input (rsaInput)

This page describes the input type with renderType=’rsaInput’.

If extension rsaauth is loaded, this renderType overrides the TCA configuration of table be_users and fe_users and adds itself as renderType for the password fields. If enabled, the value of fields are not transferred in plain text to the server, but are encrypted on client side with in a JavaScript library and decrypted on the server side on save. This can increase security if the backend is not HTTPS enabled, to increase transmission security a bit.

Note

The extension rsaauth is just an imperfect helper to secure little parts of the backend. It is clearly just a poor-man solution and no good substitution of running the entire backend with HTTPS. If you are concerned about communication security (you should!), there is no way around HTTPS. If the backend is forced to HTTPS, extension rsaauth can be unloaded.

Extension rsaauth has been deprecated in the core and will be removed any time soon.

Table of contents:

Example

'rsainput_1' => [
            'exclude' => 1,
            'label' => 'rsainput_1 description',
            'description' => 'field description',
            'config' => [
                'type' => 'input',
                'renderType' => 'rsaInput',
            ],
        ],

Properties

autocomplete

Datatype
boolean
Scope
Display
Description

Controls the autocomplete attribute of a given input field. If set to true (default false), adds attribute autocomplete="on" to the input field allowing browser auto filling the field:

'title' => [
    'label' => 'LLL:EXT:lang/locallang_tca.xlf:sys_file_reference.title',
    'config' => [
        'type' => 'input',
        'size' => 20,
        'eval' => 'null',
        'autocomplete' => true
    ]
],

behaviour

Datatype
array
Scope
Proc.
Description
The behaviour array contains various sub properties to specify processing options like localization overlay behaviour and children behaviour for relation types. Available properties vary by type and renderType combination.

behaviour => allowLanguageSynchronization

Datatype
boolean
Scope
Proc.
Description

Allows an editor to select in a localized record whether the value is copied over from default or source language record, or if the field has an own value in the localization. If set to true and if the table supports localization and if a localized record is edited, this setting enables FieldWizard LocalizationStateSelector: Two or three radio buttons shown below the field input. The state of this is stored in a json encoded array in the database table called l10n_state. It tells the DataHandler which fields of the localization records should be kept in sync if the underlying default or source record changes.

Example:

'aField' => [
   'config' => [
      'type' = 'sometype',
      'behaviour' => [
         'allowLanguageSynchronization' => true
      ]
   ]
]
Default
false

default

Datatype
integer / string
Scope
Display / Proc.
Description
Default value set if a new record is created.

eval

Datatype
string (list of keywords)
Scope
Display / Proc.
Description

Configuration of field evaluation.

Some of these evaluation keywords will trigger a JavaScript pre- evaluation in the form. Other evaluations will be performed in the backend. The evaluation functions will be executed in the list-order. Keywords:

alpha
Allows only a-zA-Z characters.
alphanum
Same as “alpha” but allows also “0-9”
alphanum_x
Same as “alphanum” but allows also “_” and “-” chars.
domainname
Allows a domain name such as “example.com” and automatically transforms the value to punicode if needed.
double2
Converts the input to a floating point with 2 decimal positions, using the “.” (period) as the decimal delimited (accepts also “,” for the same).
email
This type adds a server-side validation of an email address. If the input does not contain a valid email address, a flash message warning will be displayed.
int
Evaluates the input to an integer.
is_in
Will filter out any character in the input string which is not found in the string entered in the property is_in.
lower
Converts the string to lowercase (only A-Z plus a selected set of Western European special chars).
md5
Will convert the input value to its md5-hash using a JavaScript function.
nospace
Removes all occurrences of space characters (chr(32))
null
An empty value (string) will be stored as NULL in the database, requires a proper sql definition.
num
Allows only 0-9 characters in the field.
password

Will show “*******” in the field after entering the value and moving to another field. Thus passwords can be protected from display in the field.

