vendor/numero2/contao-marketing-suite/src/Resources/contao/library/MarketingSuite/Hooks/Hooks.php line 149

Open in your IDE?
  1. <?php
  3. /**
  4.  * Contao Open Source CMS
  5.  *
  6.  * Copyright (c) 2005-2021 Leo Feyer
  7.  *
  8.  * @package   Contao Marketing Suite
  9.  * @author    Benny Born <benny.born@numero2.de>
  10.  * @author    Michael Bösherz <michael.boesherz@numero2.de>
  11.  * @license   Commercial
  12.  * @copyright 2021 numero2 - Agentur für digitales Marketing
  13.  */
  16. namespace numero2\MarketingSuite\Hooks;
  18. use Contao\Backend;
  19. use Contao\CMSConfig;
  20. use Contao\Controller;
  21. use Contao\CoreBundle\Exception\InternalServerErrorHttpException;
  22. use Contao\CoreBundle\Exception\NoContentResponseException;
  23. use Contao\CoreBundle\Exception\ResponseException;
  24. use Contao\Dbafs;
  25. use Contao\DC_CMSFile;
  26. use Contao\FilesModel;
  27. use Contao\Input;
  28. use Contao\StringUtil;
  29. use Contao\Widget;
  30. use numero2\MarketingSuite\Widget\ElementStyle;
  31. use Symfony\Component\HttpFoundation\Response;
  32. use Symfony\Component\HttpKernel\Exception\BadRequestHttpException;
  35. class Hooks extends Backend {
  38.     /**
  39.      * Validate a custom regular expression
  40.      *
  41.      * @param string $strRgxp
  42.      * @param mixed $varValue
  43.      * @param \Widget $objWidget
  44.      *
  45.      * @return bool
  46.      */
  47.     public static function validateRgxp$strRgxp$varValueWidget $objWidget ) {
  49.         switch( $strRgxp ) {
  51.             case 'natural_min_4_weeks':
  53.                 self::validateRgxp('natural'$varValue$objWidget);
  55.                 $aMin = [
  56.                     'day' => 28
  57.                 ,   'week' => 4
  58.                 ,   'month' => 1
  59.                 ];
  61.                 $unit array_keys($aMin)[0];
  63.                 if( !empty($objWidget->value['unit']) ){
  64.                     $unit $objWidget->value['unit'];
  65.                 }
  66.                 $postUnit Input::post($objWidget->name);
  68.                 if( !empty($postUnit['unit']) ){
  69.                     $unit $postUnit['unit'];
  70.                 }
  72.                 if( $varValue $aMin[$unit] ) {
  73.                     $objWidget->addError($GLOBALS['TL_LANG']['ERR']['natural_min_4_weeks']);
  74.                 }
  76.                 if( $varValue <= ) {
  77.                     $objWidget->addError($GLOBALS['TL_LANG']['ERR']['natural_greater_0']);
  78.                 }
  80.                 return true;
  81.                 break;
  83.             case 'cms_url':
  85.                 if( preg_match('/^{{[^{}]+}}$/'$varValue) ) {
  86.                     return true;
  87.                 }
  89.                 $varValue Controller::replaceInsertTags($varValue);
  91.                 $parsed parse_url($varValue);
  93.                 if( !is_array($parsed) ) {
  94.                     $objWidget->addError(sprintf($GLOBALS['TL_LANG']['ERR']['cms_url_parse_failed'], $varValue));
  95.                 }
  97.                 if( !isset($parsed['scheme']) ) {
  98.                     $objWidget->addError(sprintf($GLOBALS['TL_LANG']['ERR']['cms_url_scheme_missing'], $varValue));
  99.                 }
  100.                 if( !isset($parsed['host']) ) {
  101.                     $objWidget->addError(sprintf($GLOBALS['TL_LANG']['ERR']['cms_url_host_missing'], $varValue));
  102.                 }
  104.                 return true;
  106.         }
  108.         return false;
  109.     }
  112.     /**
  113.      * Perform pre action hook
  114.      *
  115.      * @param string $strAction
  116.      */
  117.     public function executePreActions$strAction ) {
  119.         if( $strAction === 'updateElementPreview' ) {
  121.             $oElement null;
  122.             $oElement = new ElementStyle();
  124.             $dc = (object) [
  125.                 'table' => Input::get('table')
  126.             ,   'activeRecord' => (object) [
  127.                     'id' => Input::post('id')
  128.                 ,   'type' => Input::post('type')
  129.                 ]
  130.             ];
  132.             $sMarkup '';
  133.             $sMarkup $oElement->generatePreview$dc$_POST );
  135.             $oResponse null;
  136.             $oResponse = new ResponseController::replaceOldBePaths($sMarkup) );
  138.             throw new ResponseException($oResponse);
  139.         }
  140.     }
  143.     /**
  144.      * This will be called when the system will be initialized.
