src/Eccube/Form/Type/Admin/NewsType.php line 35

Open in your IDE?
  1. <?php
  3. /*
  4.  * This file is part of EC-CUBE
  5.  *
  6.  * Copyright(c) EC-CUBE CO.,LTD. All Rights Reserved.
  7.  *
  8.  * http://www.ec-cube.co.jp/
  9.  *
  10.  * For the full copyright and license information, please view the LICENSE
  11.  * file that was distributed with this source code.
  12.  */
  14. namespace Eccube\Form\Type\Admin;
  16. use Eccube\Common\EccubeConfig;
  17. use Eccube\Entity\News;
  18. use Symfony\Component\Form\AbstractType;
  19. use Symfony\Component\Form\Extension\Core\Type\CheckboxType;
  20. use Symfony\Component\Form\Extension\Core\Type\ChoiceType;
  21. use Symfony\Component\Form\Extension\Core\Type\CollectionType;
  22. use Symfony\Component\Form\Extension\Core\Type\DateTimeType;
  23. use Symfony\Component\Form\Extension\Core\Type\FileType;
  24. use Symfony\Component\Form\Extension\Core\Type\HiddenType;
  25. use Symfony\Component\Form\Extension\Core\Type\TextareaType;
  26. use Symfony\Component\Form\Extension\Core\Type\TextType;
  27. use Symfony\Component\Form\FormBuilderInterface;
  28. use Symfony\Component\Form\FormError;
  29. use Symfony\Component\Form\FormEvent;
  30. use Symfony\Component\Form\FormEvents;
  31. use Symfony\Component\Form\FormInterface;
  32. use Symfony\Component\OptionsResolver\OptionsResolver;
  33. use Symfony\Component\Validator\Constraints as Assert;
  35. class NewsType extends AbstractType
  36. {
  37.     /**
  38.      * @var EccubeConfig
  39.      */
  40.     protected $eccubeConfig;
  42.     public function __construct(EccubeConfig $eccubeConfig)
  43.     {
  44.         $this->eccubeConfig $eccubeConfig;
  45.     }
  47.     /**
  48.      * {@inheritdoc}
  49.      */
  50.     public function buildForm(FormBuilderInterface $builder, array $options)
  51.     {
  52.         $builder
  53.             ->add('publish_date'DateTimeType::class, [
  54.                 'widget' => 'single_text',
  55.                 'input' => 'datetime',
  56.                 'years' => range($this->eccubeConfig['eccube_news_start_year'], date('Y') + 3),
  57.                 'with_seconds' => true,
  58.                 'constraints' => [
  59.                     new Assert\NotBlank(),
  60.                     new Assert\Range([
  61.                         'min'=> '0003-01-01',
  62.                         'minMessage' => 'form_error.out_of_range',
  63.                     ]),
  64.                 ],
  65.             ])
  66.             ->add('title'TextType::class, [
  67.                 'required' => true,
  68.                 'constraints' => [
  69.                     new Assert\NotBlank(),
  70.                     new Assert\Length(['max' => $this->eccubeConfig['eccube_mtext_len']]),
  71.                 ],
  72.             ])
  73.             ->add('url'TextType::class, [
  74.                 'required' => false,
  75.                 'constraints' => [
  76.                     new Assert\Url(),
  77.                     new Assert\Length(['max' => $this->eccubeConfig['eccube_mtext_len']]),
  78.                 ],
  79.             ])
  80.             ->add('link_method'CheckboxType::class, [
  81.                 'required' => false,
  82.                 'label' => 'admin.content.news.new_window',
  83.                 'value' => '1',
  84.             ])
  85.             // 画像
  86.             ->add('news_image'FileType::class, [
  87.                 'multiple' => true,
  88.                 'required' => false,
  89.                 'mapped' => false,
  90.             ])
  91.             ->add('images'CollectionType::class, [
  92.                 'entry_type' => HiddenType::class,
  93.                 'prototype' => true,
  94.                 'mapped' => false,
  95.                 'allow_add' => true,
  96.                 'allow_delete' => true,
  97.             ])
  98.             ->add('add_images'CollectionType::class, [
  99.                 'entry_type' => HiddenType::class,
  100.                 'prototype' => true,
  101.                 'mapped' => false,
  102.                 'allow_add' => true,
  103.                 'allow_delete' => true,
  104.             ])
  105.             ->add('delete_images'CollectionType::class, [
  106.                 'entry_type' => HiddenType::class,
  107.                 'prototype' => true,
  108.                 'mapped' => false,
  109.                 'allow_add' => true,
  110.                 'allow_delete' => true,
  111.             ])
  112.             ->add('description'TextareaType::class, [
  113.                 'required' => false,
  114.                 'purify_html' => true,
  115.                 'attr' => [
  116.                     'rows' => 8,
  117.                 ],
  118.                 'constraints' => [
  119.                     new Assert\Length(['max' => $this->eccubeConfig['eccube_ltext_len']]),
  120.                 ],
  121.             ])
  122.             ->add('visible'ChoiceType::class, [
  123.                 'label' => false,
  124.                 'choices' => ['admin.content.news.display_status__show' => true'admin.content.news.display_status__hide' => false],
  125.                 'required' => true,
  126.                 'expanded' => false,
  127.             ]);
  129.         $builder->addEventListener(FormEvents::POST_SUBMIT, function (FormEvent $event) {
  130.             /** @var FormInterface $form */
  131.             $form $event->getForm();
  132.             $saveImgDir $this->eccubeConfig['eccube_save_image_dir'];
  133.             $tempImgDir $this->eccubeConfig['eccube_temp_image_dir'];
  134.             $this->validateFilePath($form->get('delete_images'), [$saveImgDir$tempImgDir]);
  135.             $this->validateFilePath($form->get('add_images'), [$tempImgDir]);
  136.         });
  137.     }
  139.     /**
  140.      * 指定された複数ディレクトリのうち、いずれかのディレクトリ以下にファイルが存在するかを確認。
  141.      *
  142.      * @param $form FormInterface
  143.      * @param $dirs array
  144.      */
  145.     private function validateFilePath($form$dirs)
  146.     {
  147.         foreach ($form->getData() as $fileName) {
  148.             if (strpos($fileName'..') !== false) {
  149.                 $form->getRoot()['product_image']->addError(new FormError(trans('admin.product.image__invalid_path')));
  150.                 break;
  151.             }
  152.             $fileInDir array_filter($dirs, function ($dir) use ($fileName) {
  153.                 $filePath realpath($dir.'/'.$fileName);
  154.                 $topDirPath realpath($dir);
  156.                 return strpos($filePath$topDirPath) === && $filePath !== $topDirPath;
  157.             });
  158.             if (!$fileInDir) {
  159.                 $form->getRoot()['product_image']->addError(new FormError(trans('admin.product.image__invalid_path')));
  160.             }
  161.         }
  162.     }
  164.     /**
  165.      * {@inheritdoc}
  166.      */
  167.     public function configureOptions(OptionsResolver $resolver)
  168.     {
  169.         $resolver->setDefaults([
  170.             'data_class' => News::class,
  171.         ]);
  172.     }
  174.     /**
  175.      * {@inheritdoc}
  176.      */
  177.     public function getBlockPrefix()
  178.     {
  179.         return 'admin_news';
  180.     }
  181. }