t3lib/class.t3lib_tcemain.php

Go to the documentation of this file.

<?php
/***************************************************************
*  Copyright notice
*
*  (c) 1999-2005 Kasper Skaarhoj (kasperYYYY@typo3.com)
*  All rights reserved
*
*  This script is part of the TYPO3 project. The TYPO3 project is
*  free software; you can redistribute it and/or modify
*  it under the terms of the GNU General Public License as published by
*  the Free Software Foundation; either version 2 of the License, or
*  (at your option) any later version.
*
*  The GNU General Public License can be found at
*  http://www.gnu.org/copyleft/gpl.html.
*  A copy is found in the textfile GPL.txt and important notices to the license
*  from the author is found in LICENSE.txt distributed with these scripts.
*
*
*  This script is distributed in the hope that it will be useful,
*  but WITHOUT ANY WARRANTY; without even the implied warranty of
*  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
*  GNU General Public License for more details.
*
*  This copyright notice MUST APPEAR in all copies of the script!
***************************************************************/
// *******************************
// Including necessary libraries
// *******************************
require_once (PATH_t3lib.'class.t3lib_loaddbgroup.php');
require_once (PATH_t3lib.'class.t3lib_parsehtml_proc.php');
require_once (PATH_t3lib.'class.t3lib_stdgraphic.php');
require_once (PATH_t3lib.'class.t3lib_basicfilefunc.php');













class t3lib_TCEmain     {
        var $log_table = 'sys_log';

        var $checkStoredRecords = 1;    // This will read the record after having updated or inserted it. If anything is not properly submitted an error is written to the log. This feature consumes extra time by selecting records
        var $checkStoredRecords_loose=1;        // If set, values '' and 0 will equal each other when the stored records are checked.
        var $sortIntervals = 256;               // The interval between sorting numbers used with tables with a 'sorting' field defined. Min 1

        var $deleteTree = 0;                    // Boolean. If this is set, then a page is deleted by deleting the whole branch under it (user must have deletepermissions to it all). If not set, then the page is delete ONLY if it has no branch
        var $copyTree = 0;                              // int. If 0 then branch is NOT copied. If 1 then pages on the 1st level is copied. If 2 then pages on the second level is copied ... and so on
        var $versionizeTree = 0;                // int. If 0 then branch is NOT versionized. If 1 then pages on the 1st level is versionized. If 2 then pages on the second level is versionized ... and so on
        var $neverHideAtCopy = 0;               // Boolean. If set, then the 'hideAtCopy' flag for tables will be ignored.
        var $reverseOrder=0;                    // boolean. If set, the dataarray is reversed in the order, which is a nice thing if you're creating a whole new bunch of records.
        var $copyWhichTables = '*';             // This list of tables decides which tables will be copied. If empty then none will. If '*' then all will (that the user has permission to of course)
        var $stripslashes_values=1;             // If set, incoming values in the data-array have their slashes stripped. ALWAYS SET THIS TO ZERO and supply an unescaped data array instead. This switch may totally disappear in future versions of this class!
        var $storeLogMessages=1;                // If set, the default log-messages will be stored. This should not be necessary if the locallang-file for the log-display is properly configured. So disabling this will just save some database-space as the default messages are not saved.
        var $enableLogging=1;                   // If set, actions are logged.

        var $callBackObj;                               // Call back object for flex form traversation. Useful when external classes wants to use the iteration functions inside tcemain for traversing a FlexForm structure.

//      var $history=1;                                 // Bit-array: Bit0: History on/off. DEPENDS on checkSimilar to be set!
        var $checkSimilar=1;                    // Boolean: If set, only fields which are different from the database values are saved! In fact, if a whole input array is similar, it's not saved then.
        var $dontProcessTransformations=0;      // Boolean: If set, then transformations are NOT performed on the input.
#       var $disableRTE = 0;                    // Boolean: If set, the RTE is expected to have been disabled in the interface which submitted information. Thus transformations related to the RTE is not done.

        var $pMap = Array(              // Permission mapping
                'show' => 1,                    // 1st bit
                'edit' => 2,                    // 2nd bit
                'delete' => 4,                  // 3rd bit
                'new' => 8,                             // 4th bit
                'editcontent' => 16             // 5th bit
        );
        var $defaultPermissions = array(                // Can be overridden from $TYPO3_CONF_VARS
                'user' => 'show,edit,delete,new,editcontent',
                'group' => 'show,edit,new,editcontent',
                'everybody' => ''
        );


        var $alternativeFileName=array();               // Use this array to force another name onto a file. Eg. if you set ['/tmp/blablabal'] = 'my_file.txt' and '/tmp/blablabal' is set for a certain file-field, then 'my_file.txt' will be used as the name instead.
        var $data_disableFields=array();                // If entries are set in this array corresponding to fields for update, they are ignored and thus NOT updated. You could set this array from a series of checkboxes with value=0 and hidden fields before the checkbox with 1. Then an empty checkbox will disable the field.
        var $defaultValues=array();                             // You can set this array on the form $defaultValues[$table][$field] = $value to override the default values fetched from TCA. You must set this externally.
        var $overrideValues=array();                    // You can set this array on the form $overrideValues[$table][$field] = $value to override the incoming data. You must set this externally. You must make sure the fields in this array are also found in the table, because it's not checked. All columns can be set by this array!
        var $suggestedInsertUids=array();               // Use this array to validate suggested uids for tables by setting [table]:[uid]. This is a dangerous option since it will force the inserted record to have a certain UID. The value just have to be true, but if you set it to "DELETE" it will make sure any record with that UID will be deleted first (raw delete). The option is used for import of T3D files when synchronizing between two mirrored servers. As a security measure this feature is available only for Admin Users (for now)