  145.      */
  146.     public static function initializeSystem() {
  148.         //initialize CMSConfig
  149.         CMSConfig::getInstance();
  150.     }
  153.     /**
  154.      * Will provide the useful postActionHook features from the core for our
  155.      * own DC_CMSFile data container
  156.      *
  157.      * @param string $strAction
  158.      * @param \DC_CMSFile $dc
  159.      *
  160.      * @throws \Symfony\Component\HttpKernel\Exception\BadRequestHttpException
  161.      * @throws \Contao\CoreBundle\Exception\ResponseException
  162.      * @throws \Contao\CoreBundle\Exception\NoContentResponseException
  163.      * @throws \Contao\CoreBundle\Exception\InternalServerErrorHttpException
  164.      */
  165.     public function postActionHookForDC_CMSFile$strAction$dc ) {
  167.         // only use when DC_CMSFile
  168.         if( !$dc instanceof DC_CMSFile ) {
  169.             return ;
  170.         }
  172.         switch( $strAction ) {
  174.             // Load nodes of the file tree
  175.             case 'loadFiletree':
  177.                 $varValue null;
  178.                 $strField $dc->field Input::post('name');
  180.                 // Call the load_callback
  181.                 if( \is_array($GLOBALS['TL_DCA'][$dc->table]['fields'][$strField]['load_callback'] ?? null) ) {
  183.                     foreach( $GLOBALS['TL_DCA'][$dc->table]['fields'][$strField]['load_callback'] as $callback ) {
  185.                         if( \is_array($callback) ) {
  187.                             $this->import($callback[0]);
  188.                             $varValue $this->{$callback[0]}->{$callback[1]}($varValue$dc);
  190.                         } else if( \is_callable($callback) ) {
  192.                             $varValue $callback($varValue$dc);
  193.                         }
  194.                     }
  195.                 }
  197.                 /** @var FileSelector $strClass */
  198.                 $strClass $GLOBALS['BE_FFL']['fileSelector'];
  200.                 /** @var FileSelector $objWidget */
  201.                 $objWidget = new $strClass($strClass::getAttributesFromDca($GLOBALS['TL_DCA'][$dc->table]['fields'][$strField], $dc->field$varValue$strField$dc->table$dc));
  203.                 // Load a particular node
  204.                 if( Input::post('folder'true) != '' )  {
  205.                     throw new ResponseException($this->convertToResponse($objWidget->generateAjax(Input::post('folder'true), Input::post('field'), (int) Input::post('level'))));
  206.                 }
  208.                 throw new ResponseException($this->convertToResponse($objWidget->generate()));
  210.             // Reload the page/file picker
  211.             case 'reloadPagetree':
  212.             case 'reloadFiletree':
  214.                 $intId Input::get('id');
  215.                 $strField $dc->inputName Input::post('name');
  217.                 // Handle the keys in "edit multiple" mode
  218.                 if( Input::get('act') == 'editAll' ) {
  220.                     $intId preg_replace('/.*_([0-9a-zA-Z]+)$/''$1'$strField);
  221.                     $strField preg_replace('/(.*)_[0-9a-zA-Z]+$/''$1'$strField);
  222.                 }
  224.                 $dc->field $strField;
  226.                 // The field does not exist
  227.                 if( !isset($GLOBALS['TL_DCA'][$dc->table]['fields'][$strField]) ) {
  229.                     $this->log('Field "' $strField '" does not exist in DCA "' $dc->table '"'__METHOD__TL_ERROR);
  230.                     throw new BadRequestHttpException('Bad request');
  231.                 }
  233.                 $objRow null;
  234.                 $varValue null;
  236.                 // Load the value
  237.                 if( Input::get('act') != 'overrideAll' ) {
  238.                     $varValue CMSConfig::get($strField);
  239.                 }
  241.                 // Call the load_callback
  242.                 if( \is_array($GLOBALS['TL_DCA'][$dc->table]['fields'][$strField]['load_callback'] ?? null) ) {
