Fixed bug #14336: Merge modules "Cleanup and typo3temp/" of the Install Tool (thanks...
[Packages/TYPO3.CMS.git] / typo3 / index.php
1 <?php
2 /***************************************************************
3 * Copyright notice
4 *
5 * (c) 1999-2009 Kasper Skaarhoj (kasperYYYY@typo3.com)
6 * All rights reserved
7 *
8 * This script is part of the TYPO3 project. The TYPO3 project is
9 * free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
13 *
14 * The GNU General Public License can be found at
15 * http://www.gnu.org/copyleft/gpl.html.
16 * A copy is found in the textfile GPL.txt and important notices to the license
17 * from the author is found in LICENSE.txt distributed with these scripts.
18 *
19 *
20 * This script is distributed in the hope that it will be useful,
21 * but WITHOUT ANY WARRANTY; without even the implied warranty of
22 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
23 * GNU General Public License for more details.
24 *
25 * This copyright notice MUST APPEAR in all copies of the script!
26 ***************************************************************/
27 /**
28 * Login-screen of TYPO3.
29 *
30 * $Id$
31 * Revised for TYPO3 3.6 December/2003 by Kasper Skaarhoj
32 * XHTML compliant
33 *
34 * @author Kasper Skaarhoj <kasperYYYY@typo3.com>
35 */
36 /**
37 * [CLASS/FUNCTION INDEX of SCRIPT]
38 *
39 *
40 *
41 * 87: class SC_index
42 * 120: function init()
43 * 159: function main()
44 * 268: function printContent()
45 *
46 * SECTION: Various functions
47 * 292: function makeLoginForm()
48 * 337: function makeLogoutForm()
49 * 379: function wrapLoginForm($content)
50 * 438: function checkRedirect()
51 * 495: function makeInterfaceSelectorBox()
52 * 549: function makeCopyrightNotice()
53 * 582: function makeLoginBoxImage()
54 * 622: function makeLoginNews()
55 *
56 * TOTAL FUNCTIONS: 11
57 * (This index is automatically created/updated by the extension "extdeveval")
58 *
59 */
60
61
62 define('TYPO3_PROCEED_IF_NO_USER', 1);
63 require('init.php');
64 require('template.php');
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80 /**
81 * Script Class for rendering the login form
82 *
83 * @author Kasper Skaarhoj <kasperYYYY@typo3.com>
84 * @package TYPO3
85 * @subpackage core
86 */
87 class SC_index {
88
89 // Internal, GPvars:
90 var $redirect_url; // GPvar: redirect_url; The URL to redirect to after login.
91 var $GPinterface; // GPvar: Defines which interface to load (from interface selector)
92 var $u; // GPvar: preset username
93 var $p; // GPvar: preset password
94 var $L; // GPvar: If "L" is "OUT", then any logged in used is logged out. If redirect_url is given, we redirect to it
95 var $loginRefresh; // Login-refresh boolean; The backend will call this script with this value set when the login is close to being expired and the form needs to be redrawn.
96 var $commandLI; // Value of forms submit button for login.
97
98 // Internal, static:
99 var $redirectToURL; // Set to the redirect URL of the form (may be redirect_url or "backend.php")
100
101 // Internal, dynamic:
102 var $content; // Content accumulation
103
104 var $interfaceSelector; // A selector box for selecting value for "interface" may be rendered into this variable
105 var $interfaceSelector_jump; // A selector box for selecting value for "interface" may be rendered into this variable - this will have an onchange action which will redirect the user to the selected interface right away
106 var $interfaceSelector_hidden; // A hidden field, if the interface is not set.
107 var $addFields_hidden = ''; // Additional hidden fields to be placed at the login form
108
109 // sets the level of security. *'normal' = clear-text. 'challenged' = hashed password/username from form in $formfield_uident. 'superchallenged' = hashed password hashed again with username.
110 var $loginSecurityLevel = 'superchallenged';
111
112
113
114
115 /**
116 * Initialize the login box. Will also react on a &L=OUT flag and exit.
