[GitHub/WoltLab/WCF.git] / wcfsetup / install / files / lib / acp / form / TemplateAddForm.class.php

<?php
namespace wcf\acp\form;
use wcf\data\package\Package;
use wcf\data\package\PackageCache;
use wcf\data\template\group\TemplateGroup;
use wcf\data\template\Template;
use wcf\data\template\TemplateAction;
use wcf\form\AbstractForm;
use wcf\system\database\util\PreparedStatementConditionBuilder;
use wcf\system\exception\IllegalLinkException;
use wcf\system\exception\UserInputException;
use wcf\system\WCF;
use wcf\util\StringUtil;

/**
 * Shows the form for adding new templates.
 * 
 * @author	Marcel Werk
 * @copyright	2001-2018 WoltLab GmbH
 * @license	GNU Lesser General Public License <http://opensource.org/licenses/lgpl-license.php>
 * @package	WoltLabSuite\Core\Acp\Form
 */
class TemplateAddForm extends AbstractForm {
	/**
	 * @inheritDoc
	 */
	public $activeMenuItem = 'wcf.acp.menu.link.template.add';
	
	/**
	 * @inheritDoc
	 */
	public $neededPermissions = ['admin.template.canManageTemplate'];
	
	/**
	 * template name
	 * @var	string
	 */
	public $tplName = '';
	
	/**
	 * template group id
	 * @var	integer
	 */
	public $templateGroupID = 0;
	
	/**
	 * template source code
	 * @var	string
	 */
	public $templateSource = '';
	
	/**
	 * available template groups
	 * @var	array
	 */
	public $availableTemplateGroups = [];
	
	/**
	 * template's package id
	 * @var	integer
	 */
	public $packageID = 1;
	
	/**
	 * id of copied template
	 * @var	integer
	 */
	public $copy = 0;
	
	/**
	 * copied template object
	 * @var	Template
	 */
	public $copiedTemplate = null;
	
	/**
	 * application the template belongs to
	 * @var	string
	 */
	public $application = '';
	
	/**
	 * @inheritDoc
	 */
	public function readParameters() {
		parent::readParameters();
		
		if (!empty($_REQUEST['copy'])) {
			$this->copy = intval($_REQUEST['copy']);
			$this->copiedTemplate = new Template($this->copy);
			if (!$this->copiedTemplate->templateID) {
				throw new IllegalLinkException();
			}
			
			$this->application = $this->copiedTemplate->application;
			$this->packageID = $this->copiedTemplate->packageID;
		}
	}
	
	/**
	 * @inheritDoc
	 */
	public function readFormParameters() {
		parent::readFormParameters();
		
		if (isset($_POST['tplName'])) $this->tplName = StringUtil::trim($_POST['tplName']);
		if (isset($_POST['templateSource'])) $this->templateSource = StringUtil::unifyNewlines($_POST['templateSource']);
		if (isset($_POST['templateGroupID'])) $this->templateGroupID = intval($_POST['templateGroupID']);
		
		// get package id for this template
		if (!$this->packageID) {
			$sql = "SELECT	packageID
				FROM	wcf".WCF_N."_template
				WHERE	templateName = ?
					AND templateGroupID IS NULL";
			$statement = WCF::getDB()->prepareStatement($sql);
			$statement->execute([$this->tplName]);
			$row = $statement->fetchArray();
			if ($row !== false) {
				$this->packageID = $row['packageID'];
			}
		}
	}
	
	/**
	 * @inheritDoc
	 */
	public function validate() {
		parent::validate();
		
		$this->validateName();
		$this->validateGroup();
	}
	
	/**
	 * Validates the template name.
	 */
	protected function validateName() {
		if (empty($this->tplName)) {
			throw new UserInputException('tplName');
		}
		
		if (!preg_match('/^[a-z0-9_\-]+$/i', $this->tplName)) {
			throw new UserInputException('tplName', 'invalid');
		}
		
		$conditionBuilder = new PreparedStatementConditionBuilder();
		$conditionBuilder->add('templateName = ?', [$this->tplName]);
		$conditionBuilder->add('templateGroupID = ?', [$this->templateGroupID]);
		
		if ($this->copiedTemplate !== null) {
			$conditionBuilder->add('(packageID = ? OR application = ?)', [$this->packageID, $this->copiedTemplate->application]);
		}
		else {
			$conditionBuilder->add('packageID = ?', [$this->packageID]);
		}
		