                // *********
                // internal
                // *********
        var $fileFunc;          // May contain an object
        var $last_log_id;
        var $BE_USER;           // The user-object the script uses. If not set from outside, this is set to the current global $BE_USER.
        var $userid;            // will be set to uid of be_user executing this script
        var $username;          // will be set to username of be_user executing this script
        var $admin;                     // will be set if user is admin
        var $exclude_array;     // the list of <table>-<fields> that cannot be edited. This is compiled from TCA/exclude-flag combined with non_exclude_fields for the user.

        var $data = Array();
        var $datamap = Array();
        var $cmd = Array();
        var $cmdmap = Array();
        var $uploadedFileArray = array();

        var $cachedTSconfig = array();
        var $substNEWwithIDs = Array();
        var $substNEWwithIDs_table = Array();
        var $recUpdateAccessCache = Array();    // Used by function checkRecordUpdateAccess() to store whether a record is updateable or not.
        var $recInsertAccessCache = Array();
        var $isRecordInWebMount_Cache=array();
        var $isInWebMount_Cache=array();
        var $pageCache = Array();                                       // Used for caching page records in pageInfo()
        var $copyMappingArray = Array();                        // Use by the copy action to track the ids of new pages so subpages are correctly inserted!
        var $copyMappingArray_merged = Array();         // This array is the sum of all copying operations in this class. May be READ from outside, thus partly public.
        var $registerDBList=array();
        var $dbAnalysisStore=array();
        var $removeFilesStore=array();
        var $copiedFileMap=array();

        var $checkValue_currentRecord=array();          // Set to "currentRecord" during checking of values.


        function start($data,$cmd,$altUserObject='')    {
                        // Initializing BE_USER
                $this->BE_USER = is_object($altUserObject) ? $altUserObject : $GLOBALS['BE_USER'];
                $this->userid = $this->BE_USER->user['uid'];
                $this->username = $this->BE_USER->user['username'];
                $this->admin = $this->BE_USER->user['admin'];

                        // Initializing default permissions for pages
                $defaultPermissions = $GLOBALS['TYPO3_CONF_VARS']['BE']['defaultPermissions'];
                if (isset($defaultPermissions['user']))         {$this->defaultPermissions['user'] = $defaultPermissions['user'];}
                if (isset($defaultPermissions['group']))                {$this->defaultPermissions['group'] = $defaultPermissions['group'];}
                if (isset($defaultPermissions['everybody']))            {$this->defaultPermissions['everybody'] = $defaultPermissions['everybody'];}

                        // generates the excludelist, based on TCA/exclude-flag and non_exclude_fields for the user:
                $this->exclude_array = ($this->admin) ? array() : $this->getExcludeListArray();

                        // Setting the data and cmd arrays
                if (is_array($data)) {
                        reset($data);
                        $this->datamap = $data;
                }
                if (is_array($cmd))     {
                        reset($cmd);
                        $this->cmdmap = $cmd;
                }
        }

        function setMirror($mirror)     {
                if (is_array($mirror))  {
                        reset($mirror);
                        while(list($table,$uid_array)=each($mirror))    {
                                if (isset($this->datamap[$table]))      {
                                        reset($uid_array);
                                        while (list($id,$uidList) = each($uid_array))   {
                                                if (isset($this->datamap[$table][$id])) {
                                                        $theIdsInArray = t3lib_div::trimExplode(',',$uidList,1);
                                                        while(list(,$copyToUid)=each($theIdsInArray))   {
                                                                $this->datamap[$table][$copyToUid] = $this->datamap[$table][$id];
                                                        }
                                                }
                                        }
                                }
                        }
                }
        }

        function setDefaultsFromUserTS($userTS) {
                global $TCA;
                if (is_array($userTS))  {
                        foreach($userTS as $k => $v)    {
                                $k = substr($k,0,-1);
                                if ($k && is_array($v) && isset($TCA[$k]))      {
                                        if (is_array($this->defaultValues[$k])) {
                                                $this->defaultValues[$k] = array_merge($this->defaultValues[$k],$v);
                                        } else {
                                                $this->defaultValues[$k] = $v;
                                        }
                                }
                        }
                }
        }

        function process_uploads($postFiles)    {
                if (is_array($postFiles))       {
                        reset($postFiles);
                        $subA = current($postFiles);
                        if (is_array($subA))    {
                                if (is_array($subA['name']) && is_array($subA['type']) && is_array($subA['tmp_name']) && is_array($subA['size']))       {
                                                // Initialize the uploadedFilesArray:
                                        $this->uploadedFileArray=array();

                                                // For each entry:
                                        foreach($subA as $key => $values)       {
                                                $this->process_uploads_traverseArray($this->uploadedFileArray,$values,$key);
                                        }
                                } else {
                                        $this->uploadedFileArray=$subA;
                                }
                        }
                }
        }

        function process_uploads_traverseArray(&$outputArr,$inputArr,$keyToSet) {
                if (is_array($inputArr))        {
                        foreach($inputArr as $key => $value)    {
                                $this->process_uploads_traverseArray($outputArr[$key],$inputArr[$key],$keyToSet);
                        }
                } else {
                        $outputArr[$keyToSet]=$inputArr;
                }
        }















