TYPO3 CMS  TYPO3_7-6
SetupModuleController.php
Go to the documentation of this file.
1 <?php
2 namespace TYPO3\CMS\Setup\Controller;
3 
4 /*
5  * This file is part of the TYPO3 CMS project.
6  *
7  * It is free software; you can redistribute it and/or modify it under
8  * the terms of the GNU General Public License, either version 2
9  * of the License, or any later version.
10  *
11  * For the full copyright and license information, please read the
12  * LICENSE.txt file that was distributed with this source code.
13  *
14  * The TYPO3 project - inspiring people to share!
15  */
16 
17 use Psr\Http\Message\ResponseInterface;
18 use Psr\Http\Message\ServerRequestInterface;
19 use TYPO3\CMS\Backend\Backend\Avatar\DefaultAvatarProvider;
20 use TYPO3\CMS\Backend\Module\AbstractModule;
21 use TYPO3\CMS\Backend\Module\ModuleLoader;
22 use TYPO3\CMS\Backend\Utility\BackendUtility;
23 use TYPO3\CMS\Core\Authentication\BackendUserAuthentication;
24 use TYPO3\CMS\Core\Database\DatabaseConnection;
25 use TYPO3\CMS\Core\DataHandling\DataHandler;
26 use TYPO3\CMS\Core\FormProtection\FormProtectionFactory;
27 use TYPO3\CMS\Core\Imaging\Icon;
28 use TYPO3\CMS\Core\Messaging\FlashMessage;
29 use TYPO3\CMS\Core\Messaging\FlashMessageService;
30 use TYPO3\CMS\Core\Resource\Exception\FileDoesNotExistException;
31 use TYPO3\CMS\Core\Resource\ResourceFactory;
32 use TYPO3\CMS\Core\Utility\ExtensionManagementUtility;
33 use TYPO3\CMS\Core\Utility\GeneralUtility;
34 use TYPO3\CMS\Saltedpasswords\Salt\SaltFactory;
35 
39 class SetupModuleController extends AbstractModule
40 {
44  const PASSWORD_NOT_UPDATED = 0;
45 
49  const PASSWORD_UPDATED = 1;
50 
54  const PASSWORD_NOT_THE_SAME = 2;
55 
60  const PASSWORD_OLD_WRONG = 3;
61 
65  public $MOD_MENU = [];
66 
70  public $MOD_SETTINGS = [];
71 
75  public $doc;
76 
80  public $content;
81 
85  public $overrideConf;
86 
92  public $OLD_BE_USER;
93 
97  public $languageUpdate;
98 
102  protected $pagetreeNeedsRefresh = false;
103 
107  protected $isAdmin;
108 
112  protected $tsFieldConf;
113 
117  protected $saveData = false;
118 
122  protected $passwordIsUpdated = self::PASSWORD_NOT_UPDATED;
123 
127  protected $passwordIsSubmitted = false;
128 
132  protected $setupIsUpdated = false;
133 
137  protected $settingsAreResetToDefault = false;
138 
144  protected $formProtection;
145 
149  protected $simulateSelector = '';
150 
154  protected $simUser;
155 
161  protected $moduleName = 'user_setup';
162 
166  protected $loadModules;
167 
171  public function __construct()
172  {
173  parent::__construct();
174  $this->formProtection = FormProtectionFactory::get();
175  $this->moduleTemplate->getPageRenderer()->loadRequireJsModule('TYPO3/CMS/Backend/Modal');
176  }
177 
183  public function getFormProtection()
184  {
185  return $this->formProtection;
186  }
187 
195  public function storeIncomingData()
196  {
197  // First check if something is submitted in the data-array from POST vars
198  $d = GeneralUtility::_POST('data');
199  $columns = $GLOBALS['TYPO3_USER_SETTINGS']['columns'];
200  $beUser = $this->getBackendUser();
201  $beUserId = $beUser->user['uid'];
202  $storeRec = [];
203  $fieldList = $this->getFieldsFromShowItem();
204  if (is_array($d) && $this->formProtection->validateToken((string)GeneralUtility::_POST('formToken'), 'BE user setup', 'edit')) {
205  // UC hashed before applying changes
206  $save_before = md5(serialize($beUser->uc));
207  // PUT SETTINGS into the ->uc array:
208  // Reload left frame when switching BE language
209  if (isset($d['lang']) && $d['lang'] != $beUser->uc['lang']) {
210  $this->languageUpdate = true;
211  }
212  // Reload pagetree if the title length is changed
213  if (isset($d['titleLen']) && $d['titleLen'] !== $beUser->uc['titleLen']) {
214  $this->pagetreeNeedsRefresh = true;
215  }
216  if ($d['setValuesToDefault']) {
217  // If every value should be default
218  $beUser->resetUC();
219  $this->settingsAreResetToDefault = true;
220  } elseif ($d['save']) {
221  // Save all submitted values if they are no array (arrays are with table=be_users) and exists in $GLOBALS['TYPO3_USER_SETTINGS'][columns]
222  foreach ($columns as $field => $config) {
223  if (!in_array($field, $fieldList)) {
224  continue;
225  }
226  if ($config['table']) {
227  if ($config['table'] === 'be_users' && !in_array($field, ['password', 'password2', 'passwordCurrent', 'email', 'realName', 'admin', 'avatar'])) {
228  if (!isset($config['access']) || $this->checkAccess($config) && $beUser->user[$field] !== $d['be_users'][$field]) {
229  if ($config['type'] === 'check') {
230  $fieldValue = isset($d['be_users'][$field]) ? 1 : 0;
231  } else {
232  $fieldValue = $d['be_users'][$field];
233  }
234  $storeRec['be_users'][$beUserId][$field] = $fieldValue;
235  $beUser->user[$field] = $fieldValue;
236  }
237  }
238  }
239  if ($config['type'] === 'check') {
240  $beUser->uc[$field] = isset($d[$field]) ? 1 : 0;
241  } else {
242  $beUser->uc[$field] = htmlspecialchars($d[$field]);
243  }
244  }
245  // Personal data for the users be_user-record (email, name, password...)