		$sql = "SELECT	COUNT(*)
			FROM	wcf".WCF_N."_template
			".$conditionBuilder;
		$statement = WCF::getDB()->prepareStatement($sql);
		$statement->execute($conditionBuilder->getParameters());
		
		if ($statement->fetchSingleColumn()) {
			throw new UserInputException('tplName', 'notUnique');
		}
	}
	
	/**
	 * Validates the selected template group.
	 */
	protected function validateGroup() {
		if (!$this->templateGroupID) {
			throw new UserInputException('templateGroupID');
		}
		
		$templateGroup = new TemplateGroup($this->templateGroupID);
		if (!$templateGroup->templateGroupID) {
			throw new UserInputException('templateGroupID');
		}
	}
	
	/**
	 * @inheritDoc
	 */
	public function save() {
		parent::save();
		
		if (empty($this->application)) {
			$this->application = Package::getAbbreviation(PackageCache::getInstance()->getPackage($this->packageID)->package);
		}
		
		$this->objectAction = new TemplateAction([], 'create', ['data' => array_merge($this->additionalFields, [
			'application' => $this->application,
			'templateName' => $this->tplName,
			'packageID' => $this->packageID,
			'templateGroupID' => $this->templateGroupID
		]), 'source' => $this->templateSource]);
		$this->objectAction->executeAction();
		$this->saved();
		
		// reset values
		$this->tplName = $this->templateSource = '';
		$this->templateGroupID = 0;
		
		// show success message
		WCF::getTPL()->assign('success', true);
	}
	
	/**
	 * @inheritDoc
	 */
	public function readData() {
		parent::readData();
		
		$this->availableTemplateGroups = TemplateGroup::getSelectList();
		
		if (!count($_POST) && $this->copiedTemplate !== null) {
			$this->tplName = $this->copiedTemplate->templateName;
			$this->templateSource = $this->copiedTemplate->getSource();
		}
	}
	
	/**
	 * @inheritDoc
	 */
	public function assignVariables() {
		parent::assignVariables();
		
		WCF::getTPL()->assign([
			'action' => 'add',
			'tplName' => $this->tplName,
			'templateGroupID' => $this->templateGroupID,
			'templateSource' => $this->templateSource,
			'availableTemplateGroups' => $this->availableTemplateGroups,
			'copy' => $this->copy
		]);
	}
	
	/**
	 * @inheritDoc
	 */
	public function show() {
		// work-around for a known Chrome bug that causes the XSS auditor
		// to incorrectly detect JavaScript inside a textarea
		@header('X-XSS-Protection: 0');
		
