TYPO3 CMS  TYPO3_6-2
FrontendEditingController.php
Go to the documentation of this file.
1 <?php
3 
23 
30  public $TSFE_EDIT;
31 
35  protected $tce;
36 
42  public function initConfigOptions() {
43  $this->TSFE_EDIT = \TYPO3\CMS\Core\Utility\GeneralUtility::_GP('TSFE_EDIT');
44  // Include classes for editing IF editing module in Admin Panel is open
45  if ($GLOBALS['BE_USER']->isFrontendEditingActive()) {
46  if ($this->isEditAction()) {
47  $this->editAction();
48  }
49  }
50  }
51 
63  public function displayEditPanel($content, array $conf, $currentRecord, array $dataArray) {
64  if ($conf['newRecordFromTable']) {
65  $currentRecord = $conf['newRecordFromTable'] . ':NEW';
66  $conf['allow'] = 'new';
67  $checkEditAccessInternals = FALSE;
68  } else {
69  $checkEditAccessInternals = TRUE;
70  }
71  list($table, $uid) = explode(':', $currentRecord);
72  // Page ID for new records, 0 if not specified
73  $newRecordPid = (int)$conf['newRecordInPid'];
74  if (!$conf['onlyCurrentPid'] || $dataArray['pid'] == $GLOBALS['TSFE']->id) {
75  if ($table == 'pages') {
76  $newUid = $uid;
77  } else {
78  if ($conf['newRecordFromTable']) {
79  $newUid = $GLOBALS['TSFE']->id;
80  if ($newRecordPid) {
81  $newUid = $newRecordPid;
82  }
83  } else {
84  $newUid = -1 * $uid;
85  }
86  }
87  }
88  if ($GLOBALS['TSFE']->displayEditIcons && $table && $this->allowedToEdit($table, $dataArray, $conf, $checkEditAccessInternals) && $this->allowedToEditLanguage($table, $dataArray)) {
89  $editClass = $GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['typo3/classes/class.frontendedit.php']['edit'];
90  if ($editClass) {
91  $edit = \TYPO3\CMS\Core\Utility\GeneralUtility::getUserObj($editClass, FALSE);
92  if (is_object($edit)) {
93  $allowedActions = $this->getAllowedEditActions($table, $conf, $dataArray['pid']);
94  $content = $edit->editPanel($content, $conf, $currentRecord, $dataArray, $table, $allowedActions, $newUid, $this->getHiddenFields($dataArray));
95  }
96  }
97  }
98  return $content;
99  }
100 
113  public function displayEditIcons($content, $params, array $conf = array(), $currentRecord = '', array $dataArray = array(), $addUrlParamStr = '') {
114  // Check incoming params:
115  list($currentRecordTable, $currentRecordUID) = explode(':', $currentRecord);
116  list($fieldList, $table) = array_reverse(\TYPO3\CMS\Core\Utility\GeneralUtility::trimExplode(':', $params, TRUE));
117  // Reverse the array because table is optional
118  if (!$table) {
119  $table = $currentRecordTable;
120  } elseif ($table != $currentRecordTable) {
121  // If the table is set as the first parameter, and does not match the table of the current record, then just return.
122  return $content;
123  }
124  $editUid = $dataArray['_LOCALIZED_UID'] ?: $currentRecordUID;
125  // Edit icons imply that the editing action is generally allowed, assuming page and content element permissions permit it.
126  if (!array_key_exists('allow', $conf)) {
127  $conf['allow'] = 'edit';
128  }
129  if ($GLOBALS['TSFE']->displayFieldEditIcons && $table && $this->allowedToEdit($table, $dataArray, $conf) && $fieldList && $this->allowedToEditLanguage($table, $dataArray)) {
130  $editClass = $GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['typo3/classes/class.frontendedit.php']['edit'];
131  if ($editClass) {
133  if (is_object($edit)) {
134  $content = $edit->editIcons($content, $params, $conf, $currentRecord, $dataArray, $addUrlParamStr, $table, $editUid, $fieldList);
135  }
136  }
137  }
138  return $content;
139  }
140 
141  /*****************************************************
142  *
143  * Frontend Editing
144  *
145  ****************************************************/
152  public function isEditAction() {
153  if (is_array($this->TSFE_EDIT)) {
154  if ($this->TSFE_EDIT['cancel']) {
155  unset($this->TSFE_EDIT['cmd']);
156  } else {
157  $cmd = (string) $this->TSFE_EDIT['cmd'];
158  if (($cmd != 'edit' || is_array($this->TSFE_EDIT['data']) && ($this->TSFE_EDIT['doSave'] || $this->TSFE_EDIT['update'] || $this->TSFE_EDIT['update_close'])) && $cmd != 'new') {
159  // $cmd can be a command like "hide" or "move". If $cmd is "edit" or "new" it's an indication to show the formfields. But if data is sent with update-flag then $cmd = edit is accepted because edit may be sent because of .keepGoing flag.