246  // If email and name is changed, set it in the users record:
247  $be_user_data = $d['be_users'];
248  // Possibility to modify the transmitted values. Useful to do transformations, like RSA password decryption
249  if (is_array($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['ext/setup/mod/index.php']['modifyUserDataBeforeSave'])) {
250  foreach ($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['ext/setup/mod/index.php']['modifyUserDataBeforeSave'] as $function) {
251  $params = ['be_user_data' => &$be_user_data];
252  GeneralUtility::callUserFunction($function, $params, $this);
253  }
254  }
255  $this->passwordIsSubmitted = (string)$be_user_data['password'] !== '';
256  $passwordIsConfirmed = $this->passwordIsSubmitted && $be_user_data['password'] === $be_user_data['password2'];
257  // Update the real name:
258  if ($be_user_data['realName'] !== $beUser->user['realName']) {
259  $beUser->user['realName'] = ($storeRec['be_users'][$beUserId]['realName'] = substr($be_user_data['realName'], 0, 80));
260  }
261  // Update the email address:
262  if ($be_user_data['email'] !== $beUser->user['email']) {
263  $beUser->user['email'] = ($storeRec['be_users'][$beUserId]['email'] = substr($be_user_data['email'], 0, 80));
264  }
265  // Update the password:
266  if ($passwordIsConfirmed) {
267  if ($this->isAdmin) {
268  $passwordOk = true;
269  } else {
270  $currentPasswordHashed = $GLOBALS['BE_USER']->user['password'];
271  $saltFactory = SaltFactory::getSaltingInstance($currentPasswordHashed);
272  $passwordOk = $saltFactory->checkPassword($be_user_data['passwordCurrent'], $currentPasswordHashed);
273  }
274  if ($passwordOk) {
275  $this->passwordIsUpdated = self::PASSWORD_UPDATED;
276  $storeRec['be_users'][$beUserId]['password'] = $be_user_data['password'];
277  } else {
278  $this->passwordIsUpdated = self::PASSWORD_OLD_WRONG;
279  }
280  } else {
281  $this->passwordIsUpdated = self::PASSWORD_NOT_THE_SAME;
282  }
283 
284  $this->setAvatarFileUid($beUserId, $be_user_data['avatar'], $storeRec);
285 
286  $this->saveData = true;
287  }
288  // Inserts the overriding values.
289  $beUser->overrideUC();
290  $save_after = md5(serialize($beUser->uc));
291  // If something in the uc-array of the user has changed, we save the array...
292  if ($save_before != $save_after) {
293  $beUser->writeUC($beUser->uc);
294  $beUser->writelog(254, 1, 0, 1, 'Personal settings changed', []);
295  $this->setupIsUpdated = true;
296  }
297  // Persist data if something has changed:
298  if (!empty($storeRec) && $this->saveData) {
299  // Make instance of TCE for storing the changes.
301  $dataHandler = GeneralUtility::makeInstance(DataHandler::class);
302  $dataHandler->stripslashes_values = false;
303  // This is so the user can actually update his user record.
304  $realUser = $this->getRealScriptUserObj();
305  $isAdmin = $realUser->user['admin'];
306  $realUser->user['admin'] = 1;
307  $dataHandler->start($storeRec, [], $realUser);
308  // This is to make sure that the users record can be updated even if in another workspace. This is tolerated.
309  $dataHandler->bypassWorkspaceRestrictions = true;
310  $dataHandler->process_datamap();
311  unset($tce);
312  if ($this->passwordIsUpdated === self::PASSWORD_NOT_UPDATED || count($storeRec['be_users'][$beUserId]) > 1) {
313  $this->setupIsUpdated = true;
314  }
315  // Restore admin status after processing
316  $realUser->user['admin'] = $isAdmin;
317  }
318  }
319  }
320 
321  /******************************
322  *
323  * Rendering module
324  *
325  ******************************/
331  public function init()
332  {
333  $this->getLanguageService()->includeLLFile('EXT:setup/Resources/Private/Language/locallang.xlf');
334 
335  // Returns the script user - that is the REAL logged in user! ($GLOBALS[BE_USER] might be another user due to simulation!)
