Resources/Documents/_form_view_helper_8php_source.html

<?php

namespace TYPO3\CMS\Fluid\ViewHelpers;


/*                                                                        *

 * This script is backported from the TYPO3 Flow package "TYPO3.Fluid".   *

 *                                                                        *

 * It is free software; you can redistribute it and/or modify it under    *

 * the terms of the GNU General Public License as published by the Free   *

 * Software Foundation, either version 3 of the License, or (at your      *

 *                                                                        *

 *                                                                        *

 * This script is distributed in the hope that it will be useful, but     *

 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHAN-    *

 * TABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General      *

 * Public License for more details.                                       *

 *                                                                        *

 * You should have received a copy of the GNU General Public License      *

 * along with the script.                                                 *

 * If not, see http://www.gnu.org/licenses/gpl.html                       *

 *                                                                        *

 * The TYPO3 project - inspiring people to share!                         *

 *                                                                        */

class FormViewHelper extends \TYPO3\CMS\Fluid\ViewHelpers\Form\AbstractFormViewHelper

{

    protected $tagName = 'form';


    protected $hashService;


    protected $mvcPropertyMappingConfigurationService;


    protected $extensionService;


    protected $formActionUriArguments;


    public function initializeArguments()

    {

        $this->registerTagAttribute('enctype', 'string', 'MIME type with which the form is submitted');

        $this->registerTagAttribute('method', 'string', 'Transfer type (GET or POST)');

        $this->registerTagAttribute('name', 'string', 'Name of form');

        $this->registerTagAttribute('onreset', 'string', 'JavaScript: On reset of the form');

        $this->registerTagAttribute('onsubmit', 'string', 'JavaScript: On submit of the form');

        $this->registerUniversalTagAttributes();

    }


    public function render($action = null, array $arguments = array(), $controller = null, $extensionName = null, $pluginName = null, $pageUid = null, $object = null, $pageType = 0, $noCache = false, $noCacheHash = false, $section = '', $format = '', array $additionalParams = array(), $absolute = false, $addQueryString = false, array $argumentsToBeExcludedFromQueryString = array(), $fieldNamePrefix = null, $actionUri = null, $objectName = null, $hiddenFieldClassName = null)

    {

        $this->setFormActionUri();

        if (strtolower($this->arguments['method']) === 'get') {

            $this->tag->addAttribute('method', 'get');

        } else {

            $this->tag->addAttribute('method', 'post');

        }

        $this->addFormObjectNameToViewHelperVariableContainer();

        $this->addFormObjectToViewHelperVariableContainer();

        $this->addFieldNamePrefixToViewHelperVariableContainer();

        $this->addFormFieldNamesToViewHelperVariableContainer();

        $formContent = $this->renderChildren();


        if ($this->arguments['hiddenFieldClassName'] !== null) {

            $content = LF . '<div class="' . htmlspecialchars($this->arguments['hiddenFieldClassName']) . '">';

        } else {

            $content = LF . '<div>';

        }


        $content .= $this->renderHiddenIdentityField($this->arguments['object'], $this->getFormObjectName());

        $content .= $this->renderAdditionalIdentityFields();

        $content .= $this->renderHiddenReferrerFields();


        // Render the trusted list of all properties after everything else has been rendered

        $content .= $this->renderTrustedPropertiesField();


        $content .= LF . '</div>' . LF;

        $content .= $formContent;

        $this->tag->setContent($content);

        $this->removeFieldNamePrefixFromViewHelperVariableContainer();

        $this->removeFormObjectFromViewHelperVariableContainer();

        $this->removeFormObjectNameFromViewHelperVariableContainer();

        $this->removeFormFieldNamesFromViewHelperVariableContainer();

        $this->removeCheckboxFieldNamesFromViewHelperVariableContainer();

        return $this->tag->render();

    }


    protected function setFormActionUri()

    {

        if ($this->hasArgument('actionUri')) {

            $formActionUri = $this->arguments['actionUri'];

        } else {

            $uriBuilder = $this->controllerContext->getUriBuilder();