        /*********************************************
         *
         * PROCESSING DATA
         *
         *********************************************/

        function process_datamap() {
//              debug(array('process_datamap'));
                global $TCA, $TYPO3_CONF_VARS;

                        // First prepare user defined objects (if any) for hooks which extend this function:
                $hookObjectsArr = array();
                if (is_array ($TYPO3_CONF_VARS['SC_OPTIONS']['t3lib/class.t3lib_tcemain.php']['processDatamapClass'])) {
                        foreach ($TYPO3_CONF_VARS['SC_OPTIONS']['t3lib/class.t3lib_tcemain.php']['processDatamapClass'] as $classRef) {
                                $hookObjectsArr[] = &t3lib_div::getUserObj($classRef);
                        }
                }

                        // Organize tables so that the pages-table are always processed first. This is required if you want to make sure that content pointing to a new page will be created.
                $orderOfTables = Array();
                if (isset($this->datamap['pages']))     {               // Set pages first.
                        $orderOfTables[]='pages';
                }
                reset($this->datamap);
                while (list($table,) = each($this->datamap))    {
                        if ($table!='pages')    {
                                $orderOfTables[]=$table;
                        }
                }

                        // Process the tables...
                foreach($orderOfTables as $table)       {
                                /* Check if
                                        - table is set in $TCA,
                                        - table is NOT readOnly,
                                        - the table is set with content in the data-array (if not, there's nothing to process...)
                                        - permissions for tableaccess OK
                                */
                        $modifyAccessList = $this->checkModifyAccessList($table);
                        if (!$modifyAccessList) {
                                $this->log($table,$id,2,0,1,"Attempt to modify table '%s' without permission",1,array($table));
                        }
                        if (isset($TCA[$table]) && !$this->tableReadOnly($table) && is_array($this->datamap[$table]) && $modifyAccessList)      {
                                if ($this->reverseOrder)        {
                                        $this->datamap[$table] = array_reverse($this->datamap[$table], 1);
                                }

                                        // For each record from the table, do:
                                        // $id is the record uid, may be a string if new records...
                                        // $incomingFieldArray is the array of fields
                                foreach($this->datamap[$table] as $id => $incomingFieldArray)   {
                                        if (is_array($incomingFieldArray))      {

                                                        // Hook: processDatamap_preProcessIncomingFieldArray
                                                foreach($hookObjectsArr as $hookObj)    {
                                                        if (method_exists($hookObj, 'processDatamap_preProcessFieldArray')) {
                                                                $hookObj->processDatamap_preProcessFieldArray($incomingFieldArray, $table, $id, $this);
                                                        }
                                                }

                                                        // ******************************
                                                        // Checking access to the record
                                                        // ******************************
                                                $recordAccess = 0;
                                                $old_pid_value = '';
                                                if (!t3lib_div::testInt($id)) {               // Is it a new record? (Then Id is a string)
                                                        $fieldArray = $this->newFieldArray($table);     // Get a fieldArray with default values
                                                        if (isset($incomingFieldArray['pid']))  {       // A pid must be set for new records.
                                                                        // $value = the pid
                                                                $pid_value = $incomingFieldArray['pid'];

                                                                        // Checking and finding numerical pid, it may be a string-reference to another value
                                                                $OK = 1;
                                                                if (strstr($pid_value,'NEW'))   {       // If a NEW... id
                                                                        if (substr($pid_value,0,1)=='-') {$negFlag=-1;$pid_value=substr($pid_value,1);} else {$negFlag=1;}
                                                                        if (isset($this->substNEWwithIDs[$pid_value]))  {       // Trying to find the correct numerical value as it should be mapped by earlier processing of another new record.
                                                                                $old_pid_value = $pid_value;
                                                                                $pid_value=intval($negFlag*$this->substNEWwithIDs[$pid_value]);
                                                                        } else {$OK = 0;}       // If not found in the substArray we must stop the proces...
                                                                }
                                                                $pid_value = intval($pid_value);

                                                                        // The $pid_value is now the numerical pid at this point
                                                                if ($OK)        {
                                                                        $sortRow = $TCA[$table]['ctrl']['sortby'];
                                                                        if ($pid_value>=0)      {       // Points to a page on which to insert the element, possibly in the top of the page
                                                                                if ($sortRow)   {       // If this table is sorted we better find the top sorting number
                                                                                        $fieldArray[$sortRow] = $this->getSortNumber($table,0,$pid_value);
                                                                                }
                                                                                $fieldArray['pid'] = $pid_value;        // The numerical pid is inserted in the data array
                                                                        } else {        // points to another record before ifself
                                                                                if ($sortRow)   {       // If this table is sorted we better find the top sorting number
                                                                                        $tempArray=$this->getSortNumber($table,0,$pid_value);   // Because $pid_value is < 0, getSortNumber returns an array
                                                                                        $fieldArray['pid'] = $tempArray['pid'];
                                                                                        $fieldArray[$sortRow] = $tempArray['sortNumber'];
                                                                                } else {        // Here we fetch the PID of the record that we point to...
                                                                                        $tempdata = $this->recordInfo($table,abs($pid_value),'pid');
                                                                                        $fieldArray['pid']=$tempdata['pid'];
                                                                                }
                                                                        }
                                                                }
                                                        }
                                                        $theRealPid = $fieldArray['pid'];
                                                                // Now, check if we may insert records on this pid.
                                                        if ($theRealPid>=0)     {
                                                                $recordAccess = $this->checkRecordInsertAccess($table,$theRealPid);     // Checks if records can be inserted on this $pid.
                                                        } else {
                                                                debug('Internal ERROR: pid should not be less than zero!');
                                                        }
                                                        $status = 'new';                                                // Yes new record, change $record_status to 'insert'
                                                } else {        // Nope... $id is a number
                                                        $fieldArray = Array();
                                                        $recordAccess = $this->checkRecordUpdateAccess($table,$id);
                                                        if (!$recordAccess)             {
                                                                $propArr = $this->getRecordProperties($table,$id);
                                                                $this->log($table,$id,2,0,1,"Attempt to modify record '%s' (%s) without permission. Or non-existing page.",2,array($propArr['header'],$table.':'.$id),$propArr['event_pid']);
                                                        } else {        // Next check of the record permissions (internals)
                                                                $recordAccess = $this->BE_USER->recordEditAccessInternals($table,$id);
                                                                if (!$recordAccess)             {
                                                                        $propArr = $this->getRecordProperties($table,$id);
                                                                        $this->log($table,$id,2,0,1,"recordEditAccessInternals() check failed. [".$this->BE_USER->errorMsg."]",2,array($propArr['header'],$table.':'.$id),$propArr['event_pid']);
                                                                } else {        // Here we fetch the PID of the record that we point to...
                                                                        $tempdata = $this->recordInfo($table,$id,'pid');
                                                                        $theRealPid = $tempdata['pid'];
                                                                }
                                                        }
                                                        $status = 'update';     // the default is 'update'
                                                }