336  $scriptUser = $this->getRealScriptUserObj();
337 
338  $this->isAdmin = $scriptUser->isAdmin();
339  // Getting the 'override' values as set might be set in User TSconfig
340  $this->overrideConf = $this->getBackendUser()->getTSConfigProp('setup.override');
341  // Getting the disabled fields might be set in User TSconfig (eg setup.fields.password.disabled=1)
342  $this->tsFieldConf = $this->getBackendUser()->getTSConfigProp('setup.fields');
343  // id password is disabled, disable repeat of password too (password2)
344  if (isset($this->tsFieldConf['password.']) && $this->tsFieldConf['password.']['disabled']) {
345  $this->tsFieldConf['password2.']['disabled'] = 1;
346  $this->tsFieldConf['passwordCurrent.']['disabled'] = 1;
347  }
348  // Create instance of object for output of data
349  $this->doc = GeneralUtility::makeInstance(\TYPO3\CMS\Backend\Template\DocumentTemplate::class);
350  }
351 
357  protected function getJavaScript()
358  {
359  $javaScript = '';
360  if (is_array($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['ext/setup/mod/index.php']['setupScriptHook'])) {
361  foreach ($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['ext/setup/mod/index.php']['setupScriptHook'] as $function) {
362  $params = [];
363  $javaScript .= GeneralUtility::callUserFunction($function, $params, $this);
364  }
365  }
366  return $javaScript;
367  }
368 
374  public function main()
375  {
376  $this->content .= '<form action="' . BackendUtility::getModuleUrl('user_setup') . '" method="post" id="SetupModuleController" name="usersetup" enctype="multipart/form-data">';
377  if ($this->languageUpdate) {
378  $this->moduleTemplate->addJavaScriptCode('languageUpdate', '
379  if (top && top.TYPO3.ModuleMenu.App) {
380  top.TYPO3.ModuleMenu.App.refreshMenu();
381  }
382  ');
383  }
384  if ($this->pagetreeNeedsRefresh) {
385  BackendUtility::setUpdateSignal('updatePageTree');
386  }
387  // Start page:
388  $this->moduleTemplate->loadJavascriptLib(ExtensionManagementUtility::extRelPath('backend') . 'Resources/Public/JavaScript/md5.js');
389  // Use a wrapper div
390  $this->content .= '<div id="user-setup-wrapper">';
391  // Load available backend modules
392  $this->loadModules = GeneralUtility::makeInstance(ModuleLoader::class);
393  $this->loadModules->observeWorkspaces = true;
394  $this->loadModules->load($GLOBALS['TBE_MODULES']);
395  $this->content .= $this->doc->header($this->getLanguageService()->getLL('UserSettings'));
396  $this->addFlashMessages();
397 
398  // Render user switch
399  $this->content .= $this->renderSimulateUserSelectAndLabel();
400 
401  // Render the menu items
402  $menuItems = $this->renderUserSetup();
403  $this->content .= $this->moduleTemplate->getDynamicTabMenu($menuItems, 'user-setup', 1, false, false);
404  $formToken = $this->formProtection->generateToken('BE user setup', 'edit');
405  $this->content .= '<div>';
406  $this->content .= '<input type="hidden" name="simUser" value="' . (int)$this->simUser . '" />
407  <input type="hidden" name="formToken" value="' . htmlspecialchars($formToken) . '" />
408  <input type="hidden" value="1" name="data[save]" />
409  <input type="hidden" name="data[setValuesToDefault]" value="0" id="setValuesToDefault" />';
410  $this->content .= '</div>';
411  // End of wrapper div
412  $this->content .= '</div>';
413  // Setting up the buttons and markers for docheader
414  $this->getButtons();
415  // Build the <body> for the module
416  // Renders the module page
417  $this->moduleTemplate->setContent($this->content);
418  $this->content .= '</form>';
419  }
420 
429  public function mainAction(ServerRequestInterface $request, ResponseInterface $response)
430  {
431  $GLOBALS['SOBE'] = $this;
432  $this->simulateUser();
433  $this->init();
434  $this->storeIncomingData();
435  $this->main();
436 
437  $response->getBody()->write($this->moduleTemplate->renderContent());
438  return $response;
439  }
440 
447  public function printContent()
448  {
449  GeneralUtility::logDeprecatedFunction();
450  echo $this->content;
451  }
452 
456  protected function getButtons()
457  {
458  $buttonBar = $this->moduleTemplate->getDocHeaderComponent()->getButtonBar();
459  $cshButton = $buttonBar->makeHelpButton()
460  ->setModuleName('_MOD_user_setup')
461  ->setFieldName('');
462  $buttonBar->addButton($cshButton);
463 
464  $saveButton = $buttonBar->makeInputButton()
465  ->setName('data[save]')
466  ->setTitle($this->getLanguageService()->sL('LLL:EXT:lang/locallang_core.xlf:rm.saveDoc'))
467  ->setValue('1')
468  ->setForm('SetupModuleController')
469  ->setShowLabelText(true)
470  ->setIcon($this->moduleTemplate->getIconFactory()->getIcon('actions-document-save', Icon::SIZE_SMALL));
471 
472  $buttonBar->addButton($saveButton);
473  $shortcutButton = $buttonBar->makeShortcutButton()
474  ->setModuleName($this->moduleName);
475  $buttonBar->addButton($shortcutButton);
476  }
477 
478  /******************************
479  *