Note

The value is visible while it is being entered!

required
A non-empty value is required in the field (otherwise the form cannot be saved).
saltedPassword
The value will be hashed using the password hash configuration for BE for all tables except fe_user, where the password hash configuration for FE is used. Note this eval is typically only used core internally for tables be_users and fe_users on the password field.
trim
The value in the field will have white spaces around it trimmed away.
unique

Requires the field to be unique for the whole table. Evaluated on the server only.

Note

When selecting on unique-fields, make sure to select using AND pid>=0 since the field can contain duplicate values in other versions of records (always having PID = -1). This also means that if you are using versioning on a table where the unique-feature is used you cannot set the field to be truly unique in the database either!

uniqueInPid
Requires the field to be unique for the current PID among other records on the same page. Evaluated on the server only.
upper
Converts to uppercase (only A-Z plus a selected set of Western European special chars).
year
Evaluates the input to a year between 1970 and 2038. If you need any year, then use “int” evaluation instead.
Vendor\Extension\*
User defined form evaluations.
Examples:

Trimming the value for white space before storing in the database:

'aField' => [
    'label' => 'aLabel',
    'config' => [
        'type' => 'input',
        'eval' => 'trim',
    ],
],

By this configuration the field will be stripped for any space characters, converted to lowercase, only accepted if filled in and on the server the value is required to be unique for all records from this table:

'eval' => 'nospace,lower,unique,required'

You can supply own form evaluations in an extension by creating a class with three functions, one which returns the JavaScript code for client side validation called returnFieldJS() and two for the server side: deevaluateFieldValue() called when opening the record and evaluateFieldValue() called for validation when saving the record:

EXT:extension/Classes/Evaluation/ExampleEvaluation.php

namespace Vendor\Extension\Evaluation;

/**
 * Class for field value validation/evaluation to be used in 'eval' of TCA
 */
class ExampleEvaluation
{

    /**
     * JavaScript code for client side validation/evaluation
     *
     * @return string JavaScript code for client side validation/evaluation
     */
    public function returnFieldJS()
    {
        return 'return value + " [added by JavaScript on field blur]";';
    }

    /**
     * Server-side validation/evaluation on saving the record
     *
     * @param string $value The field value to be evaluated
     * @param string $is_in The "is_in" value of the field configuration from TCA
     * @param bool $set Boolean defining if the value is written to the database or not.
     * @return string Evaluated field value
     */
    public function evaluateFieldValue($value, $is_in, &$set)
    {
        return $value . ' [added by PHP on saving the record]';
    }

    /**
     * Server-side validation/evaluation on opening the record
     *
     * @param array $parameters Array with key 'value' containing the field value from the database
     * @return string Evaluated field value
     */
    public function deevaluateFieldValue(array $parameters)
    {
        return $parameters['value'] . ' [added by PHP on opening the record]';
    }
}

EXT:extension/ext_localconf.php:

// Register the class to be available in 'eval' of TCA
$GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['tce']['formevals']['Vendor\\Extension\\Evaluation\\ExampleEvaluation'] = '';

EXT:extension/Configuration/TCA/tx_example_record.php:

'columns' => [
    'example_field' => [
        'config' => [
            'type' => 'text',
            'eval' => 'trim,Vendor\\Extension\\Evaluation\\ExampleEvaluation,required'
        ],
    ],
],

fieldControl

Datatype
array
Scope
Display
Description
Show action buttons next to the element. This is used in various type’s to add control buttons right next to the main element. They can open popus, switch the entire view and other things. All must provide a “button” icon to click on, see FormEngine docs for more details. See type=group for examples.

fieldInformation

Datatype
array
Scope
Display
Description
Show information between an element label and the main element input area. Configuration works identical to the “fieldWizard” property, no default configuration in the core exists (yet). In contrast to “fieldWizard”, HTML returned by fieldInformation is limited, see FormEngine docs for more details.

fieldWizard

Datatype
array
Scope
Display
Description

Specifies wizards rendered below the main input area of an element. Single type / renderType elements can register default wizards which are merged with this property.