                                                        // **************************************
                                                        // If access was granted above, proceed:
                                                        // **************************************
                                                if ($recordAccess)      {

                                                        list($tscPID) = t3lib_BEfunc::getTSCpid($table,$id,$old_pid_value ? $old_pid_value : $fieldArray['pid']);       // Here the "pid" is sent IF NOT the old pid was a string pointing to a place in the subst-id array.
                                                        $TSConfig = $this->getTCEMAIN_TSconfig($tscPID);
                                                        if ($status=='new' && $table=='pages' && is_array($TSConfig['permissions.']))   {
                                                                $fieldArray = $this->setTSconfigPermissions($fieldArray,$TSConfig['permissions.']);
                                                        }

                                                        $fieldArray = $this->fillInFieldArray($table,$id,$fieldArray,$incomingFieldArray,$theRealPid,$status,$tscPID);

                                                                // NOTICE! All manipulation beyond this point bypasses both "excludeFields" AND possible "MM" relations / file uploads to field!

                                                        $fieldArray = $this->overrideFieldArray($table,$fieldArray);    // NOTICE: This overriding is potentially dangerous; permissions per field is not checked!!!

                                                                // Setting system fields
                                                        if ($status=='new')     {
                                                                if ($TCA[$table]['ctrl']['crdate'])     {
                                                                        $fieldArray[$TCA[$table]['ctrl']['crdate']]=time();
                                                                }
                                                                if ($TCA[$table]['ctrl']['cruser_id'])  {
                                                                        $fieldArray[$TCA[$table]['ctrl']['cruser_id']]=$this->userid;
                                                                }
                                                        } elseif ($this->checkSimilar) {        // Removing fields which are equal to the current value:
                                                                $fieldArray = $this->compareFieldArrayWithCurrentAndUnset($table,$id,$fieldArray);
                                                        }
                                                        if ($TCA[$table]['ctrl']['tstamp'])     {
                                                                $fieldArray[$TCA[$table]['ctrl']['tstamp']]=time();
                                                        }

                                                                // Hook: processDatamap_postProcessFieldArray
                                                        foreach($hookObjectsArr as $hookObj)    {
                                                                if (method_exists($hookObj, 'processDatamap_postProcessFieldArray')) {
                                                                        $hookObj->processDatamap_postProcessFieldArray($status, $table, $id, $fieldArray, $this);
                                                                }
                                                        }

                                                                // Performing insert/update. If fieldArray has been unset by some userfunction (see hook above), don't do anything
                                                                // Kasper: Unsetting the fieldArray is dangerous; MM relations might be saved already and files could have been uploaded that are now "lost"
                                                        if (is_array($fieldArray)) {
                                                                if ($status=='new')     {
        //                                                              if ($pid_value<0)       {$fieldArray = $this->fixCopyAfterDuplFields($table,$id,abs($pid_value),0,$fieldArray);}        // Out-commented 02-05-02: I couldn't understand WHY this is needed for NEW records. Obviously to proces records being copied? Problem is that the fields are not set anyways and the copying function should basically take care of this!
                                                                        $this->insertDB($table,$id,$fieldArray,FALSE,$incomingFieldArray['uid']);
                                                                } else {
                                                                        $this->updateDB($table,$id,$fieldArray);
                                                                }
                                                        }

                                                                // Hook: processDatamap_afterDatabaseOperations
                                                        foreach($hookObjectsArr as $hookObj)    {
                                                                if (method_exists($hookObj, 'processDatamap_afterDatabaseOperations')) {
                                                                        $hookObj->processDatamap_afterDatabaseOperations($status, $table, $id, $fieldArray, $this);
                                                                }
                                                        }
                                                }       // if ($recordAccess)   {
                                        }       // if (is_array($incomingFieldArray))   {
                                }
                        }
                }
                $this->dbAnalysisStoreExec();
                $this->removeRegisteredFiles();
        }

        function fillInFieldArray($table,$id,$fieldArray,$incomingFieldArray,$realPid,$status,$tscPID)  {
                global $TCA;

                        // Initialize:
                t3lib_div::loadTCA($table);
                unset($originalLanguageRecord);
                unset($originalLanguage_diffStorage);
                $diffStorageFlag = FALSE;

                        // Setting 'currentRecord' and 'checkValueRecord':
                if (strstr($id,'NEW'))  {
                        $currentRecord = $checkValueRecord = $fieldArray;       // must have the 'current' array - not the values after processing below...