  244.                     foreach( $GLOBALS['TL_DCA'][$dc->table]['fields'][$strField]['load_callback'] as $callback ) {
  246.                         if( \is_array($callback) ) {
  248.                             $this->import($callback[0]);
  249.                             $varValue $this->{$callback[0]}->{$callback[1]}($varValue$dc);
  251.                         } else if( \is_callable($callback) ) {
  253.                             $varValue $callback($varValue$dc);
  254.                         }
  255.                     }
  256.                 }
  258.                 // Set the new value
  259.                 $varValue Input::post('value'true);
  260.                 $strKey = ($strAction == 'reloadPagetree') ? 'pageTree' 'fileTree';
  262.                 // Convert the selected values
  263.                 if( $varValue != '' ) {
  265.                     $varValue StringUtil::trimsplit("\t"$varValue);
  267.                     // Automatically add resources to the DBAFS
  268.                     if( $strKey == 'fileTree' ) {
  270.                         foreach( $varValue as $k=>$v ) {
  272.                             $v rawurldecode($v);
  274.                             if( Dbafs::shouldBeSynchronized($v) ) {
  276.                                 $objFile FilesModel::findByPath($v);
  278.                                 if( $objFile === null ) {
  280.                                     $objFile Dbafs::addResource($v);
  281.                                 }
  283.                                 $varValue[$k] = $objFile->uuid;
  284.                             }
  285.                         }
  286.                     }
  288.                     $varValue serialize($varValue);
  289.                 }
  291.                 /** @var FileTree|PageTree $strClass */
  292.                 $strClass $GLOBALS['BE_FFL'][$strKey];
  294.                 /** @var FileTree|PageTree $objWidget */
  295.                 $objWidget = new $strClass($strClass::getAttributesFromDca($GLOBALS['TL_DCA'][$dc->table]['fields'][$strField], $dc->inputName$varValue$strField$dc->table$dc));
  297.                 throw new ResponseException($this->convertToResponse($objWidget->generate()));
  299.             // Toggle subpalettes
  300.             case 'toggleSubpalette':
  302.                 $this->import('BackendUser''User');
  304.                 // Check whether the field is a selector field and allowed for regular users (thanks to Fabian Mihailowitsch) (see #4427)
  305.                 if( !\is_array($GLOBALS['TL_DCA'][$dc->table]['palettes']['__selector__'] ?? null) || !\in_array(Input::post('field'), $GLOBALS['TL_DCA'][$dc->table]['palettes']['__selector__'] ?? []) || (($GLOBALS['TL_DCA'][$dc->table]['fields'][Input::post('field')]['exclude']??null) && !$this->User->hasAccess($dc->table '::' Input::post('field'), 'alexf')) ) {
  307.                     $this->log('Field "' Input::post('field') . '" is not an allowed selector field (possible SQL injection attempt)'__METHOD__TL_ERROR);
  308.                     throw new BadRequestHttpException('Bad request');
  309.                 }
  311.                 $val = ((Input::post('state') == 1) ? true false);
  312.                 CMSConfig::persist(Input::post('field'), $val);
  314.                 if( Input::post('load') ) {
  316.                     CMSConfig::set(Input::post('field'), $val);
  318.                     throw new ResponseException($this->convertToResponse($dc->edit(falseInput::post('id'))));
  319.                 }
  321.                 throw new NoContentResponseException();
  323.             // DropZone file upload
  324.             case 'fileupload':
  326.                 $dc->move(true);
  327.                 throw new InternalServerErrorHttpException();
  328.         }
  329.     }
  332.     /**
  333.      * Convert a string to a response object
  334.      *
  335.      * @param string $str
  336.      *
  337.      * @return \Symfony\Component\HttpFoundation\Response
  338.      */
  339.     protected function convertToResponse$str ) {
  340.         return new ResponseController::replaceOldBePaths($str) );
  341.     }
  342. }