/**
* Auto-generate a form to edit the current database record
*
* @param integer $intId
* @param integer $ajaxId
*
* @return string
*
* @throws AccessDeniedException
* @throws InternalServerErrorException
*/
public function edit($intId = null, $ajaxId = null)
{
if ($GLOBALS['TL_DCA'][$this->strTable]['config']['notEditable']) {
throw new InternalServerErrorException('Table "' . $this->strTable . '" is not editable.');
}
if ($intId != '') {
$this->intId = $intId;
}
// Get the current record
$objRow = $this->Database->prepare("SELECT * FROM " . $this->strTable . " WHERE id=?")->limit(1)->execute($this->intId);
// Redirect if there is no record with the given ID
if ($objRow->numRows < 1) {
throw new AccessDeniedException('Cannot load record "' . $this->strTable . '.id=' . $this->intId . '".');
}
$this->objActiveRecord = $objRow;
$return = '';
$this->values[] = $this->intId;
$this->procedure[] = 'id=?';
$this->blnCreateNewVersion = false;
$objVersions = new \Versions($this->strTable, $this->intId);
if (!$GLOBALS['TL_DCA'][$this->strTable]['config']['hideVersionMenu']) {
// Compare versions
if (\Input::get('versions')) {
$objVersions->compare();
}
// Restore a version
if (\Input::post('FORM_SUBMIT') == 'tl_version' && \Input::post('version') != '') {
$objVersions->restore(\Input::post('version'));
$this->reload();
}
}
$objVersions->initialize();
// Build an array from boxes and rows
$this->strPalette = $this->getPalette();
$boxes = trimsplit(';', $this->strPalette);
$legends = array();
if (!empty($boxes)) {
foreach ($boxes as $k => $v) {
$eCount = 1;
$boxes[$k] = trimsplit(',', $v);
foreach ($boxes[$k] as $kk => $vv) {
if (preg_match('/^\\[.*\\]$/', $vv)) {
++$eCount;
continue;
}
if (preg_match('/^\\{.*\\}$/', $vv)) {
$legends[$k] = substr($vv, 1, -1);
unset($boxes[$k][$kk]);
} elseif ($GLOBALS['TL_DCA'][$this->strTable]['fields'][$vv]['exclude'] || !is_array($GLOBALS['TL_DCA'][$this->strTable]['fields'][$vv])) {
unset($boxes[$k][$kk]);
}
}
// Unset a box if it does not contain any fields
if (count($boxes[$k]) < $eCount) {
unset($boxes[$k]);
}
}
/** @var SessionInterface $objSessionBag */
$objSessionBag = \System::getContainer()->get('session')->getBag('contao_backend');
$class = 'tl_tbox';
$fs = $objSessionBag->get('fieldset_states');
$blnIsFirst = true;
// Render boxes
foreach ($boxes as $k => $v) {
$strAjax = '';
$blnAjax = false;
$key = '';
$cls = '';
$legend = '';
if (isset($legends[$k])) {
list($key, $cls) = explode(':', $legends[$k]);
$legend = "\n" . '<legend onclick="AjaxRequest.toggleFieldset(this,\'' . $key . '\',\'' . $this->strTable . '\')">' . (isset($GLOBALS['TL_LANG'][$this->strTable][$key]) ? $GLOBALS['TL_LANG'][$this->strTable][$key] : $key) . '</legend>';
}
if (isset($fs[$this->strTable][$key])) {
$class .= $fs[$this->strTable][$key] ? '' : ' collapsed';
} else {
$class .= $cls && $legend ? ' ' . $cls : '';
}
$return .= "\n\n" . '<fieldset' . ($key ? ' id="pal_' . $key . '"' : '') . ' class="' . $class . ($legend ? '' : ' nolegend') . '">' . $legend;
// Build rows of the current box
foreach ($v as $vv) {
if ($vv == '[EOF]') {
if ($blnAjax && \Environment::get('isAjaxRequest')) {
return $strAjax . '<input type="hidden" name="FORM_FIELDS[]" value="' . specialchars($this->strPalette) . '">';
}
$blnAjax = false;
$return .= "\n" . '</div>';
continue;
}
if (preg_match('/^\\[.*\\]$/', $vv)) {
$thisId = 'sub_' . substr($vv, 1, -1);
$blnAjax = $ajaxId == $thisId && \Environment::get('isAjaxRequest') ? true : false;
$return .= "\n" . '<div id="' . $thisId . '">';