                                // IF $incomingFieldArray is an array, overlay it.
                                // The point is that when new records are created as copies with flex type fields there might be a field containing information about which DataStructure to use and without that information the flexforms cannot be correctly processed.... This should be OK since the $checkValueRecord is used by the flexform evaluation only anyways...
                        if (is_array($incomingFieldArray) && is_array($checkValueRecord))       {
                                $checkValueRecord = t3lib_div::array_merge_recursive_overrule($checkValueRecord, $incomingFieldArray);
                        }
                } else {
                        $currentRecord = $checkValueRecord = $this->recordInfo($table,$id,'*'); // We must use the current values as basis for this!

                                // Get original language record if available:
                        if (is_array($currentRecord)
                                        && $TCA[$table]['ctrl']['transOrigDiffSourceField']
                                        && $TCA[$table]['ctrl']['languageField']
                                        && $currentRecord[$TCA[$table]['ctrl']['languageField']] > 0
                                        && $TCA[$table]['ctrl']['transOrigPointerField']
                                        && intval($currentRecord[$TCA[$table]['ctrl']['transOrigPointerField']]) > 0)   {

                                $lookUpTable = $TCA[$table]['ctrl']['transOrigPointerTable'] ? $TCA[$table]['ctrl']['transOrigPointerTable'] : $table;
                                $originalLanguageRecord = $this->recordInfo($lookUpTable,$currentRecord[$TCA[$table]['ctrl']['transOrigPointerField']],'*');
                                $originalLanguage_diffStorage = unserialize($currentRecord[$TCA[$table]['ctrl']['transOrigDiffSourceField']]);
                        }
                }
                $this->checkValue_currentRecord = $checkValueRecord;

                        /*
                                In the following all incoming value-fields are tested:
                                - Are the user allowed to change the field?
                                - Is the field uid/pid (which are already set)
                                - perms-fields for pages-table, then do special things...
                                - If the field is nothing of the above and the field is configured in TCA, the fieldvalues are evaluated by ->checkValue

                                If everything is OK, the field is entered into $fieldArray[]
                        */
                foreach($incomingFieldArray as $field => $fieldValue)   {
                        if (!in_array($table.'-'.$field, $this->exclude_array) && !$this->data_disableFields[$table][$id][$field])      {       // The field must be editable.

                                        // Checking language:
                                $languageDeny = $TCA[$table]['ctrl']['languageField'] && !strcmp($TCA[$table]['ctrl']['languageField'], $field) && !$this->BE_USER->checkLanguageAccess($fieldValue);

                                if (!$languageDeny)     {
                                                // Stripping slashes - will probably be removed the day $this->stripslashes_values is removed as an option...
                                        if ($this->stripslashes_values) {
                                                if (is_array($fieldValue))      {
                                                        t3lib_div::stripSlashesOnArray($fieldValue);
                                                } else $fieldValue = stripslashes($fieldValue);
                                        }

                                        switch ($field) {
                                                case 'uid':
                                                case 'pid':
                                                        // Nothing happens, already set
                                                break;
                                                case 'perms_userid':
                                                case 'perms_groupid':
                                                case 'perms_user':
                                                case 'perms_group':
                                                case 'perms_everybody':
                                                                // Permissions can be edited by the owner or the administrator
                                                        if ($table=='pages' && ($this->admin || $status=='new' || $this->pageInfo($id,'perms_userid')==$this->userid) ) {
                                                                $value=intval($fieldValue);
                                                                switch($field)  {
                                                                        case 'perms_userid':
                                                                                $fieldArray[$field]=$value;
                                                                        break;
                                                                        case 'perms_groupid':
                                                                                $fieldArray[$field]=$value;
                                                                        break;
                                                                        default:
                                                                                if ($value>=0 && $value<pow(2,5))       {
                                                                                        $fieldArray[$field]=$value;
                                                                                }
                                                                        break;
                                                                }
                                                        }
                                                break;
                                                case 't3ver_oid':
                                                case 't3ver_id':
                                                        // t3ver_label is not here because it CAN be edited as a regular field!
                                                break;
                                                default:
                                                        if (isset($TCA[$table]['columns'][$field]))     {
                                                                        // Evaluating the value.
                                                                $res = $this->checkValue($table,$field,$fieldValue,$id,$status,$realPid,$tscPID);
                                                                if (isset($res['value']))       {
                                                                        $fieldArray[$field]=$res['value'];

                                                                                // Add the value of the original record to the diff-storage content:
                                                                        if ($TCA[$table]['ctrl']['transOrigDiffSourceField'])   {
                                                                                $originalLanguage_diffStorage[$field] = $originalLanguageRecord[$field];
                                                                                $diffStorageFlag = TRUE;
                                                                        }
                                                                }
                                                        }


                                                break;
                                        }
                                }       // Checking language.
                        }       // Check exclude fields / disabled fields...
                }