160  return TRUE;
161  }
162  }
163  }
164  return FALSE;
165  }
166 
174  public function isEditFormShown() {
175  if (is_array($this->TSFE_EDIT)) {
176  $cmd = (string) $this->TSFE_EDIT['cmd'];
177  if ($cmd == 'edit' || $cmd == 'new') {
178  return TRUE;
179  }
180  }
181  }
182 
191  public function editAction() {
192  // Commands
193  list($table, $uid) = explode(':', $this->TSFE_EDIT['record']);
194  $uid = (int)$uid;
195  $cmd = $this->TSFE_EDIT['cmd'];
196  // Look for some TSFE_EDIT data that indicates we should save.
197  if (($this->TSFE_EDIT['doSave'] || $this->TSFE_EDIT['update'] || $this->TSFE_EDIT['update_close']) && is_array($this->TSFE_EDIT['data'])) {
198  $cmd = 'save';
199  }
200  if ($cmd == 'save' || $cmd && $table && $uid && isset($GLOBALS['TCA'][$table])) {
201  // Hook for defining custom editing actions. Naming is incorrect, but preserves compatibility.
202  if (is_array($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['t3lib/class.t3lib_tsfebeuserauth.php']['extEditAction'])) {
203  $_params = array();
204  foreach ($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['t3lib/class.t3lib_tsfebeuserauth.php']['extEditAction'] as $_funcRef) {
206  }
207  }
208  // Perform the requested editing command.
209  $cmdAction = 'do' . ucwords($cmd);
210  if (is_callable(array($this, $cmdAction))) {
211  $this->{$cmdAction}($table, $uid);
212  } else {
213  throw new \UnexpectedValueException('The specified frontend edit command (' . $cmd . ') is not valid.', 1225818120);
214  }
215  }
216  }
217 
225  public function doHide($table, $uid) {
226  $hideField = $GLOBALS['TCA'][$table]['ctrl']['enablecolumns']['disabled'];
227  if ($hideField) {
228  $recData = array();
229  $recData[$table][$uid][$hideField] = 1;
230  $this->initializeTceMain();
231  $this->tce->start($recData, array());
232  $this->tce->process_datamap();
233  }
234  }
235 
243  public function doUnhide($table, $uid) {
244  $hideField = $GLOBALS['TCA'][$table]['ctrl']['enablecolumns']['disabled'];
245  if ($hideField) {
246  $recData = array();
247  $recData[$table][$uid][$hideField] = 0;
248  $this->initializeTceMain();
249  $this->tce->start($recData, array());
250  $this->tce->process_datamap();
251  }
252  }
253 
261  public function doUp($table, $uid) {
262  $this->move($table, $uid, 'up');
263  }
264 
272  public function doDown($table, $uid) {
273  $this->move($table, $uid, 'down');
274  }
275 
283  public function doMoveAfter($table, $uid) {
284  $afterUID = $GLOBALS['BE_USER']->frontendEdit->TSFE_EDIT['moveAfter'];
285  $this->move($table, $uid, '', $afterUID);
286  }
287 
297  protected function move($table, $uid, $direction = '', $afterUID = 0) {
298  $cmdData = array();
299  $sortField = $GLOBALS['TCA'][$table]['ctrl']['sortby'];
300  if ($sortField) {
301  // Get self
302  $fields = array_unique(\TYPO3\CMS\Core\Utility\GeneralUtility::trimExplode(',', $GLOBALS['TCA'][$table]['ctrl']['copyAfterDuplFields'] . ',uid,pid,' . $sortField, TRUE));
303  $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery(implode(',', $fields), $table, 'uid=' . $uid);
304  if ($row = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res)) {
305  // Record before or after
306  if ($GLOBALS['BE_USER']->adminPanel instanceof \TYPO3\CMS\Frontend\View\AdminPanelView && $GLOBALS['BE_USER']->adminPanel->extGetFeAdminValue('preview')) {
307  $ignore = array('starttime' => 1, 'endtime' => 1, 'disabled' => 1, 'fe_group' => 1);
308  }
309  $copyAfterFieldsQuery = '';