continue;
}
$this->strField = $vv;
$this->strInputName = $vv;
$this->varValue = $objRow->{$vv};
// Autofocus the first field
if ($blnIsFirst && $GLOBALS['TL_DCA'][$this->strTable]['fields'][$this->strField]['inputType'] == 'text') {
$GLOBALS['TL_DCA'][$this->strTable]['fields'][$this->strField]['eval']['autofocus'] = 'autofocus';
$blnIsFirst = false;
}
// Convert CSV fields (see #2890)
if ($GLOBALS['TL_DCA'][$this->strTable]['fields'][$this->strField]['eval']['multiple'] && isset($GLOBALS['TL_DCA'][$this->strTable]['fields'][$this->strField]['eval']['csv'])) {
$this->varValue = trimsplit($GLOBALS['TL_DCA'][$this->strTable]['fields'][$this->strField]['eval']['csv'], $this->varValue);
}
// Call load_callback
if (is_array($GLOBALS['TL_DCA'][$this->strTable]['fields'][$this->strField]['load_callback'])) {
foreach ($GLOBALS['TL_DCA'][$this->strTable]['fields'][$this->strField]['load_callback'] as $callback) {
if (is_array($callback)) {
$this->import($callback[0]);
$this->varValue = $this->{$callback[0]}->{$callback[1]}($this->varValue, $this);
} elseif (is_callable($callback)) {
$this->varValue = $callback($this->varValue, $this);
}
}
}
// Re-set the current value
$this->objActiveRecord->{$this->strField} = $this->varValue;
// Build the row and pass the current palette string (thanks to Tristan Lins)
$blnAjax ? $strAjax .= $this->row($this->strPalette) : ($return .= $this->row($this->strPalette));
}
$class = 'tl_box';
$return .= "\n" . '</fieldset>';
}
}
// Versions overview
if ($GLOBALS['TL_DCA'][$this->strTable]['config']['enableVersioning'] && !$GLOBALS['TL_DCA'][$this->strTable]['config']['hideVersionMenu']) {
$version = $objVersions->renderDropdown();
} else {
$version = '';
}
// Submit buttons
$arrButtons = array();
$arrButtons['save'] = '<button type="submit" name="save" id="save" class="tl_submit" accesskey="s">' . $GLOBALS['TL_LANG']['MSC']['save'] . '</button>';
if (!\Input::get('nb')) {
$arrButtons['saveNclose'] = '<button type="submit" name="saveNclose" id="saveNclose" class="tl_submit" accesskey="c">' . $GLOBALS['TL_LANG']['MSC']['saveNclose'] . '</button>';
}
if (!\Input::get('popup') && !$GLOBALS['TL_DCA'][$this->strTable]['config']['closed'] && !$GLOBALS['TL_DCA'][$this->strTable]['config']['notCreatable']) {
$arrButtons['saveNcreate'] = '<button type="submit" name="saveNcreate" id="saveNcreate" class="tl_submit" accesskey="n">' . $GLOBALS['TL_LANG']['MSC']['saveNcreate'] . '</button>';
}
if ($GLOBALS['TL_DCA'][$this->strTable]['config']['switchToEdit']) {
$arrButtons['saveNedit'] = '<button type="submit" name="saveNedit" id="saveNedit" class="tl_submit" accesskey="e">' . $GLOBALS['TL_LANG']['MSC']['saveNedit'] . '</button>';
}
if (!\Input::get('popup') && ($GLOBALS['TL_DCA'][$this->strTable]['list']['sorting']['mode'] == 4 || strlen($this->ptable) || $GLOBALS['TL_DCA'][$this->strTable]['config']['switchToEdit'])) {
$arrButtons['saveNback'] = '<button type="submit" name="saveNback" id="saveNback" class="tl_submit" accesskey="g">' . $GLOBALS['TL_LANG']['MSC']['saveNback'] . '</button>';
}
// Call the buttons_callback (see #4691)
if (is_array($GLOBALS['TL_DCA'][$this->strTable]['edit']['buttons_callback'])) {
foreach ($GLOBALS['TL_DCA'][$this->strTable]['edit']['buttons_callback'] as $callback) {
if (is_array($callback)) {
$this->import($callback[0]);
$arrButtons = $this->{$callback[0]}->{$callback[1]}($arrButtons, $this);
} elseif (is_callable($callback)) {
$arrButtons = $callback($arrButtons, $this);
}
}
}
// Add the buttons and end the form