            $formActionUri = $uriBuilder->reset()->setTargetPageUid($this->arguments['pageUid'])->setTargetPageType($this->arguments['pageType'])->setNoCache($this->arguments['noCache'])->setUseCacheHash(!$this->arguments['noCacheHash'])->setSection($this->arguments['section'])->setCreateAbsoluteUri($this->arguments['absolute'])->setArguments((array)$this->arguments['additionalParams'])->setAddQueryString($this->arguments['addQueryString'])->setArgumentsToBeExcludedFromQueryString((array)$this->arguments['argumentsToBeExcludedFromQueryString'])->setFormat($this->arguments['format'])->uriFor($this->arguments['action'], $this->arguments['arguments'], $this->arguments['controller'], $this->arguments['extensionName'], $this->arguments['pluginName']);

            $this->formActionUriArguments = $uriBuilder->getArguments();

        }

        $this->tag->addAttribute('action', $formActionUri);

    }


    protected function renderAdditionalIdentityFields()

    {

        if ($this->viewHelperVariableContainer->exists(\TYPO3\CMS\Fluid\ViewHelpers\FormViewHelper::class, 'additionalIdentityProperties')) {

            $additionalIdentityProperties = $this->viewHelperVariableContainer->get(\TYPO3\CMS\Fluid\ViewHelpers\FormViewHelper::class, 'additionalIdentityProperties');

            $output = '';

            foreach ($additionalIdentityProperties as $identity) {

                $output .= LF . $identity;

            }

            return $output;

        }

        return '';

    }


    protected function renderHiddenReferrerFields()

    {

        $request = $this->controllerContext->getRequest();

        $extensionName = $request->getControllerExtensionName();

        $vendorName = $request->getControllerVendorName();

        $controllerName = $request->getControllerName();

        $actionName = $request->getControllerActionName();

        $result = LF;

        $result .= '<input type="hidden" name="' . $this->prefixFieldName('__referrer[@extension]') . '" value="' . $extensionName . '" />' . LF;

        if ($vendorName !== null) {

            $result .= '<input type="hidden" name="' . $this->prefixFieldName('__referrer[@vendor]') . '" value="' . $vendorName . '" />' . LF;

        }

        $result .= '<input type="hidden" name="' . $this->prefixFieldName('__referrer[@controller]') . '" value="' . $controllerName . '" />' . LF;

        $result .= '<input type="hidden" name="' . $this->prefixFieldName('__referrer[@action]') . '" value="' . $actionName . '" />' . LF;

        $result .= '<input type="hidden" name="' . $this->prefixFieldName('__referrer[arguments]') . '" value="' . htmlspecialchars($this->hashService->appendHmac(base64_encode(serialize($request->getArguments())))) . '" />' . LF;


        return $result;

    }


    protected function addFormObjectNameToViewHelperVariableContainer()

    {

        $formObjectName = $this->getFormObjectName();

        if ($formObjectName !== null) {

            $this->viewHelperVariableContainer->add(\TYPO3\CMS\Fluid\ViewHelpers\FormViewHelper::class, 'formObjectName', $formObjectName);

        }

    }


    protected function removeFormObjectNameFromViewHelperVariableContainer()

    {

        $formObjectName = $this->getFormObjectName();

        if ($formObjectName !== null) {

            $this->viewHelperVariableContainer->remove(\TYPO3\CMS\Fluid\ViewHelpers\FormViewHelper::class, 'formObjectName');

        }

    }


    protected function getFormObjectName()

    {

        $formObjectName = null;

        if ($this->hasArgument('objectName')) {

            $formObjectName = $this->arguments['objectName'];

        } elseif ($this->hasArgument('name')) {

            $formObjectName = $this->arguments['name'];

        }

        return $formObjectName;

    }


    protected function addFormObjectToViewHelperVariableContainer()

    {

        if ($this->hasArgument('object')) {

            $this->viewHelperVariableContainer->add(\TYPO3\CMS\Fluid\ViewHelpers\FormViewHelper::class, 'formObject', $this->arguments['object']);

            $this->viewHelperVariableContainer->add(\TYPO3\CMS\Fluid\ViewHelpers\FormViewHelper::class, 'additionalIdentityProperties', array());

        }

    }


    protected function removeFormObjectFromViewHelperVariableContainer()

    {

        if ($this->hasArgument('object')) {

            $this->viewHelperVariableContainer->remove(\TYPO3\CMS\Fluid\ViewHelpers\FormViewHelper::class, 'formObject');

            $this->viewHelperVariableContainer->remove(\TYPO3\CMS\Fluid\ViewHelpers\FormViewHelper::class, 'additionalIdentityProperties');