		parent::show();
	}
}
Commit	Line	Data
6570e38e MW	1	<?php
6570e38e MW	2	namespace wcf\acp\form;
e568316b MS	3	use wcf\data\package\Package;
e568316b MS	4	use wcf\data\package\PackageCache;
6570e38e	5	use wcf\data\template\group\TemplateGroup;
6570e38e MW	6	use wcf\data\template\Template;
	7	use wcf\data\template\TemplateAction;
	8	use wcf\form\AbstractForm;
dd1bae1b	9	use wcf\system\database\util\PreparedStatementConditionBuilder;
43a250e6	10	use wcf\system\exception\IllegalLinkException;
6570e38e MW	11	use wcf\system\exception\UserInputException;
	12	use wcf\system\WCF;
	13	use wcf\util\StringUtil;
	14
	15	/**
	16	* Shows the form for adding new templates.
e3369fd2	17	*
6570e38e	18	* @author Marcel Werk
c839bd49	19	* @copyright 2001-2018 WoltLab GmbH
6570e38e	20	* @license GNU Lesser General Public License <http://opensource.org/licenses/lgpl-license.php>
e71525e4	21	* @package WoltLabSuite\Core\Acp\Form
6570e38e MW	22	*/
	23	class TemplateAddForm extends AbstractForm {
	24	/**
0fcfe5f6	25	* @inheritDoc
6570e38e MW	26	*/
	27	public $activeMenuItem = 'wcf.acp.menu.link.template.add';
	28
	29	/**
0fcfe5f6	30	* @inheritDoc
6570e38e	31	*/
058cbd6a	32	public $neededPermissions = ['admin.template.canManageTemplate'];
6570e38e MW	33
	34	/**
	35	* template name
06355ec3	36	* @var string
6570e38e MW	37	*/
	38	public $tplName = '';
	39
	40	/**
	41	* template group id
06355ec3	42	* @var integer
6570e38e MW	43	*/
	44	public $templateGroupID = 0;
	45
	46	/**
	47	* template source code
06355ec3	48	* @var string
6570e38e MW	49	*/
	50	public $templateSource = '';
	51
	52	/**
	53	* available template groups
06355ec3	54	* @var array
6570e38e	55	*/
058cbd6a	56	public $availableTemplateGroups = [];
6570e38e MW	57
	58	/**
	59	* template's package id
06355ec3	60	* @var integer
6570e38e	61	*/
e66ddcba	62	public $packageID = 1;
6570e38e	63
43a250e6 MW	64	/**
43a250e6 MW	65	* id of copied template
06355ec3	66	* @var integer
43a250e6 MW	67	*/
	68	public $copy = 0;
	69
	70	/**
	71	* copied template object
4e25add7	72	* @var Template
43a250e6 MW	73	*/
	74	public $copiedTemplate = null;
	75
e568316b MS	76	/**
	77	* application the template belongs to
	78	* @var string
	79	*/
	80	public $application = '';
	81
43a250e6	82	/**
0fcfe5f6	83	* @inheritDoc
43a250e6 MW	84	*/
	85	public function readParameters() {
	86	parent::readParameters();
e3369fd2	87
43a250e6 MW	88	if (!empty($_REQUEST['copy'])) {
	89	$this->copy = intval($_REQUEST['copy']);
	90	$this->copiedTemplate = new Template($this->copy);
	91	if (!$this->copiedTemplate->templateID) {
	92	throw new IllegalLinkException();
	93	}
	94
e568316b	95	$this->application = $this->copiedTemplate->application;
43a250e6 MW	96	$this->packageID = $this->copiedTemplate->packageID;
	97	}
	98	}
	99
6570e38e	100	/**
0fcfe5f6	101	* @inheritDoc
6570e38e MW	102	*/
	103	public function readFormParameters() {
	104	parent::readFormParameters();
	105
	106	if (isset($_POST['tplName'])) $this->tplName = StringUtil::trim($_POST['tplName']);
025652a3	107	if (isset($_POST['templateSource'])) $this->templateSource = StringUtil::unifyNewlines($_POST['templateSource']);
6570e38e MW	108	if (isset($_POST['templateGroupID'])) $this->templateGroupID = intval($_POST['templateGroupID']);
	109
	110	// get package id for this template
f5b00751 MS	111	if (!$this->packageID) {
	112	$sql = "SELECT packageID
	113	FROM wcf".WCF_N."_template
	114	WHERE templateName = ?
	115	AND templateGroupID IS NULL";
	116	$statement = WCF::getDB()->prepareStatement($sql);
058cbd6a	117	$statement->execute([$this->tplName]);
f5b00751 MS	118	$row = $statement->fetchArray();
	119	if ($row !== false) {
	120	$this->packageID = $row['packageID'];
	121	}
6570e38e MW	122	}
	123	}
	124
	125	/**
0fcfe5f6	126	* @inheritDoc
6570e38e MW	127	*/
	128	public function validate() {
	129	parent::validate();
	130
	131	$this->validateName();
	132	$this->validateGroup();
	133	}
	134
	135	/**
	136	* Validates the template name.
	137	*/