$return .= '
</div>
<div class="tl_formbody_submit">
<div class="tl_submit_container">
' . implode(' ', $arrButtons) . '
</div>
</div>
</form>
<script>
window.addEvent(\'domready\', function() {
Theme.focusInput("' . $this->strTable . '");
});
</script>';
// Begin the form (-> DO NOT CHANGE THIS ORDER -> this way the onsubmit attribute of the form can be changed by a field)
$return = $version . '
<div id="tl_buttons">' . (\Input::get('nb') ? ' ' : '
<a href="' . $this->getReferer(true) . '" class="header_back" title="' . specialchars($GLOBALS['TL_LANG']['MSC']['backBTTitle']) . '" accesskey="b" onclick="Backend.getScrollOffset()">' . $GLOBALS['TL_LANG']['MSC']['backBT'] . '</a>') . '
</div>
' . \Message::generate() . '
<form action="' . ampersand(\Environment::get('request'), true) . '" id="' . $this->strTable . '" class="tl_form" method="post" enctype="' . ($this->blnUploadable ? 'multipart/form-data' : 'application/x-www-form-urlencoded') . '"' . (!empty($this->onsubmit) ? ' onsubmit="' . implode(' ', $this->onsubmit) . '"' : '') . '>
<div class="tl_formbody_edit">
<input type="hidden" name="FORM_SUBMIT" value="' . $this->strTable . '">
<input type="hidden" name="REQUEST_TOKEN" value="' . REQUEST_TOKEN . '">
<input type="hidden" name="FORM_FIELDS[]" value="' . specialchars($this->strPalette) . '">' . ($this->noReload ? '
<p class="tl_error">' . $GLOBALS['TL_LANG']['ERR']['general'] . '</p>' : '') . $return;
// Reload the page to prevent _POST variables from being sent twice
if (\Input::post('FORM_SUBMIT') == $this->strTable && !$this->noReload) {
$arrValues = $this->values;
array_unshift($arrValues, time());
// Trigger the onsubmit_callback
if (is_array($GLOBALS['TL_DCA'][$this->strTable]['config']['onsubmit_callback'])) {
foreach ($GLOBALS['TL_DCA'][$this->strTable]['config']['onsubmit_callback'] as $callback) {
if (is_array($callback)) {
$this->import($callback[0]);
$this->{$callback[0]}->{$callback[1]}($this);
} elseif (is_callable($callback)) {
$callback($this);
}
}
}
// Save the current version
if ($this->blnCreateNewVersion) {
$objVersions->create();
// Call the onversion_callback
if (is_array($GLOBALS['TL_DCA'][$this->strTable]['config']['onversion_callback'])) {
foreach ($GLOBALS['TL_DCA'][$this->strTable]['config']['onversion_callback'] as $callback) {
if (is_array($callback)) {
$this->import($callback[0]);
$this->{$callback[0]}->{$callback[1]}($this->strTable, $this->intId, $this);
} elseif (is_callable($callback)) {
$callback($this->strTable, $this->intId, $this);
}
}
}
$this->log('A new version of record "' . $this->strTable . '.id=' . $this->intId . '" has been created' . $this->getParentEntries($this->strTable, $this->intId), __METHOD__, TL_GENERAL);
}
// Set the current timestamp (-> DO NOT CHANGE THE ORDER version - timestamp)
if ($GLOBALS['TL_DCA'][$this->strTable]['config']['dynamicPtable']) {
$this->Database->prepare("UPDATE " . $this->strTable . " SET ptable=?, tstamp=? WHERE id=?")->execute($this->ptable, time(), $this->intId);
} else {
$this->Database->prepare("UPDATE " . $this->strTable . " SET tstamp=? WHERE id=?")->execute(time(), $this->intId);
}
// Redirect
if (isset($_POST['saveNclose'])) {
\Message::reset();
\System::setCookie('BE_PAGE_OFFSET', 0, 0);
$this->redirect($this->getReferer());
} elseif (isset($_POST['saveNedit'])) {
\Message::reset();
\System::setCookie('BE_PAGE_OFFSET', 0, 0);
$this->redirect($this->addToUrl($GLOBALS['TL_DCA'][$this->strTable]['list']['operations']['edit']['href'], false, array('s2e', 'act')));