480  * Render module
481  *
482  ******************************/
483 
490  protected function renderUserSetup()
491  {
492  $html = '';
493  $result = [];
494  $firstTabLabel = '';
495  $code = [];
496  $fieldArray = $this->getFieldsFromShowItem();
497  $tabLabel = '';
498  foreach ($fieldArray as $fieldName) {
499  $config = $GLOBALS['TYPO3_USER_SETTINGS']['columns'][$fieldName];
500  if (isset($config['access']) && !$this->checkAccess($config)) {
501  continue;
502  }
503 
504  if (substr($fieldName, 0, 8) === '--div--;') {
505  if ($firstTabLabel === '') {
506  // First tab
507  $tabLabel = $this->getLabel(substr($fieldName, 8), '', false);
508  $firstTabLabel = $tabLabel;
509  } else {
510  $result[] = [
511  'label' => $tabLabel,
512  'content' => count($code) ? implode(LF, $code) : ''
513  ];
514  $tabLabel = $this->getLabel(substr($fieldName, 8), '', false);
515  $code = [];
516  }
517  continue;
518  }
519  $label = $this->getLabel($config['label'], $fieldName);
520  $label = $this->getCSH($config['csh'] ?: $fieldName, $label);
521  $type = $config['type'];
522  $class = $config['class'];
523  if ($type !== 'check') {
524  $class .= ' form-control';
525  }
526  $more = '';
527  if ($class) {
528  $more .= ' class="' . htmlspecialchars($class) . '"';
529  }
530  $style = $config['style'];
531  if ($style) {
532  $more .= ' style="' . htmlspecialchars($style) . '"';
533  }
534  if (isset($this->overrideConf[$fieldName])) {
535  $more .= ' disabled="disabled"';
536  }
537  $value = $config['table'] === 'be_users' ? $this->getBackendUser()->user[$fieldName] : $this->getBackendUser()->uc[$fieldName];
538  if (!$value && isset($config['default'])) {
539  $value = $config['default'];
540  }
541  $dataAdd = '';
542  if ($config['table'] === 'be_users') {
543  $dataAdd = '[be_users]';
544  }
545 
546  switch ($type) {
547  case 'text':
548  case 'email':
549  case 'password':
550  $noAutocomplete = '';
551  if ($type === 'password') {
552  $value = '';
553  $noAutocomplete = 'autocomplete="off" ';
554  $more .= ' data-rsa-encryption=""';
555  }
556  $html = '<input id="field_' . htmlspecialchars($fieldName) . '"
557  type="' . htmlspecialchars($type) . '"
558  name="data' . $dataAdd . '[' . htmlspecialchars($fieldName) . ']" ' .
559  $noAutocomplete .
560  'value="' . htmlspecialchars($value) . '" ' .
561  $more .
562  ' />';
563  break;
564  case 'check':
565  $html = $label . '<div class="checkbox"><label><input id="field_' . htmlspecialchars($fieldName) . '"
566  type="checkbox"
567  name="data' . $dataAdd . '[' . htmlspecialchars($fieldName) . ']"' .
568  ($value ? ' checked="checked"' : '') .
569  $more .
570  ' /></label></div>';
571  $label = '';
572  break;
573  case 'select':
574  if ($config['itemsProcFunc']) {
575  $html = GeneralUtility::callUserFunction($config['itemsProcFunc'], $config, $this, '');
576  } else {
577  $html = '<select id="field_' . htmlspecialchars($fieldName) . '"
578  name="data' . $dataAdd . '[' . htmlspecialchars($fieldName) . ']"' .
579  $more . '>' . LF;
580  foreach ($config['items'] as $key => $optionLabel) {
581  $html .= '<option value="' . htmlspecialchars($key) . '"' . ($value == $key ? ' selected="selected"' : '') . '>' . $this->getLabel($optionLabel, '', false) . '</option>' . LF;
582  }
583  $html .= '</select>';
584  }
585  break;
586  case 'user':
587  $html = GeneralUtility::callUserFunction($config['userFunc'], $config, $this, '');
588  break;
589  case 'button':
590  if ($config['onClick']) {
591  $onClick = $config['onClick'];
592  if ($config['onClickLabels']) {
593  foreach ($config['onClickLabels'] as $key => $labelclick) {
594  $config['onClickLabels'][$key] = $this->getLabel($labelclick, '', false);
595  }
596  $onClick = vsprintf($onClick, $config['onClickLabels']);
597  }
598  $html = '<br><input class="btn btn-default" type="button"
599  value="' . $this->getLabel($config['buttonlabel'], '', false) . '"
600  onclick="' . $onClick . '" />';
601  }
602  if (!empty($config['confirm'])) {
603  $confirmData = $config['confirmData'];
604  $html = '<br><input class="btn btn-default t3js-modal-trigger" type="button"'
605  . ' value="' . $this->getLabel($config['buttonlabel'], '', false) . '"'
606  . ' data-href="javascript:' . htmlspecialchars($confirmData['jsCodeAfterOk']) . '"'
607  . ' data-severity="warning"'
608  . ' data-title="' . $this->getLabel($config['label'], '', false) . '"'
609  . ' data-content="' . $this->getLabel($confirmData['message'], '', false) . '" />';
610  }
611  break;
612  case 'avatar':
613  // Get current avatar image
614  $html = '<br>';
615  $avatarFileUid = $this->getAvatarFileUid($this->getBackendUser()->user['uid']);
616 
617  if ($avatarFileUid) {
618  $defaultAvatarProvider = GeneralUtility::makeInstance(DefaultAvatarProvider::class);
619  $avatarImage = $defaultAvatarProvider->getImage($this->getBackendUser()->user, 32);
620  if ($avatarImage) {
621  $icon = '<span class="avatar"><span class="avatar-image">' .