As example, type=’check’ comes with this default wizards configuration:

protected $defaultFieldWizard = [
    'localizationStateSelector' => [
        'renderType' => 'localizationStateSelector',
    ],
    'otherLanguageContent' => [
        'renderType' => 'otherLanguageContent',
        'after' => [
            'localizationStateSelector'
        ],
    ],
    'defaultLanguageDifferences' => [
        'renderType' => 'defaultLanguageDifferences',
        'after' => [
            'otherLanguageContent',
        ],
    ],
];

This is be merged with the configuration from TCA, if there is any. Below example disables the default localizationStateSelector wizard.

'aField' => [
    'config' => [
        'fieldWizard' => [
            'localizationStateSelector' => [
                'disabled' => true,
            ],
        ],
    ],
],

It is possible to add own wizards by adding them to the TCA of the according field and pointing to a registered renderType, to resort wizards by overriding the before and after keys, to hand over additional options in the optional options array to specific wizards, and to disable single wizards using the disabled key. Developers should have a look at the FormEngine docs for details.

The following fieldWizards are available for this renderType:

fieldWizard => defaultLanguageDifferences

Datatype
array
Scope
fieldWizard
Description

Show a “diff-view” if the content of the default language record has been changed after the translation overlay has been created. The [‘ctrl’] section property transOrigDiffSourceField has to be specified to enable this wizard in a translated record.

This wizard is important for editors who maintain translated records: They can see what has been changed in their localization parent between the last save operation of the overlay.

A field has been changed in default language record

A field has been changed in default language record

fieldWizard => otherLanguageContent

Datatype
array
Scope
fieldWizard
Description

Show values from the default language record and other localized records if the edited row is a localized record. Often used in tt_content fields. By default, only the value of the default language record is shown, values from further translations can be shown by setting the userTsConfig property additionalPreviewLanguages.

The wizard shows content only for “simple” fields. For instance, it does not work for database relation fields, and if the field is set to readOnly. Additionally, the table has to be language aware by setting up the according fields in [‘ctrl’] section.

Header field showing values from two other languages

Header field showing values from two other languages

is_in

Datatype
string
Scope
Display / Proc.
Description

If the evaluation type “is_in” (see eval) is used for evaluation, then the characters in the input string should be found in this string as well. This value is also passed as argument to the evaluation function if a user-defined evaluation function is registered.

Note

The “is_in” value is trimmed during processing, leading and trailing whitespaces are removed. If whitespaces should be allowed, it should be in between other characters, example a b.

max

Datatype
integer
Scope
Display
Description

Value for the “maxlength” attribute of the <input> field. Javascript prevents adding more than these number of characters.

If the form element edits a varchar(40) field in the database you should also set this value to 40.

range

Datatype
array
Scope
Proc.
Description

An array which defines an integer range within which the value must be. Keys:

lower
Defines the lower integer value.
upper
Defines the upper integer value.

It is allowed to specify only one of both of them.

Note

This feature is evaluated on the server only so any regulation of the value will have happened after saving the form.

Limit an integer to be within the range 10 to 1000

'eval' => 'int',
'range' => [
    'lower' => 10,
    'upper' => 1000
],

In this example the upper limit is set to the last day in year 2020 while the lowest possible value is set to the date of 2014:

'range' => [
    'upper' => mktime(0, 0, 0, 12, 31, 2020),
    'lower' => mktime(0, 0, 0, 1, 1, 2014),
],

readOnly

Datatype
boolean
Scope
Display
Description

Renders the field in a way that the user can see the values but cannot edit them. The rendering is as similar as possible to the normal rendering but may differ in layout and size.

Warning

This property affects only the display. It is still possible to write to those fields when using the DataHandler.

size

Datatype
integer
Scope
Display
Description
Abstract value for the width of the <input> field. To set the input field to the full width of the form area, use the value 50. Minimum is 10. Default is 30.

softref

Datatype
string
Scope
Proc.
Description

Used to attach “soft reference parsers”, typically used in type='text' fields.

The syntax for this value is key1,key2[parameter1;parameter2;…],…

See Soft references of core API for more details about softref keys.