
}
return;
}
$file = $_FILES[$this->strName];
$maxlength_kb = $this->getMaximumUploadSize();
$maxlength_kb_readable = $this->getReadableSize($maxlength_kb);
// Sanitize the filename
try {
$file['name'] = \StringUtil::sanitizeFileName($file['name']);
} catch (\InvalidArgumentException $e) {
$this->addError($GLOBALS['TL_LANG']['ERR']['filename']);
return;
}
// Invalid file name
if (!\Validator::isValidFileName($file['name'])) {
$this->addError($GLOBALS['TL_LANG']['ERR']['filename']);
return;
}
// File was not uploaded
if (!is_uploaded_file($file['tmp_name'])) {
if ($file['error'] == 1 || $file['error'] == 2) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['filesize'], $maxlength_kb_readable));
} elseif ($file['error'] == 3) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['filepartial'], $file['name']));
} elseif ($file['error'] > 0) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['fileerror'], $file['error'], $file['name']));
}
unset($_FILES[$this->strName]);
return;
}
// File is too big
if ($file['size'] > $maxlength_kb) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['filesize'], $maxlength_kb_readable));
unset($_FILES[$this->strName]);
return;
}
$objFile = new \File($file['name']);
$uploadTypes = \StringUtil::trimsplit(',', strtolower($this->extensions));
// File type is not allowed
if (!in_array($objFile->extension, $uploadTypes)) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['filetype'], $objFile->extension));
unset($_FILES[$this->strName]);
return;
}
if (($arrImageSize = @getimagesize($file['tmp_name'])) != false) {
// Image exceeds maximum image width
if ($arrImageSize[0] > \Config::get('imageWidth')) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['filewidth'], $file['name'], \Config::get('imageWidth')));
unset($_FILES[$this->strName]);
return;
}
// Image exceeds maximum image height
if ($arrImageSize[1] > \Config::get('imageHeight')) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['fileheight'], $file['name'], \Config::get('imageHeight')));
unset($_FILES[$this->strName]);
return;
}
}
// Store file in the session and optionally on the server
if (!$this->hasErrors()) {
$_SESSION['FILES'][$this->strName] = $_FILES[$this->strName];
if ($this->storeFile) {
$intUploadFolder = $this->uploadFolder;
// Overwrite the upload folder with user's home directory
if ($this->useHomeDir && FE_USER_LOGGED_IN) {
$this->import('FrontendUser', 'User');
if ($this->User->assignDir && $this->User->homeDir) {
$intUploadFolder = $this->User->homeDir;
}
}
$objUploadFolder = \FilesModel::findByUuid($intUploadFolder);
// The upload folder could not be found
if ($objUploadFolder === null) {
throw new \Exception("Invalid upload folder ID {$intUploadFolder}");
}
$strUploadFolder = $objUploadFolder->path;
// Store the file if the upload folder exists
if ($strUploadFolder != '' && is_dir(TL_ROOT . '/' . $strUploadFolder)) {
$this->import('Files');
// Do not overwrite existing files
if ($this->doNotOverwrite && file_exists(TL_ROOT . '/' . $strUploadFolder . '/' . $file['name'])) {
$offset = 1;
$arrAll = scan(TL_ROOT . '/' . $strUploadFolder);
$arrFiles = preg_grep('/^' . preg_quote($objFile->filename, '/') . '.*\\.' . preg_quote($objFile->extension, '/') . '/', $arrAll);
foreach ($arrFiles as $strFile) {
if (preg_match('/__[0-9]+\\.' . preg_quote($objFile->extension, '/') . '$/', $strFile)) {
$strFile = str_replace('.' . $objFile->extension, '', $strFile);
$intValue = intval(substr($strFile, strrpos($strFile, '_') + 1));
$offset = max($offset, $intValue);
}
}
$file['name'] = str_replace($objFile->filename, $objFile->filename . '__' . ++$offset, $file['name']);
}
// Move the file to its destination
$this->Files->move_uploaded_file($file['tmp_name'], $strUploadFolder . '/' . $file['name']);