622  '<img src="' . htmlspecialchars($avatarImage->getUrl(true)) . '"' .
623  ' width="' . (int)$avatarImage->getWidth() . '" ' .
624  'height="' . (int)$avatarImage->getHeight() . '" />' .
625  '</span></span>';
626  $html .= '<span class="pull-left" style="padding-right: 10px" id="image_' . htmlspecialchars($fieldName) . '">' . $icon . ' </span>';
627  }
628  }
629  $html .= '<input id="field_' . htmlspecialchars($fieldName) . '" type="hidden" ' .
630  'name="data' . $dataAdd . '[' . htmlspecialchars($fieldName) . ']"' . $more .
631  ' value="' . (int)$avatarFileUid . '" />';
632 
633  $html .= '<div class="btn-group">';
634  if ($avatarFileUid) {
635  $html .= '<a id="clear_button_' . htmlspecialchars($fieldName) . '" onclick="clearExistingImage(); return false;" class="btn btn-default"><span class="t3-icon fa t3-icon fa fa-remove"> </span></a>';
636  }
637  $html .= '<a id="add_button_' . htmlspecialchars($fieldName) . '" class="btn btn-default btn-add-avatar" onclick="openFileBrowser();return false;"><span class="t3-icon t3-icon-actions t3-icon-actions-insert t3-icon-insert-record"> </span></a>' .
638  '</div>';
639 
640  $this->addAvatarButtonJs($fieldName);
641  break;
642  default:
643  $html = '';
644  }
645 
646  $code[] = '<div class="form-section"><div class="form-group">' .
647  $label .
648  $html .
649  '</div></div>';
650  }
651 
652  $result[] = [
653  'label' => $tabLabel,
654  'content' => count($code) ? implode(LF, $code) : ''
655  ];
656  return $result;
657  }
658 
659  /******************************
660  *
661  * Helper functions
662  *
663  ******************************/
670  protected function getRealScriptUserObj()
671  {
672  return is_object($this->OLD_BE_USER) ? $this->OLD_BE_USER : $this->getBackendUser();
673  }
674 
680  public function renderLanguageSelect()
681  {
682  $languageOptions = [];
683  // Compile the languages dropdown
684  $langDefault = $this->getLanguageService()->getLL('lang_default', true);
685  $languageOptions[$langDefault] = '<option value=""' . ($this->getBackendUser()->uc['lang'] === '' ? ' selected="selected"' : '') . '>' . $langDefault . '</option>';
686  // Traverse the number of languages
688  $locales = GeneralUtility::makeInstance(\TYPO3\CMS\Core\Localization\Locales::class);
689  $languages = $locales->getLanguages();
690  foreach ($languages as $locale => $name) {
691  if ($locale !== 'default') {
692  $defaultName = isset($GLOBALS['LOCAL_LANG']['default']['lang_' . $locale]) ? $GLOBALS['LOCAL_LANG']['default']['lang_' . $locale][0]['source'] : $name;
693  $localizedName = $this->getLanguageService()->getLL('lang_' . $locale, true);
694  if ($localizedName === '') {
695  $localizedName = htmlspecialchars($name);
696  }
697  $localLabel = ' - [' . htmlspecialchars($defaultName) . ']';
698  $available = is_dir(PATH_typo3conf . 'l10n/' . $locale);
699  if ($available) {
700  $languageOptions[$defaultName] = '<option value="' . $locale . '"' . ($this->getBackendUser()->uc['lang'] === $locale ? ' selected="selected"' : '') . '>' . $localizedName . $localLabel . '</option>';
701  }
702  }
703  }
704  ksort($languageOptions);
705  $languageCode = '
706  <select id="field_lang" name="data[lang]" class="form-control">' . implode('', $languageOptions) . '
707  </select>';
708  if ($this->getBackendUser()->uc['lang'] && !@is_dir((PATH_typo3conf . 'l10n/' . $this->getBackendUser()->uc['lang']))) {
709  // TODO: The text constants have to be moved into language files
710  $languageUnavailableWarning = 'The selected language "' . $this->getLanguageService()->getLL(('lang_' . $this->getBackendUser()->uc['lang']), true) . '" is not available before the language files are installed.&nbsp;&nbsp;<br />&nbsp;&nbsp;' . ($this->getBackendUser()->isAdmin() ? 'You can use the Language module to easily download new language files.' : 'Please ask your system administrator to do this.');
711  $languageCode = '<br /><span class="label label-danger">' . $languageUnavailableWarning . '</span><br /><br />' . $languageCode;
712  }
713  return $languageCode;
714  }
715 
724  public function renderStartModuleSelect($params, $pObj)
725  {
726  $startModuleSelect = '<option value="">' . $this->getLanguageService()->getLL('startModule.firstInMenu', true) . '</option>';
727  foreach ($pObj->loadModules->modules as $mainMod => $modData) {
728  if (!empty($modData['sub']) && is_array($modData['sub'])) {
729  $modules = '';
730  foreach ($modData['sub'] as $subData) {
731  $modName = $subData['name'];
732  $modules .= '<option value="' . htmlspecialchars($modName) . '"';
733  $modules .= $this->getBackendUser()->uc['startModule'] === $modName ? ' selected="selected"' : '';
734  $modules .= '>' . $this->getLanguageService()->moduleLabels['tabs'][$modName . '_tab'] . '</option>';
735  }