                        // Add diff-storage information:
                if ($diffStorageFlag && !isset($fieldArray[$TCA[$table]['ctrl']['transOrigDiffSourceField']]))  {       // If the field is set it would probably be because of an undo-operation - in which case we should not update the field of course...
                         $fieldArray[$TCA[$table]['ctrl']['transOrigDiffSourceField']] = serialize($originalLanguage_diffStorage);
                }

                        // Checking for RTE-transformations of fields:
                $types_fieldConfig = t3lib_BEfunc::getTCAtypes($table,$currentRecord);
                $theTypeString = t3lib_BEfunc::getTCAtypeValue($table,$currentRecord);
                if (is_array($types_fieldConfig))       {
                        reset($types_fieldConfig);
                        while(list(,$vconf) = each($types_fieldConfig)) {
                                        // Write file configuration:
                                $eFile = t3lib_parsehtml_proc::evalWriteFile($vconf['spec']['static_write'],array_merge($currentRecord,$fieldArray));   // inserted array_merge($currentRecord,$fieldArray) 170502

                                        // RTE transformations:
                                if (!$this->dontProcessTransformations) {
                                        if (isset($fieldArray[$vconf['field']]))        {
                                                        // Look for transformation flag:
                                                switch((string)$incomingFieldArray['_TRANSFORM_'.$vconf['field']])      {
                                                        case 'RTE':
                                                                $RTEsetup = $this->BE_USER->getTSConfig('RTE',t3lib_BEfunc::getPagesTSconfig($tscPID));
                                                                $thisConfig = t3lib_BEfunc::RTEsetup($RTEsetup['properties'],$table,$vconf['field'],$theTypeString);

                                                                        // Set alternative relative path for RTE images/links:
                                                                $RTErelPath = is_array($eFile) ? dirname($eFile['relEditFile']) : '';

                                                                        // Get RTE object, draw form and set flag:
                                                                $RTEobj = &t3lib_BEfunc::RTEgetObj();
                                                                if (is_object($RTEobj)) {
                                                                        $fieldArray[$vconf['field']] = $RTEobj->transformContent('db',$fieldArray[$vconf['field']],$table,$vconf['field'],$currentRecord,$vconf['spec'],$thisConfig,$RTErelPath,$currentRecord['pid']);
                                                                } else {
                                                                        debug('NO RTE OBJECT FOUND!');
                                                                }
                                                        break;
                                                }
                                        }
                                }

                                        // Write file configuration:
                                if (is_array($eFile))   {
                                        $mixedRec = array_merge($currentRecord,$fieldArray);
                                        $SW_fileContent = t3lib_div::getUrl($eFile['editFile']);
                                        $parseHTML = t3lib_div::makeInstance('t3lib_parsehtml_proc');
                                        $parseHTML->init('','');

                                        $eFileMarker = $eFile['markerField']&&trim($mixedRec[$eFile['markerField']]) ? trim($mixedRec[$eFile['markerField']]) : '###TYPO3_STATICFILE_EDIT###';
                                        $insertContent = str_replace($eFileMarker,'',$mixedRec[$eFile['contentField']]);        // must replace the marker if present in content!

                                        $SW_fileNewContent = $parseHTML->substituteSubpart($SW_fileContent, $eFileMarker, chr(10).$insertContent.chr(10), 1, 1);
                                        t3lib_div::writeFile($eFile['editFile'],$SW_fileNewContent);

                                                // Write status:
                                        if (!strstr($id,'NEW') && $eFile['statusField'])        {
                                                $GLOBALS['TYPO3_DB']->exec_UPDATEquery(
                                                        $table,
                                                        'uid='.intval($id),
                                                        array(
                                                                $eFile['statusField'] => $eFile['relEditFile'].' updated '.date('d-m-Y H:i:s').', bytes '.strlen($mixedRec[$eFile['contentField']])
                                                        )
                                                );
                                        }
                                } elseif ($eFile && is_string($eFile))  {
                                        $this->log($insertTable,$id,2,0,1,"Write-file error: '%s'",13,array($eFile),$realPid);
                                }
                        }
                }
                        // Return fieldArray
                return $fieldArray;
        }

        function checkModifyAccessList($table)  {
                $res = ($this->admin || (!$this->tableAdminOnly($table) && t3lib_div::inList($this->BE_USER->groupData['tables_modify'],$table)));
                return $res;
        }

        function isRecordInWebMount($table,$id) {
                if (!isset($this->isRecordInWebMount_Cache[$table.':'.$id]))    {
                        $recP=$this->getRecordProperties($table,$id);
                        $this->isRecordInWebMount_Cache[$table.':'.$id]=$this->isInWebMount($recP['event_pid']);
                }
                return $this->isRecordInWebMount_Cache[$table.':'.$id];
        }

        function isInWebMount($pid)     {
                if (!isset($this->isInWebMount_Cache[$pid]))    {
                        $this->isInWebMount_Cache[$pid]=$this->BE_USER->isInWebMount($pid);
                }
//debug($this->isInWebMount_Cache);
                return $this->isInWebMount_Cache[$pid];
        }

        function checkRecordUpdateAccess($table,$id)    {
                global $TCA;
                $res = 0;
                if ($TCA[$table] && intval($id)>0)      {
                        if (isset($this->recUpdateAccessCache[$table][$id]))    {       // If information is cached, return it
                                return $this->recUpdateAccessCache[$table][$id];
                                // Check if record exists and 1) if 'pages' the page may be edited, 2) if page-content the page allows for editing
                        } elseif ($this->doesRecordExist($table,$id,'edit'))    {
                                $res = 1;
                        }
                        $this->recUpdateAccessCache[$table][$id]=$res;  // Cache the result
                }
                return $res;
        }