	138	protected function validateName() {
	139	if (empty($this->tplName)) {
	140	throw new UserInputException('tplName');
	141	}
e3369fd2	142
12aa6f89	143	if (!preg_match('/^[a-z0-9_\-]+$/i', $this->tplName)) {
063bbf46	144	throw new UserInputException('tplName', 'invalid');
6570e38e MW	145	}
6570e38e MW	146
dd1bae1b	147	$conditionBuilder = new PreparedStatementConditionBuilder();
058cbd6a MS	148	$conditionBuilder->add('templateName = ?', [$this->tplName]);
058cbd6a MS	149	$conditionBuilder->add('templateGroupID = ?', [$this->templateGroupID]);
dd1bae1b MS	150
dd1bae1b MS	151	if ($this->copiedTemplate !== null) {
058cbd6a	152	$conditionBuilder->add('(packageID = ? OR application = ?)', [$this->packageID, $this->copiedTemplate->application]);
dd1bae1b MS	153	}
dd1bae1b MS	154	else {
058cbd6a	155	$conditionBuilder->add('packageID = ?', [$this->packageID]);
dd1bae1b MS	156	}
dd1bae1b MS	157
5c6ddd85	158	$sql = "SELECT COUNT(*)
6570e38e	159	FROM wcf".WCF_N."_template
dd1bae1b	160	".$conditionBuilder;
6570e38e	161	$statement = WCF::getDB()->prepareStatement($sql);
dd1bae1b	162	$statement->execute($conditionBuilder->getParameters());
5c6ddd85 MS	163
5c6ddd85 MS	164	if ($statement->fetchSingleColumn()) {
6570e38e MW	165	throw new UserInputException('tplName', 'notUnique');
	166	}
	167	}
	168
	169	/**
	170	* Validates the selected template group.
	171	*/
	172	protected function validateGroup() {
	173	if (!$this->templateGroupID) {
	174	throw new UserInputException('templateGroupID');
	175	}
	176
	177	$templateGroup = new TemplateGroup($this->templateGroupID);
	178	if (!$templateGroup->templateGroupID) {
	179	throw new UserInputException('templateGroupID');
	180	}
	181	}
	182
	183	/**
0fcfe5f6	184	* @inheritDoc
6570e38e MW	185	*/
	186	public function save() {
	187	parent::save();
	188
e568316b	189	if (empty($this->application)) {
bd84f715	190	$this->application = Package::getAbbreviation(PackageCache::getInstance()->getPackage($this->packageID)->package);
e568316b MS	191	}
e568316b MS	192
058cbd6a	193	$this->objectAction = new TemplateAction([], 'create', ['data' => array_merge($this->additionalFields, [
e568316b	194	'application' => $this->application,
12aa6f89	195	'templateName' => $this->tplName,
6570e38e	196	'packageID' => $this->packageID,
12aa6f89	197	'templateGroupID' => $this->templateGroupID
058cbd6a	198	]), 'source' => $this->templateSource]);
6570e38e MW	199	$this->objectAction->executeAction();
	200	$this->saved();
	201
	202	// reset values
a701c8d6	203	$this->tplName = $this->templateSource = '';
6570e38e MW	204	$this->templateGroupID = 0;
6570e38e MW	205
47b90344 MS	206	// show success message
47b90344 MS	207	WCF::getTPL()->assign('success', true);
6570e38e MW	208	}
	209
	210	/**
0fcfe5f6	211	* @inheritDoc
6570e38e MW	212	*/
	213	public function readData() {
	214	parent::readData();
2d63c13c	215
d2675df8	216	$this->availableTemplateGroups = TemplateGroup::getSelectList();
6570e38e	217
43a250e6 MW	218	if (!count($_POST) && $this->copiedTemplate !== null) {
	219	$this->tplName = $this->copiedTemplate->templateName;
	220	$this->templateSource = $this->copiedTemplate->getSource();
6570e38e MW	221	}
	222	}
	223
	224	/**
0fcfe5f6	225	* @inheritDoc
6570e38e MW	226	*/
	227	public function assignVariables() {
	228	parent::assignVariables();
	229
058cbd6a	230	WCF::getTPL()->assign([
6570e38e MW	231	'action' => 'add',
	232	'tplName' => $this->tplName,
	233	'templateGroupID' => $this->templateGroupID,
	234	'templateSource' => $this->templateSource,
43a250e6 MW	235	'availableTemplateGroups' => $this->availableTemplateGroups,
43a250e6 MW	236	'copy' => $this->copy
058cbd6a	237	]);
6570e38e	238	}
a4a7af39	239
9174e48a AE	240	/**
	241	* @inheritDoc
	242	*/
	243	public function show() {
	244	// work-around for a known Chrome bug that causes the XSS auditor
	245	// to incorrectly detect JavaScript inside a textarea
	246	@header('X-XSS-Protection: 0');
	247
	248	parent::show();
	249	}
6570e38e	250	}