736  $groupLabel = $this->getLanguageService()->moduleLabels['tabs'][$mainMod . '_tab'];
737  $startModuleSelect .= '<optgroup label="' . htmlspecialchars($groupLabel) . '">' . $modules . '</optgroup>';
738  }
739  }
740  return '<select id="field_startModule" name="data[startModule]" class="form-control">' . $startModuleSelect . '</select>';
741  }
742 
749  public function simulateUser()
750  {
751  // If admin, allow simulation of another user
752  $this->simUser = 0;
753  $this->simulateSelector = '';
754  unset($this->OLD_BE_USER);
755  if ($this->getBackendUser()->isAdmin()) {
756  $this->simUser = (int)GeneralUtility::_GP('simUser');
757  // Make user-selector:
758  $db = $this->getDatabaseConnection();
759  $where = 'AND username NOT LIKE ' . $db->fullQuoteStr($db->escapeStrForLike('_cli_', 'be_users') . '%', 'be_users');
760  $where .= ' AND uid <> ' . (int)$this->getBackendUser()->user['uid'] . BackendUtility::BEenableFields('be_users');
761  $users = BackendUtility::getUserNames('username,usergroup,usergroup_cached_list,uid,realName', $where);
762  $opt = [];
763  foreach ($users as $rr) {
764  $label = $rr['username'] . ($rr['realName'] ? ' (' . $rr['realName'] . ')' : '');
765  $opt[] = '<option value="' . (int)$rr['uid'] . '"' . ($this->simUser === (int)$rr['uid'] ? ' selected="selected"' : '') . '>' . htmlspecialchars($label) . '</option>';
766  }
767  if (!empty($opt)) {
768  $this->simulateSelector = '<select id="field_simulate" class="form-control" name="simulateUser" onchange="window.location.href=' . GeneralUtility::quoteJSvalue(BackendUtility::getModuleUrl('user_setup') . '&simUser=') . '+this.options[this.selectedIndex].value;"><option></option>' . implode('', $opt) . '</select>';
769  }
770  }
771  // This can only be set if the previous code was executed.
772  if ($this->simUser > 0) {
773  // Save old user...
774  $this->OLD_BE_USER = $this->getBackendUser();
775  unset($GLOBALS['BE_USER']);
776  // Unset current
777  // New backend user object
778  $BE_USER = GeneralUtility::makeInstance(BackendUserAuthentication::class);
779  $BE_USER->setBeUserByUid($this->simUser);
780  $BE_USER->fetchGroupData();
781  $BE_USER->backendSetUC();
782  // Must do this, because unsetting $BE_USER before apparently unsets the reference to the global variable by this name!
783  $GLOBALS['BE_USER'] = $BE_USER;
784  }
785  }
786 
792  protected function renderSimulateUserSelectAndLabel()
793  {
794  if ($this->simulateSelector === '') {
795  return '';
796  }
797 
798  return '<div class="form-inline"><div class="form-group"><p>'
799  . '<label for="field_simulate" style="margin-right: 20px;">'
800  . htmlspecialchars($this->getLanguageService()->sL('LLL:EXT:setup/Resources/Private/Language/locallang.xlf:simulate'))
801  . '</label>'
802  . $this->simulateSelector
803  . '</p></div></div>';
804  }
805 
812  protected function checkAccess(array $config)
813  {
814  $access = $config['access'];
815 
816  if (isset($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['setup']['accessLevelCheck'][$access])) {
817  if (class_exists($access)) {
818  $accessObject = GeneralUtility::makeInstance($access);
819  if (method_exists($accessObject, 'accessLevelCheck')) {
820  // Initialize vars. If method fails, $set will be set to FALSE
821  return $accessObject->accessLevelCheck($config);
822  }
823  }
824  } elseif ($access == 'admin') {
825  return $this->isAdmin;
826  }
827 
828  return false;
829  }
830 
839  protected function getLabel($str, $key = '', $addLabelTag = true)
840  {
841  if (substr($str, 0, 4) === 'LLL:') {
842  $out = htmlspecialchars($this->getLanguageService()->sL($str));
843  } else {
844  $out = htmlspecialchars($str);
845  }
846  if (isset($this->overrideConf[$key ?: $str])) {
847  $out = '<span style="color:#999999">' . $out . '</span>';
848  }
849  if ($addLabelTag) {
850  $out = '<label for="' . ($altLabelTagId ?: 'field_' . htmlspecialchars($key)) . '">' . $out . '</label>';
851  }
852  return $out;
853  }
854 
862  protected function getCSH($str, $label)
863  {
864  $context = '_MOD_user_setup';
865  $field = $str;
866  $strParts = explode(':', $str);
867  if (count($strParts) > 1) {
868  // Setting comes from another extension
869  $context = $strParts[0];
870  $field = $strParts[1];
871  } elseif ($str !== 'language' && $str !== 'simuser' && $str !== 'reset') {
872  $field = 'option_' . $str;
873  }
874  return BackendUtility::wrapInHelp($context, $field, $label);
875  }
876 
883  protected function getFieldsFromShowItem()
884  {
885  $allowedFields = GeneralUtility::trimExplode(',', $GLOBALS['TYPO3_USER_SETTINGS']['showitem'], true);
886  // do not ask for current password if admin (unknown for other users and no security gain)
887  if ($this->isAdmin) {
888  $key = array_search('passwordCurrent', $allowedFields);
889  if ($key !== false) {