        function checkRecordInsertAccess($insertTable,$pid,$action=1)   {
                global $TCA;
                $res = 0;
                $pid = intval($pid);
                if ($pid>=0)    {
                        if (isset($this->recInsertAccessCache[$insertTable][$pid]))     {       // If information is cached, return it
                                return $this->recInsertAccessCache[$insertTable][$pid];
                        } else {
                                        // If either admin and root-level or if page record exists and 1) if 'pages' you may create new ones 2) if page-content, new content items may be inserted on the $pid page
                                if ( (!$pid && $this->admin) || $this->doesRecordExist('pages',$pid,($insertTable=='pages'?$this->pMap['new']:$this->pMap['editcontent'])) )    {               // Check permissions
                                        if ($this->isTableAllowedForThisPage($pid, $insertTable))       {
                                                $res = 1;
                                                $this->recInsertAccessCache[$insertTable][$pid]=$res;   // Cache the result
                                        } else {
                                                $propArr = $this->getRecordProperties('pages',$pid);
                                                $this->log($insertTable,$pid,$action,0,1,"Attempt to insert record on page '%s' (%s) where this table, %s, is not allowed",11,array($propArr['header'],$pid,$insertTable),$propArr['event_pid']);
                                        }
                                } else {
                                        $propArr = $this->getRecordProperties('pages',$pid);
                                        $this->log($insertTable,$pid,$action,0,1,"Attempt to insert a record on page '%s' (%s) from table '%s' without permissions. Or non-existing page.",12,array($propArr['header'],$pid,$insertTable),$propArr['event_pid']);
                                }
                        }
                }
                return $res;
        }

        function isTableAllowedForThisPage($page_uid, $checkTable)      {
                global $TCA, $PAGES_TYPES;
                $page_uid = intval($page_uid);

                        // Check if rootLevel flag is set and we're trying to insert on rootLevel - and reversed - and that the table is not "pages" which are allowed anywhere.
                if (($TCA[$checkTable]['ctrl']['rootLevel'] xor !$page_uid) && $TCA[$checkTable]['ctrl']['rootLevel']!=-1 && $checkTable!='pages')      {
                        return false;
                }

                        // Check root-level
                if (!$page_uid) {
                        if ($this->admin)       {
                                return true;
                        }
                } else {
                                // Check non-root-level
                        $doktype = $this->pageInfo($page_uid,'doktype');
                        $allowedTableList = isset($PAGES_TYPES[$doktype]['allowedTables']) ? $PAGES_TYPES[$doktype]['allowedTables'] : $PAGES_TYPES['default']['allowedTables'];
                        $allowedArray = t3lib_div::trimExplode(',',$allowedTableList,1);
                        if (strstr($allowedTableList,'*') || in_array($checkTable,$allowedArray))       {               // If all tables or the table is listed as a allowed type, return true
                                return true;
                        }
                }
        }

        function doesRecordExist($table,$id,$perms)     {
                global $TCA;

                $res = 0;
                $id = intval($id);

                        // Processing the incoming $perms (from possible string to integer that can be AND'ed)
                if (!t3lib_div::testInt($perms))        {
                        if ($table!='pages')    {
                                switch($perms)  {
                                        case 'edit':
                                        case 'delete':
                                        case 'new':
                                                $perms = 'editcontent';         // This holds it all in case the record is not page!!
                                        break;
                                }
                        }
                        $perms = intval($this->pMap[$perms]);
                } else {
                        $perms = intval($perms);
                }

                if (!$perms)    {debug('Internal ERROR: no permissions to check for non-admin user.');}

                        // For all tables: Check if record exists:
                        // Notice: If $perms are 0 (zero) no perms-clause is added!
                if (is_array($TCA[$table]) && $id>0 && ($this->isRecordInWebMount($table,$id) || $this->admin)) {
                        if ($table != 'pages')  {

                                        // Find record without checking page:
                                $mres = $GLOBALS['TYPO3_DB']->exec_SELECTquery('uid,pid', $table, 'uid='.intval($id).$this->deleteClause($table));
                                $output = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($mres);
                                t3lib_BEfunc::fixVersioningPid($table,$output);

                                        // If record found, check page as well:
                                if (is_array($output))  {

                                                // Looking up the page for record:
                                        $mres = $this->doesRecordExist_pageLookUp($output['pid'], $perms);
                                        $pageRec = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($mres);

                                                // Return true if either a page was found OR if the PID is zero AND the user is ADMIN (in which case the record is at root-level):
                                        if (is_array($pageRec) || (!$output['pid'] && $this->admin))    {
                                                return TRUE;
                                        }
                                }
                                return FALSE;
                        } else {
                                $mres = $this->doesRecordExist_pageLookUp($id, $perms);
                                return $GLOBALS['TYPO3_DB']->sql_num_rows($mres);
                        }
                }
        }

        function doesRecordExist_pageLookUp($id, $perms)        {
                global $TCA;

                return $GLOBALS['TYPO3_DB']->exec_SELECTquery(
                        'uid',
                        'pages',
                        'uid='.intval($id).
                                $this->deleteClause('pages').
                                ($perms && !$this->admin ? ' AND '.$this->BE_USER->getPagePermsClause($perms) : '').
                                (!$this->admin && $TCA['pages']['ctrl']['editlock'] && ($perms & (2+4+16)) ? ' AND '.$TCA['pages']['ctrl']['editlock'].'=0':'') // admin users don't need check
                );
        }