        }

    }


    protected function addFieldNamePrefixToViewHelperVariableContainer()

    {

        $fieldNamePrefix = $this->getFieldNamePrefix();

        $this->viewHelperVariableContainer->add(\TYPO3\CMS\Fluid\ViewHelpers\FormViewHelper::class, 'fieldNamePrefix', $fieldNamePrefix);

    }


    protected function getFieldNamePrefix()

    {

        if ($this->hasArgument('fieldNamePrefix')) {

            return $this->arguments['fieldNamePrefix'];

        } else {

            return $this->getDefaultFieldNamePrefix();

        }

    }


    protected function removeFieldNamePrefixFromViewHelperVariableContainer()

    {

        $this->viewHelperVariableContainer->remove(\TYPO3\CMS\Fluid\ViewHelpers\FormViewHelper::class, 'fieldNamePrefix');

    }


    protected function addFormFieldNamesToViewHelperVariableContainer()

    {

        $this->viewHelperVariableContainer->add(\TYPO3\CMS\Fluid\ViewHelpers\FormViewHelper::class, 'formFieldNames', array());

    }


    protected function removeFormFieldNamesFromViewHelperVariableContainer()

    {

        $this->viewHelperVariableContainer->remove(\TYPO3\CMS\Fluid\ViewHelpers\FormViewHelper::class, 'formFieldNames');

    }


    protected function renderRequestHashField()

    {

        $formFieldNames = $this->viewHelperVariableContainer->get(\TYPO3\CMS\Fluid\ViewHelpers\FormViewHelper::class, 'formFieldNames');

        $this->postProcessUriArgumentsForRequesthash($this->formActionUriArguments, $formFieldNames);

        $requestHash = $this->requestHashService->generateRequestHash($formFieldNames, $this->getFieldNamePrefix());

        // in v4, we need to prefix __hmac as well to make it show up in the request object.

        return '<input type="hidden" name="' . $this->prefixFieldName('__hmac') . '" value="' . htmlspecialchars($requestHash) . '" />';

    }


    protected function postProcessUriArgumentsForRequestHash($arguments, &$results, $currentPrefix = '', $level = 0)

    {

        if (!count($arguments)) {

            return;

        }

        foreach ($arguments as $argumentName => $argumentValue) {

            if (is_array($argumentValue)) {

                $prefix = $level == 0 ? $argumentName : $currentPrefix . '[' . $argumentName . ']';

                $this->postProcessUriArgumentsForRequestHash($argumentValue, $results, $prefix, $level + 1);

            } else {

                $results[] = $level == 0 ? $argumentName : $currentPrefix . '[' . $argumentName . ']';

            }

        }

    }


    protected function getDefaultFieldNamePrefix()

    {

        $request = $this->controllerContext->getRequest();

        if ($this->hasArgument('extensionName')) {

            $extensionName = $this->arguments['extensionName'];

        } else {

            $extensionName = $request->getControllerExtensionName();

        }

        if ($this->hasArgument('pluginName')) {

            $pluginName = $this->arguments['pluginName'];

        } else {

            $pluginName = $request->getPluginName();

        }

        if ($extensionName !== null && $pluginName != null) {

            return $this->extensionService->getPluginNamespace($extensionName, $pluginName);

        } else {

            return '';

        }

    }


    protected function removeCheckboxFieldNamesFromViewHelperVariableContainer()

    {

        if ($this->viewHelperVariableContainer->exists(\TYPO3\CMS\Fluid\ViewHelpers\Form\CheckboxViewHelper::class, 'checkboxFieldNames')) {

            $this->viewHelperVariableContainer->remove(\TYPO3\CMS\Fluid\ViewHelpers\Form\CheckboxViewHelper::class, 'checkboxFieldNames');

        }

    }


    protected function renderTrustedPropertiesField()

    {

        $formFieldNames = $this->viewHelperVariableContainer->get(\TYPO3\CMS\Fluid\ViewHelpers\FormViewHelper::class, 'formFieldNames');

        $requestHash = $this->mvcPropertyMappingConfigurationService->generateTrustedPropertiesToken($formFieldNames, $this->getFieldNamePrefix());

        return '<input type="hidden" name="' . $this->prefixFieldName('__trustedProperties') . '" value="' . htmlspecialchars($requestHash) . '" />';

    }

}