890  unset($allowedFields[$key]);
891  }
892  }
893  if (!is_array($this->tsFieldConf)) {
894  return $allowedFields;
895  }
896  foreach ($this->tsFieldConf as $fieldName => $userTsFieldConfig) {
897  if (!empty($userTsFieldConfig['disabled'])) {
898  $fieldName = rtrim($fieldName, '.');
899  $key = array_search($fieldName, $allowedFields);
900  if ($key !== false) {
901  unset($allowedFields[$key]);
902  }
903  }
904  }
905  return $allowedFields;
906  }
907 
914  protected function getAvatarFileUid($beUserId)
915  {
916  $file = $this->getDatabaseConnection()->exec_SELECTgetSingleRow(
917  'uid_local',
918  'sys_file_reference',
919  'tablenames = \'be_users\' AND fieldname = \'avatar\' AND ' .
920  'table_local = \'sys_file\' AND uid_foreign = ' . (int)$beUserId .
921  BackendUtility::BEenableFields('sys_file_reference') . BackendUtility::deleteClause('sys_file_reference')
922  );
923  return $file ? $file['uid_local'] : 0;
924  }
925 
933  protected function setAvatarFileUid($beUserId, $fileUid, array &$storeRec)
934  {
935 
936  // Update is only needed when new fileUid is set
937  if ((int)$fileUid === $this->getAvatarFileUid($beUserId)) {
938  return;
939  }
940 
941  // Delete old file reference
942  $this->getDatabaseConnection()->exec_DELETEquery(
943  'sys_file_reference',
944  'tablenames = \'be_users\' AND fieldname = \'avatar\' AND ' .
945  'table_local = \'sys_file\' AND uid_foreign = ' . (int)$beUserId
946  );
947 
948  // Create new reference
949  if ($fileUid) {
950 
951  // Get file object
952  try {
953  $file = ResourceFactory::getInstance()->getFileObject($fileUid);
954  } catch (FileDoesNotExistException $e) {
955  $file = false;
956  }
957 
958  // Check if user is allowed to use the image (only when not in simulation mode)
959  if ($file && $this->simUser === 0 && !$file->getStorage()->checkFileActionPermission('read', $file)) {
960  $file = false;
961  }
962 
963  // Check if extension is allowed
964  if ($file && GeneralUtility::inList($GLOBALS['TYPO3_CONF_VARS']['GFX']['imagefile_ext'], $file->getExtension())) {
965 
966  // Create new file reference
967  $storeRec['sys_file_reference']['NEW1234'] = [
968  'uid_local' => (int)$fileUid,
969  'uid_foreign' => (int)$beUserId,
970  'tablenames' => 'be_users',
971  'fieldname' => 'avatar',
972  'pid' => 0,
973  'table_local' => 'sys_file',
974  ];
975  $storeRec['be_users'][(int)$beUserId]['avatar'] = 'NEW1234';
976  }
977  }
978  }
979 
985  protected function addAvatarButtonJs($fieldName)
986  {
987  $this->moduleTemplate->addJavaScriptCode('avatar-button', '
988  var browserWin="";
989 
990  function openFileBrowser() {
991  var url = ' . GeneralUtility::quoteJSvalue(BackendUtility::getModuleUrl('wizard_element_browser', ['mode' => 'file', 'bparams' => '||||dummy|setFileUid'])) . ';
992  browserWin = window.open(url,"Typo3WinBrowser","height=650,width=800,status=0,menubar=0,resizable=1,scrollbars=1");
993  browserWin.focus();
994  }
995 
996  function clearExistingImage() {
997  TYPO3.jQuery(' . GeneralUtility::quoteJSvalue('#image_' . htmlspecialchars($fieldName)) . ').hide();
998  TYPO3.jQuery(' . GeneralUtility::quoteJSvalue('#clear_button_' . htmlspecialchars($fieldName)) . ').hide();
999  TYPO3.jQuery(' . GeneralUtility::quoteJSvalue('#field_' . htmlspecialchars($fieldName)) . ').val(\'\');
1000  }
1001 
1002  function setFileUid(field, value, fileUid) {
1003  clearExistingImage();
1004  TYPO3.jQuery(' . GeneralUtility::quoteJSvalue('#field_' . htmlspecialchars($fieldName)) . ').val(fileUid);
1005  TYPO3.jQuery(' . GeneralUtility::quoteJSvalue('#add_button_' . htmlspecialchars($fieldName)) . ').removeClass(\'btn-default\').addClass(\'btn-info\');
1006 
1007  browserWin.close();
1008  }
1009  ');
1010  }
1011 
1017  protected function getBackendUser()
1018  {
1019  return $GLOBALS['BE_USER'];
1020  }
1021 
1027  protected function getLanguageService()
1028  {
1029  return $GLOBALS['LANG'];
1030  }
1031 
1035  protected function getDatabaseConnection()
1036  {
1037  return $GLOBALS['TYPO3_DB'];
1038  }
1039 
1045  protected function addFlashMessages()
1046  {
1047  $flashMessages = [];
1048 
1049  // Show if setup was saved
1050  if ($this->setupIsUpdated && !$this->settingsAreResetToDefault) {
1051  $flashMessages[] = $this->getFlashMessage('setupWasUpdated', 'UserSettings');
1052  }
1053 
1054  // Show if temporary data was cleared
1055  if ($this->settingsAreResetToDefault) {
1056  $flashMessages[] = $this->getFlashMessage('settingsAreReset', 'resetConfiguration');
1057  }
1058 
1059  // Notice
1060  if ($this->setupIsUpdated || $this->settingsAreResetToDefault) {
1061  $flashMessages[] = $this->getFlashMessage('activateChanges', '', FlashMessage::INFO);
1062  }
1063 
1064  // If password is updated, output whether it failed or was OK.