        function doesBranchExist($inList,$pid,$perms, $recurse) {
                global $TCA;
                $pid = intval($pid);
                $perms = intval($perms);
                if ($pid>=0)    {
                        $mres = $GLOBALS['TYPO3_DB']->exec_SELECTquery(
                                                'uid, perms_userid, perms_groupid, perms_user, perms_group, perms_everybody',
                                                'pages',
                                                'pid='.intval($pid).$this->deleteClause('pages'),
                                                '',
                                                'sorting'
                                        );
                        while ($row = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($mres))     {
                                if ($this->admin || $this->BE_USER->doesUserHaveAccess($row,$perms))    {       // IF admin, then it's OK
                                        $inList.=$row['uid'].',';
                                        if ($recurse)   {       // Follow the subpages recursively...
                                                $inList = $this->doesBranchExist($inList, $row['uid'], $perms, $recurse);
                                                if ($inList == -1)      {return -1;}            // No permissions somewhere in the branch
                                        }
                                } else {
                                        return -1;              // No permissions
                                }
                        }
                }
                return $inList;
        }

        function pageInfo($id,$field)   {
                if (!isset($this->pageCache[$id]))      {
                        $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('*', 'pages', 'uid='.intval($id));
                        if ($GLOBALS['TYPO3_DB']->sql_num_rows($res))   {
                                $this->pageCache[$id] = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res);
                        }
                        $GLOBALS['TYPO3_DB']->sql_free_result($res);
                }
                return $this->pageCache[$id][$field];
        }

        function recordInfo($table,$id,$fieldList)      {
                global $TCA;
                if (is_array($TCA[$table]))     {
                        $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery($fieldList, $table, 'uid='.intval($id));
                        if ($GLOBALS['TYPO3_DB']->sql_num_rows($res))   {
                                return $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res);
                        }
                }
        }

        function getRecordProperties($table,$id)        {
                $row = ($table=='pages' && !$id) ? array('title'=>'[root-level]', 'uid' => 0, 'pid' => 0) :$this->recordInfo($table,$id,'*');
                t3lib_BEfunc::fixVersioningPid($table,$row);
                return $this->getRecordPropertiesFromRow($table,$row);
        }

        function getRecordPropertiesFromRow($table,$row)        {
                global $TCA;
                if ($TCA[$table])       {
                        $out = array(
                                'header' => $row[$TCA[$table]['ctrl']['label']],
                                'pid' => $row['pid'],
                                'event_pid' => ($table=='pages'?$row['uid']:$row['pid'])
                        );
                        return $out;
                }
        }

        function setTSconfigPermissions($fieldArray,$TSConfig_p)        {
                if (strcmp($TSConfig_p['userid'],''))   $fieldArray['perms_userid']=intval($TSConfig_p['userid']);
                if (strcmp($TSConfig_p['groupid'],''))  $fieldArray['perms_groupid']=intval($TSConfig_p['groupid']);
                if (strcmp($TSConfig_p['user'],''))                     $fieldArray['perms_user']=t3lib_div::testInt($TSConfig_p['user']) ? $TSConfig_p['user'] : $this->assemblePermissions($TSConfig_p['user']);
                if (strcmp($TSConfig_p['group'],''))            $fieldArray['perms_group']=t3lib_div::testInt($TSConfig_p['group']) ? $TSConfig_p['group'] : $this->assemblePermissions($TSConfig_p['group']);
                if (strcmp($TSConfig_p['everybody'],''))        $fieldArray['perms_everybody']=t3lib_div::testInt($TSConfig_p['everybody']) ? $TSConfig_p['everybody'] : $this->assemblePermissions($TSConfig_p['everybody']);

                return $fieldArray;
        }

        function newFieldArray($table)  {
                global $TCA;
                t3lib_div::loadTCA($table);
                $fieldArray=Array();
                if (is_array($TCA[$table]['columns']))  {
                        reset ($TCA[$table]['columns']);
                        while (list($field,$content)=each($TCA[$table]['columns']))     {
                                if (isset($this->defaultValues[$table][$field]))        {
                                        $fieldArray[$field] = $this->defaultValues[$table][$field];
                                } elseif (isset($content['config']['default'])) {
                                        $fieldArray[$field] = $content['config']['default'];
                                }
                        }
                }
                if ($table=='pages')    {               // Set default permissions for a page.
                        $fieldArray['perms_userid'] = $this->userid;
                        $fieldArray['perms_groupid'] = intval($this->BE_USER->firstMainGroup);
                        $fieldArray['perms_user'] = $this->assemblePermissions($this->defaultPermissions['user']);
                        $fieldArray['perms_group'] = $this->assemblePermissions($this->defaultPermissions['group']);
                        $fieldArray['perms_everybody'] = $this->assemblePermissions($this->defaultPermissions['everybody']);
                }
                return $fieldArray;
        }

        function overrideFieldArray($table,$data)       {
                if (is_array($this->overrideValues[$table]))    {
                        $data = array_merge($data,$this->overrideValues[$table]);                       // Candidate for t3lib_div::array_merge() if integer-keys will some day make trouble...
                }
                return $data;
        }

        function assemblePermissions($string)   {
                $keyArr = t3lib_div::trimExplode(',',$string,1);
                $value=0;
                while(list(,$key)=each($keyArr))        {
                        if ($key && isset($this->pMap[$key]))   {
                                $value |= $this->pMap[$key];
                        }
                }
                return $value;
        }