310  if ($GLOBALS['TCA'][$table]['ctrl']['copyAfterDuplFields']) {
311  $cAFields = \TYPO3\CMS\Core\Utility\GeneralUtility::trimExplode(',', $GLOBALS['TCA'][$table]['ctrl']['copyAfterDuplFields'], TRUE);
312  foreach ($cAFields as $fieldName) {
313  $copyAfterFieldsQuery .= ' AND ' . $fieldName . '="' . $row[$fieldName] . '"';
314  }
315  }
316  if (!empty($direction)) {
317  if ($direction == 'up') {
318  $operator = '<';
319  $order = 'DESC';
320  } else {
321  $operator = '>';
322  $order = 'ASC';
323  }
324  $sortCheck = ' AND ' . $sortField . $operator . (int)$row[$sortField];
325  }
326  $GLOBALS['TYPO3_DB']->sql_free_result($res);
327  $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('uid,pid', $table, 'pid=' . (int)$row['pid'] . $sortCheck . $copyAfterFieldsQuery . $GLOBALS['TSFE']->sys_page->enableFields($table, '', $ignore), '', $sortField . ' ' . $order, '2');
328  if ($row2 = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res)) {
329  if ($afterUID) {
330  $cmdData[$table][$uid]['move'] = -$afterUID;
331  } elseif ($direction == 'down') {
332  $cmdData[$table][$uid]['move'] = -$row2['uid'];
333  } elseif ($row3 = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res)) {
334  // Must take the second record above...
335  $cmdData[$table][$uid]['move'] = -$row3['uid'];
336  } else {
337  // ... and if that does not exist, use pid
338  $cmdData[$table][$uid]['move'] = $row['pid'];
339  }
340  } elseif ($direction == 'up') {
341  $cmdData[$table][$uid]['move'] = $row['pid'];
342  }
343  $GLOBALS['TYPO3_DB']->sql_free_result($res);
344  }
345  if (!empty($cmdData)) {
346  $this->initializeTceMain();
347  $this->tce->start(array(), $cmdData);
348  $this->tce->process_cmdmap();
349  }
350  }
351  }
352 
360  public function doDelete($table, $uid) {
361  $cmdData[$table][$uid]['delete'] = 1;
362  if (count($cmdData)) {
363  $this->initializeTceMain();
364  $this->tce->start(array(), $cmdData);
365  $this->tce->process_cmdmap();
366  }
367  }
368 
376  public function doSave($table, $uid) {
377  $data = $this->TSFE_EDIT['data'];
378  if (!empty($data)) {
379  $this->initializeTceMain();
380  $this->tce->start($data, array());
381  $this->tce->process_uploads($_FILES);
382  $this->tce->process_datamap();
383  // Save the new UID back into TSFE_EDIT
384  $newUID = $this->tce->substNEWwithIDs['NEW'];
385  if ($newUID) {
386  $GLOBALS['BE_USER']->frontendEdit->TSFE_EDIT['newUID'] = $newUID;
387  }
388  }
389  }
390 
399  public function doSaveAndClose($table, $uid) {
400  $this->doSave($table, $uid);
401  }
402 
411  public function doClose($table, $uid) {
412 
413  }
414 
423  protected function allowedToEditLanguage($table, array $currentRecord) {
424  // If no access right to record languages, return immediately
425  if ($table === 'pages') {
426  $lang = $GLOBALS['TSFE']->sys_language_uid;
427  } elseif ($table === 'tt_content') {
428  $lang = $GLOBALS['TSFE']->sys_language_content;
429  } elseif ($GLOBALS['TCA'][$table]['ctrl']['languageField']) {
430  $lang = $currentRecord[$GLOBALS['TCA'][$table]['ctrl']['languageField']];
431  } else {
432  $lang = -1;
433  }
434  if ($GLOBALS['BE_USER']->checkLanguageAccess($lang)) {
435  $languageAccess = TRUE;
436  } else {
437  $languageAccess = FALSE;
438  }
439  return $languageAccess;
440  }
441 
451  protected function allowedToEdit($table, array $dataArray, array $conf, $checkEditAccessInternals = TRUE) {
452  // Unless permissions specifically allow it, editing is not allowed.