1065  if ($this->passwordIsSubmitted) {
1066  $flashMessage = null;
1067  switch ($this->passwordIsUpdated) {
1068  case self::PASSWORD_OLD_WRONG:
1069  $flashMessages[] = $this->getFlashMessage('oldPassword_failed', 'newPassword', FlashMessage::ERROR);
1070  break;
1071  case self::PASSWORD_NOT_THE_SAME:
1072  $flashMessages[] = $this->getFlashMessage('newPassword_failed', 'newPassword', FlashMessage::ERROR);
1073  break;
1074  case self::PASSWORD_UPDATED:
1075  $flashMessages[] = $this->getFlashMessage('newPassword_ok', 'newPassword');
1076  break;
1077  }
1078  }
1079  if (!empty($flashMessages)) {
1080  $this->enqueueFlashMessages($flashMessages);
1081  }
1082  }
1083 
1089  protected function enqueueFlashMessages(array $flashMessages)
1090  {
1091  $flashMessageService = GeneralUtility::makeInstance(FlashMessageService::class);
1092  $defaultFlashMessageQueue = $flashMessageService->getMessageQueueByIdentifier();
1093  foreach ($flashMessages as $flashMessage) {
1094  $defaultFlashMessageQueue->enqueue($flashMessage);
1095  }
1096  }
1097 
1104  protected function getFlashMessage($message, $title, $severity = FlashMessage::OK)
1105  {
1106  $title = !empty($title) ? $this->getLanguageService()->getLL($title) : ' ';
1107  return GeneralUtility::makeInstance(
1108  FlashMessage::class,
1109  $this->getLanguageService()->getLL($message),
1110  $title,
1111  $severity
1112  );
1113  }
1114 }
$params
$params
Definition: auth_adodb_example.php:17
TYPO3\CMS\Saltedpasswords\Salt\SaltFactory\getSaltingInstance
static getSaltingInstance($saltedHash='', $mode=TYPO3_MODE)
Definition: SaltFactory.php:82
TYPO3\CMS\Backend\Utility\BackendUtility\BEenableFields
static BEenableFields($table, $inv=false)
Definition: BackendUtility.php:266
TYPO3\CMS\Core\Utility\GeneralUtility\trimExplode
static trimExplode($delim, $string, $removeEmptyValues=false, $limit=0)
Definition: GeneralUtility.php:1551
TYPO3\CMS\Core\Utility\GeneralUtility\callUserFunction
static callUserFunction($funcName, &$params, &$ref, $checkPrefix='', $errorMode=0)
Definition: GeneralUtility.php:4350
TYPO3\CMS\Setup\Controller\SetupModuleController\getFlashMessage
getFlashMessage($message, $title, $severity=FlashMessage::OK)
Definition: SetupModuleController.php:1104
TYPO3\CMS\Setup\Controller\SetupModuleController\setAvatarFileUid
setAvatarFileUid($beUserId, $fileUid, array &$storeRec)
Definition: SetupModuleController.php:933
TYPO3\CMS\Backend\Utility\BackendUtility\getUserNames
static getUserNames($fields='username, usergroup, usergroup_cached_list, uid', $where='')
Definition: BackendUtility.php:1400
TYPO3\CMS\Backend\Utility\BackendUtility\setUpdateSignal
static setUpdateSignal($set='', $params='')
Definition: BackendUtility.php:3386
TYPO3\CMS\Setup\Controller\SetupModuleController\mainAction
mainAction(ServerRequestInterface $request, ResponseInterface $response)
Definition: SetupModuleController.php:429
$GLOBALS
if(TYPO3_MODE==='BE') $GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['t3lib/class.t3lib_tsfebeuserauth.php']['frontendEditingController']['default']
Definition: ext_localconf.php:31
$locales
$locales
Definition: be_users.php:6
TYPO3\CMS\Backend\Utility\BackendUtility\deleteClause
static deleteClause($table, $tableAlias='')
Definition: BackendUtility.php:82