} elseif (isset($_POST['saveNback'])) {
\Message::reset();
\System::setCookie('BE_PAGE_OFFSET', 0, 0);
if ($this->ptable == '') {
$this->redirect(TL_SCRIPT . '?do=' . \Input::get('do'));
} elseif ($this->ptable == 'tl_theme' && $this->strTable == 'tl_style_sheet' || $this->ptable == 'tl_page' && $this->strTable == 'tl_article') {
$this->redirect($this->getReferer(false, $this->strTable));
} else {
$this->redirect($this->getReferer(false, $this->ptable));
}
} elseif (isset($_POST['saveNcreate'])) {
\Message::reset();
\System::setCookie('BE_PAGE_OFFSET', 0, 0);
$strUrl = TL_SCRIPT . '?do=' . \Input::get('do');
if (isset($_GET['table'])) {
$strUrl .= '&table=' . \Input::get('table');
}
// Tree view
if ($this->treeView) {
$strUrl .= '&act=create&mode=1&pid=' . $this->intId;
} elseif ($GLOBALS['TL_DCA'][$this->strTable]['list']['sorting']['mode'] == 4) {
$strUrl .= $this->Database->fieldExists('sorting', $this->strTable) ? '&act=create&mode=1&pid=' . $this->intId . '&id=' . $this->activeRecord->pid : '&act=create&mode=2&pid=' . $this->activeRecord->pid;
} else {
$strUrl .= $this->ptable != '' ? '&act=create&mode=2&pid=' . CURRENT_ID : '&act=create';
}
$this->redirect($strUrl . '&rt=' . REQUEST_TOKEN);
}
$this->reload();
}
// Set the focus if there is an error
if ($this->noReload) {
$return .= '
<script>
window.addEvent(\'domready\', function() {
Backend.vScrollTo(($(\'' . $this->strTable . '\').getElement(\'label.error\').getPosition().y - 20));
});
</script>';
}
return $return;
}
/**
* Load the source editor
*
* @return string
*
* @throws InternalServerErrorException
*/
public function source()
{
$this->isValid($this->intId);
if (is_dir(TL_ROOT . '/' . $this->intId)) {
throw new InternalServerErrorException('Folder "' . $this->intId . '" cannot be edited.');
} elseif (!file_exists(TL_ROOT . '/' . $this->intId)) {
throw new InternalServerErrorException('File "' . $this->intId . '" does not exist.');
}
$this->import('BackendUser', 'User');
// Check user permission
if (!$this->User->hasAccess('f5', 'fop')) {
throw new AccessDeniedException('Not enough permissions to edit the file source of file "' . $this->intId . '".');
}
$objFile = new \File($this->intId);
// Check whether file type is editable
if (!in_array($objFile->extension, trimsplit(',', \Config::get('editableFiles')))) {
throw new AccessDeniedException('File type "' . $objFile->extension . '" (' . $this->intId . ') is not allowed to be edited.');
}
$objMeta = null;
$objVersions = null;
// Add the versioning routines
if ($this->blnIsDbAssisted && \Dbafs::shouldBeSynchronized($this->intId)) {
$objMeta = \FilesModel::findByPath($objFile->value);
if ($objMeta === null) {
$objMeta = \Dbafs::addResource($objFile->value);
}
$objVersions = new \Versions($this->strTable, $objMeta->id);
if (!$GLOBALS['TL_DCA'][$this->strTable]['config']['hideVersionMenu']) {
// Compare versions
if (\Input::get('versions')) {
$objVersions->compare();
}
// Restore a version
if (\Input::post('FORM_SUBMIT') == 'tl_version' && \Input::post('version') != '') {
$objVersions->restore(\Input::post('version'));
// Purge the script cache (see #7005)
if ($objFile->extension == 'css' || $objFile->extension == 'scss' || $objFile->extension == 'less') {
$this->import('Automator');
$this->Automator->purgeScriptCache();
}
$this->reload();
}
}
$objVersions->initialize();
}
$strContent = $objFile->getContent();
if ($objFile->extension == 'svgz') {
$strContent = gzdecode($strContent);
}
// Process the request