453  $mayEdit = FALSE;
454  if ($checkEditAccessInternals) {
455  $editAccessInternals = $GLOBALS['BE_USER']->recordEditAccessInternals($table, $dataArray, FALSE, FALSE);
456  } else {
457  $editAccessInternals = TRUE;
458  }
459  if ($editAccessInternals) {
460  if ($table == 'pages') {
461  // 2 = permission to edit the page
462  if ($GLOBALS['BE_USER']->isAdmin() || $GLOBALS['BE_USER']->doesUserHaveAccess($dataArray, 2)) {
463  $mayEdit = TRUE;
464  }
465  } else {
466  // 16 = permission to edit content on the page
467  if ($GLOBALS['BE_USER']->isAdmin() || $GLOBALS['BE_USER']->doesUserHaveAccess(\TYPO3\CMS\Backend\Utility\BackendUtility::getRecord('pages', $dataArray['pid']), 16)) {
468  $mayEdit = TRUE;
469  }
470  }
471  if (!$conf['onlyCurrentPid'] || $dataArray['pid'] == $GLOBALS['TSFE']->id) {
472  // Permissions:
473  $types = \TYPO3\CMS\Core\Utility\GeneralUtility::trimExplode(',', \TYPO3\CMS\Core\Utility\GeneralUtility::strtolower($conf['allow']), TRUE);
474  $allow = array_flip($types);
475  $perms = $GLOBALS['BE_USER']->calcPerms($GLOBALS['TSFE']->page);
476  if ($table == 'pages') {
477  $allow = $this->getAllowedEditActions($table, $conf, $dataArray['pid'], $allow);
478  // Can only display editbox if there are options in the menu
479  if (count($allow)) {
480  $mayEdit = TRUE;
481  }
482  } else {
483  $mayEdit = count($allow) && $perms & 16;
484  }
485  }
486  }
487  return $mayEdit;
488  }
489 
499  protected function getAllowedEditActions($table, array $conf, $pid, $allow = '') {
500  if (!$allow) {
501  $types = \TYPO3\CMS\Core\Utility\GeneralUtility::trimExplode(',', \TYPO3\CMS\Core\Utility\GeneralUtility::strtolower($conf['allow']), TRUE);
502  $allow = array_flip($types);
503  }
504  if (!$conf['onlyCurrentPid'] || $pid == $GLOBALS['TSFE']->id) {
505  // Permissions
506  $types = \TYPO3\CMS\Core\Utility\GeneralUtility::trimExplode(',', \TYPO3\CMS\Core\Utility\GeneralUtility::strtolower($conf['allow']), TRUE);
507  $allow = array_flip($types);
508  $perms = $GLOBALS['BE_USER']->calcPerms($GLOBALS['TSFE']->page);
509  if ($table == 'pages') {
510  // Rootpage
511  if (count($GLOBALS['TSFE']->config['rootLine']) == 1) {
512  unset($allow['move']);
513  unset($allow['hide']);
514  unset($allow['delete']);
515  }
516  if (!($perms & 2)) {
517  unset($allow['edit']);
518  unset($allow['move']);
519  unset($allow['hide']);
520  }
521  if (!($perms & 4)) {
522  unset($allow['delete']);
523  }
524  if (!($perms & 8)) {
525  unset($allow['new']);
526  }
527  }
528  }
529  return $allow;
530  }
531 
537  public function getJavascriptIncludes() {
538  // No extra JS includes needed
539  return '';
540  }
541 
549  public function getHiddenFields(array $dataArray) {
550  // No special hidden fields needed.
551  return array();
552  }
553 
559  protected function initializeTceMain() {
560  if (!isset($this->tce)) {
561  $this->tce = \TYPO3\CMS\Core\Utility\GeneralUtility::makeInstance('TYPO3\\CMS\\Core\\DataHandling\\DataHandler');
562  $this->tce->stripslashes_values = 0;
563  }
564  }
565 
566 }
displayEditPanel($content, array $conf, $currentRecord, array $dataArray)
$uid
Definition: server.php:36
static getUserObj($classRef, $checkPrefix='', $silent=FALSE)
static trimExplode($delim, $string, $removeEmptyValues=FALSE, $limit=0)
static callUserFunction($funcName, &$params, &$ref, $checkPrefix='', $errorMode=0)
displayEditIcons($content, $params, array $conf=array(), $currentRecord='', array $dataArray=array(), $addUrlParamStr='')
if(!defined('TYPO3_MODE')) $GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['t3lib/class.t3lib_userauth.php']['logoff_pre_processing'][]
allowedToEdit($table, array $dataArray, array $conf, $checkEditAccessInternals=TRUE)