$this->Files->chmod($strUploadFolder . '/' . $file['name'], \Config::get('defaultFileChmod'));
$strUuid = null;
$strFile = $strUploadFolder . '/' . $file['name'];
// Generate the DB entries
if (\Dbafs::shouldBeSynchronized($strFile)) {
$objModel = \FilesModel::findByPath($strFile);
if ($objModel === null) {
$objModel = \Dbafs::addResource($strFile);
}
$strUuid = \StringUtil::binToUuid($objModel->uuid);
// Update the hash of the target folder
\Dbafs::updateFolderHashes($strUploadFolder);
}
// Add the session entry (see #6986)
$_SESSION['FILES'][$this->strName] = array('name' => $file['name'], 'type' => $file['type'], 'tmp_name' => TL_ROOT . '/' . $strFile, 'error' => $file['error'], 'size' => $file['size'], 'uploaded' => true, 'uuid' => $strUuid);
// Add a log entry
$this->log('File "' . $strUploadFolder . '/' . $file['name'] . '" has been uploaded', __METHOD__, TL_FILES);
}
}
}
unset($_FILES[$this->strName]);
}
/**
* Generate the widget and return it as string
*
* @return string
*/
public function generate()
{
$this->import('Database');
$arrButtons = array('edit', 'copy', 'delete', 'enable', 'drag', 'up', 'down');
$strCommand = 'cmd_' . $this->strField;
// Change the order
if (\Input::get($strCommand) && is_numeric(\Input::get('cid')) && \Input::get('id') == $this->currentRecord) {
switch (\Input::get($strCommand)) {
case 'copy':
$this->varValue = array_duplicate($this->varValue, \Input::get('cid'));
break;
case 'up':
$this->varValue = array_move_up($this->varValue, \Input::get('cid'));
break;
case 'down':
$this->varValue = array_move_down($this->varValue, \Input::get('cid'));
break;
case 'delete':
$this->varValue = array_delete($this->varValue, \Input::get('cid'));
break;
}
}
// Get all modules of the current theme
$objModules = $this->Database->prepare("SELECT id, name, type FROM tl_module WHERE pid=(SELECT pid FROM " . $this->strTable . " WHERE id=?) ORDER BY name")->execute($this->currentRecord);
// Add the articles module
$modules[] = array('id' => 0, 'name' => $GLOBALS['TL_LANG']['MOD']['article'][0], 'type' => 'article');
if ($objModules->numRows) {
$modules = array_merge($modules, $objModules->fetchAllAssoc());
}
$GLOBALS['TL_LANG']['FMD']['article'] = $GLOBALS['TL_LANG']['MOD']['article'];
// Add the module type (see #3835)
foreach ($modules as $k => $v) {
$v['type'] = $GLOBALS['TL_LANG']['FMD'][$v['type']][0];
$modules[$k] = $v;
}
$objRow = $this->Database->prepare("SELECT * FROM " . $this->strTable . " WHERE id=?")->limit(1)->execute($this->currentRecord);
// Show all columns and filter in PageRegular (see #3273)
$cols = array('header', 'left', 'right', 'main', 'footer');
$arrSections = \StringUtil::trimsplit(',', $objRow->sections);
// Add custom page sections
if (!empty($arrSections) && is_array($arrSections)) {
$cols = array_merge($cols, $arrSections);
}
// Get the new value
if (\Input::post('FORM_SUBMIT') == $this->strTable) {
$this->varValue = \Input::post($this->strId);
}
// Make sure there is at least an empty array
if (!is_array($this->varValue) || !$this->varValue[0]) {
$this->varValue = array('');
} else {
$arrCols = array();
// Initialize the sorting order
foreach ($cols as $col) {
$arrCols[$col] = array();
}
foreach ($this->varValue as $v) {
$arrCols[$v['col']][] = $v;
}
$this->varValue = array();
foreach ($arrCols as $arrCol) {
$this->varValue = array_merge($this->varValue, $arrCol);
}
}
// Save the value
if (\Input::get($strCommand) || \Input::post('FORM_SUBMIT') == $this->strTable) {
$this->Database->prepare("UPDATE " . $this->strTable . " SET " . $this->strField . "=? WHERE id=?")->execute(serialize($this->varValue), $this->currentRecord);
// Reload the page
if (is_numeric(\Input::get('cid')) && \Input::get('id') == $this->currentRecord) {
