TYPO3 CMS  TYPO3_8-7
ImageManipulationWizard.php
Go to the documentation of this file.
1 <?php
2 declare(strict_types = 1);
3 namespace TYPO3\CMS\Backend\Form\Wizard;
4 
5 /*
6  * This file is part of the TYPO3 CMS project.
7  *
8  * It is free software; you can redistribute it and/or modify it under
9  * the terms of the GNU General Public License, either version 2
10  * of the License, or any later version.
11  *
12  * For the full copyright and license information, please read the
13  * LICENSE.txt file that was distributed with this source code.
14  *
15  * The TYPO3 project - inspiring people to share!
16  */
17 
18 use Psr\Http\Message\ResponseInterface;
19 use Psr\Http\Message\ServerRequestInterface;
20 use TYPO3\CMS\Core\Resource\Exception\FileDoesNotExistException;
21 use TYPO3\CMS\Core\Resource\ResourceFactory;
22 use TYPO3\CMS\Core\Utility\GeneralUtility;
23 use TYPO3\CMS\Core\Utility\MathUtility;
24 use TYPO3\CMS\Fluid\View\StandaloneView;
25 
29 class ImageManipulationWizard
30 {
34  private $templateView;
35 
39  public function __construct(StandaloneView $templateView = null)
40  {
41  if (!$templateView) {
42  $templateView = GeneralUtility::makeInstance(StandaloneView::class);
43  $templateView->setLayoutRootPaths([GeneralUtility::getFileAbsFileName('EXT:backend/Resources/Private/Layouts/')]);
44  $templateView->setPartialRootPaths([GeneralUtility::getFileAbsFileName('EXT:backend/Resources/Private/Partials/ImageManipulation/')]);
45  $templateView->setTemplatePathAndFilename(GeneralUtility::getFileAbsFileName('EXT:backend/Resources/Private/Templates/ImageManipulation/ImageManipulationWizard.html'));
46  }
47  $this->templateView = $templateView;
48  }
49 
57  public function getWizardAction(ServerRequestInterface $request, ResponseInterface $response)
58  {
59  if ($this->isSignatureValid($request)) {
60  $parsedBody = json_decode($request->getParsedBody()['arguments'], true);
61  $fileUid = $parsedBody['image'];
62  $image = null;
63  if (MathUtility::canBeInterpretedAsInteger($fileUid)) {
64  try {
65  $image = ResourceFactory::getInstance()->getFileObject($fileUid);
66  } catch (FileDoesNotExistException $e) {
67  }
68  }
69  $viewData = [
70  'image' => $image,
71  'cropVariants' => $parsedBody['cropVariants']
72  ];
73  $content = $this->templateView->renderSection('Main', $viewData);
74  $response->getBody()->write($content);
75 
76  return $response;
77  }
78  return $response->withStatus(403);
79  }
80 
87  protected function isSignatureValid(ServerRequestInterface $request)
88  {
89  $token = GeneralUtility::hmac($request->getParsedBody()['arguments'], 'ajax_wizard_image_manipulation');
90  return hash_equals($token, $request->getParsedBody()['signature']);
91  }
92 }
TYPO3\CMS\Backend\Form\Wizard\ImageManipulationWizard\getWizardAction
getWizardAction(ServerRequestInterface $request, ResponseInterface $response)
Definition: ImageManipulationWizard.php:57
TYPO3\CMS\Core\Utility\GeneralUtility\hmac
static hmac($input, $additionalSecret='')
Definition: GeneralUtility.php:743
TYPO3\CMS\Core\Utility\GeneralUtility\getFileAbsFileName
static getFileAbsFileName($filename, $_=null, $_2=null)
Definition: GeneralUtility.php:3325
TYPO3\CMS\Core\Utility\GeneralUtility\makeInstance
static makeInstance($className,... $constructorArguments)
Definition: GeneralUtility.php:3945