if (\Input::post('FORM_SUBMIT') == 'tl_files') {
// Restore the basic entities (see #7170)
$strSource = \StringUtil::restoreBasicEntities(\Input::postRaw('source'));
// Save the file
if (md5($strContent) != md5($strSource)) {
if ($objFile->extension == 'svgz') {
$strSource = gzencode($strSource);
}
// Write the file
$objFile->write($strSource);
$objFile->close();
// Update the database
if ($this->blnIsDbAssisted && $objMeta !== null) {
/** @var FilesModel $objMeta */
$objMeta->hash = $objFile->hash;
$objMeta->save();
$objVersions->create();
}
// Purge the script cache (see #7005)
if ($objFile->extension == 'css' || $objFile->extension == 'scss' || $objFile->extension == 'less') {
$this->import('Automator');
$this->Automator->purgeScriptCache();
}
}
if (isset($_POST['saveNclose'])) {
\System::setCookie('BE_PAGE_OFFSET', 0, 0);
$this->redirect($this->getReferer());
}
$this->reload();
}
$codeEditor = '';
// Prepare the code editor
if (\Config::get('useCE')) {
/** @var BackendTemplate|object $objTemplate */
$objTemplate = new \BackendTemplate('be_ace');
$objTemplate->selector = 'ctrl_source';
$objTemplate->type = $objFile->extension;
$codeEditor = $objTemplate->parse();
}
// Versions overview
if ($GLOBALS['TL_DCA'][$this->strTable]['config']['enableVersioning'] && !$GLOBALS['TL_DCA'][$this->strTable]['config']['hideVersionMenu'] && $this->blnIsDbAssisted && $objVersions !== null) {
$version = $objVersions->renderDropdown();
} else {
$version = '';
}
// Submit buttons
$arrButtons = array();
$arrButtons['save'] = '<button type="submit" name="save" id="save" class="tl_submit" accesskey="s">' . $GLOBALS['TL_LANG']['MSC']['save'] . '</button>';
$arrButtons['saveNclose'] = '<button type="submit" name="saveNclose" id="saveNclose" class="tl_submit" accesskey="c">' . $GLOBALS['TL_LANG']['MSC']['saveNclose'] . '</button>';
// Call the buttons_callback (see #4691)
if (is_array($GLOBALS['TL_DCA'][$this->strTable]['edit']['buttons_callback'])) {
foreach ($GLOBALS['TL_DCA'][$this->strTable]['edit']['buttons_callback'] as $callback) {
if (is_array($callback)) {
$this->import($callback[0]);
$arrButtons = $this->{$callback[0]}->{$callback[1]}($arrButtons, $this);
} elseif (is_callable($callback)) {
$arrButtons = $callback($arrButtons, $this);
}
}
}
// Add the form
return $version . '
<div id="tl_buttons">
<a href="' . $this->getReferer(true) . '" class="header_back" title="' . specialchars($GLOBALS['TL_LANG']['MSC']['backBTTitle']) . '" accesskey="b" onclick="Backend.getScrollOffset()">' . $GLOBALS['TL_LANG']['MSC']['backBT'] . '</a>
</div>
' . \Message::generate() . '
<form action="' . ampersand(\Environment::get('request'), true) . '" id="tl_files" class="tl_form" method="post">
<div class="tl_formbody_edit">
<input type="hidden" name="FORM_SUBMIT" value="tl_files">
<input type="hidden" name="REQUEST_TOKEN" value="' . REQUEST_TOKEN . '">
<div class="tl_tbox">
<h3><label for="ctrl_source">' . $GLOBALS['TL_LANG']['tl_files']['editor'][0] . '</label></h3>
<textarea name="source" id="ctrl_source" class="tl_textarea monospace" rows="12" cols="80" style="height:400px" onfocus="Backend.getScrollOffset()">' . "\n" . htmlspecialchars($strContent) . '</textarea>' . (\Config::get('showHelp') && strlen($GLOBALS['TL_LANG']['tl_files']['editor'][1]) ? '
<p class="tl_help tl_tip">' . $GLOBALS['TL_LANG']['tl_files']['editor'][1] . '</p>' : '') . '
</div>
</div>
<div class="tl_formbody_submit">
<div class="tl_submit_container">
' . implode(' ', $arrButtons) . '
</div>
</div>
</form>' . "\n\n" . $codeEditor;
}