$this->redirect(preg_replace('/&(amp;)?cid=[^&]*/i', '', preg_replace('/&(amp;)?' . preg_quote($strCommand, '/') . '=[^&]*/i', '', \Environment::get('request'))));
}
}
// Initialize the tab index
if (!\Cache::has('tabindex')) {
\Cache::set('tabindex', 1);
}
$tabindex = \Cache::get('tabindex');
// Add the label and the return wizard
$return = '<table id="ctrl_' . $this->strId . '" class="tl_modulewizard">
<thead>
<tr>
<th>' . $GLOBALS['TL_LANG']['MSC']['mw_module'] . '</th>
<th>' . $GLOBALS['TL_LANG']['MSC']['mw_column'] . '</th>
<th></th>
</tr>
</thead>
<tbody class="sortable" data-tabindex="' . $tabindex . '">';
// Add the input fields
for ($i = 0, $c = count($this->varValue); $i < $c; $i++) {
$options = '';
// Add modules
foreach ($modules as $v) {
$options .= '<option value="' . \StringUtil::specialchars($v['id']) . '"' . static::optionSelected($v['id'], $this->varValue[$i]['mod']) . '>' . $v['name'] . ' [' . $v['type'] . ']</option>';
}
$return .= '
<tr>
<td><select name="' . $this->strId . '[' . $i . '][mod]" class="tl_select tl_chosen" tabindex="' . $tabindex++ . '" onfocus="Backend.getScrollOffset()" onchange="Backend.updateModuleLink(this)">' . $options . '</select></td>';
$options = '';
// Add columns
foreach ($cols as $v) {
$options .= '<option value="' . \StringUtil::specialchars($v) . '"' . static::optionSelected($v, $this->varValue[$i]['col']) . '>' . (isset($GLOBALS['TL_LANG']['COLS'][$v]) && !is_array($GLOBALS['TL_LANG']['COLS'][$v]) ? $GLOBALS['TL_LANG']['COLS'][$v] : $v) . '</option>';
}
$return .= '
<td><select name="' . $this->strId . '[' . $i . '][col]" class="tl_select_column" tabindex="' . $tabindex++ . '" onfocus="Backend.getScrollOffset()">' . $options . '</select></td>
<td>';
// Add buttons
foreach ($arrButtons as $button) {
$class = $button == 'up' || $button == 'down' ? ' class="button-move"' : '';
if ($button == 'edit') {
$return .= ' <a href="contao/main.php?do=themes&table=tl_module&act=edit&id=' . $this->varValue[$i]['mod'] . '&popup=1&rt=' . REQUEST_TOKEN . '&nb=1" title="' . \StringUtil::specialchars($GLOBALS['TL_LANG']['tl_layout']['edit_module']) . '" class="module_link" ' . ($this->varValue[$i]['mod'] > 0 ? '' : ' style="display:none"') . ' onclick="Backend.openModalIframe({\'width\':768,\'title\':\'' . \StringUtil::specialchars(str_replace("'", "\\'", $GLOBALS['TL_LANG']['tl_layout']['edit_module'])) . '\',\'url\':this.href});return false">' . \Image::getHtml('edit.svg') . '</a>' . \Image::getHtml('edit_.svg', '', 'class="module_image"' . ($this->varValue[$i]['mod'] > 0 ? ' style="display:none"' : ''));
} elseif ($button == 'drag') {
$return .= ' ' . \Image::getHtml('drag.svg', '', 'class="drag-handle" title="' . sprintf($GLOBALS['TL_LANG']['MSC']['move']) . '"');
} elseif ($button == 'enable') {
$return .= ' ' . \Image::getHtml($this->varValue[$i]['enable'] ? 'visible.svg' : 'invisible.svg', '', 'class="mw_enable" title="' . sprintf($GLOBALS['TL_LANG']['MSC']['mw_enable']) . '"') . '<input name="' . $this->strId . '[' . $i . '][enable]" type="checkbox" class="tl_checkbox mw_enable" value="1" tabindex="' . $tabindex++ . '" onfocus="Backend.getScrollOffset()"' . ($this->varValue[$i]['enable'] ? ' checked' : '') . '>';
} else {
$return .= ' <a href="' . $this->addToUrl('&' . $strCommand . '=' . $button . '&cid=' . $i . '&id=' . $this->currentRecord) . '"' . $class . ' title="' . \StringUtil::specialchars($GLOBALS['TL_LANG']['MSC']['mw_' . $button]) . '" onclick="Backend.moduleWizard(this,\'' . $button . '\',\'ctrl_' . $this->strId . '\');return false">' . \Image::getHtml($button . '.svg', $GLOBALS['TL_LANG']['MSC']['mw_' . $button], 'class="tl_listwizard_img"') . '</a>';
}
}
$return .= '</td>
</tr>';
}
// Store the tab index
\Cache::set('tabindex', $tabindex);
return $return . '
</tbody>
</table>';
}