117 *
118 * @return void
119 */
120 function init() {
121 // We need a PHP session session for most login levels
122 session_start();
123
124 $this->redirect_url = t3lib_div::_GP('redirect_url');
125 $this->GPinterface = t3lib_div::_GP('interface');
126
127 // Grabbing preset username and password, for security reasons this feature only works if SSL is used
128 if (t3lib_div::getIndpEnv('TYPO3_SSL')) {
129 $this->u = t3lib_div::_GP('u');
130 $this->p = t3lib_div::_GP('p');
131 }
132
133 // If "L" is "OUT", then any logged in is logged out. If redirect_url is given, we redirect to it
134 $this->L = t3lib_div::_GP('L');
135
136 // Login
137 $this->loginRefresh = t3lib_div::_GP('loginRefresh');
138
139 // Value of "Login" button. If set, the login button was pressed.
140 $this->commandLI = t3lib_div::_GP('commandLI');
141
142 // sets the level of security from conf vars
143 if ($GLOBALS['TYPO3_CONF_VARS']['BE']['loginSecurityLevel']) {
144 $this->loginSecurityLevel = $GLOBALS['TYPO3_CONF_VARS']['BE']['loginSecurityLevel'];
145 }
146
147 // try to get the preferred browser language
148 $preferredBrowserLanguage = $GLOBALS['LANG']->csConvObj->getPreferredClientLanguage(t3lib_div::getIndpEnv('HTTP_ACCEPT_LANGUAGE'));
149 // if we found a $preferredBrowserLanguage and it is not the default language and no be_user is logged in
150 // initialize $GLOBALS['LANG'] again with $preferredBrowserLanguage
151 if ($preferredBrowserLanguage != 'default' && !$GLOBALS['BE_USER']->user['uid']) {
152 $GLOBALS['LANG']->init($preferredBrowserLanguage);
153 }
154 $GLOBALS['LANG']->includeLLFile('EXT:lang/locallang_login.xml');
155
156 // check if labels from $GLOBALS['TYPO3_CONF_VARS']['BE']['loginLabels'] were changed,
157 // and merge them to $GLOBALS['LOCAL_LANG'] if needed
158 $this->mergeOldLoginLabels();
159
160 // Setting the redirect URL to "backend.php" if no alternative input is given
161 $this->redirectToURL = ($this->redirect_url ? $this->redirect_url : 'backend.php');
162
163
164 // Do a logout if the command is set
165 if ($this->L == 'OUT' && is_object($GLOBALS['BE_USER'])) {
166 $GLOBALS['BE_USER']->logoff();
167 if ($this->redirect_url) {
168 t3lib_utility_Http::redirect($this->redirect_url);
169 }
170 exit;
171 }
172 }
173
174
175 /**
176 * Main function - creating the login/logout form
177 *
178 * @return void
179 */
180 function main() {
181 global $TBE_TEMPLATE, $TYPO3_CONF_VARS, $BE_USER;
182
183 // Initialize template object:
184 $TBE_TEMPLATE->bodyTagAdditions = ' onload="startUp();"';
185 $TBE_TEMPLATE->moduleTemplate = $TBE_TEMPLATE->getHtmlTemplate('templates/login.html');
186
187 $TBE_TEMPLATE->getPageRenderer()->loadExtJS();
188
189 // Set JavaScript for creating a MD5 hash of the password:
190 $TBE_TEMPLATE->JScode.= $this->getJScode();
191
192 // Checking, if we should make a redirect.
193 // Might set JavaScript in the header to close window.
194 $this->checkRedirect();
195
196 // Initialize interface selectors:
197 $this->makeInterfaceSelectorBox();
198
199 // Creating form based on whether there is a login or not:
200 if (!$BE_USER->user['uid']) {
201 $TBE_TEMPLATE->form = $this->startForm();
202 $loginForm = $this->makeLoginForm();
203 } else {
204 $TBE_TEMPLATE->form = '
205 <form action="index.php" method="post" name="loginform">
206 <input type="hidden" name="login_status" value="logout" />
207 ';
208 $loginForm = $this->makeLogoutForm();
209 }
210
211 // Starting page:
212 $this->content.=$TBE_TEMPLATE->startPage('TYPO3 Login: '.$TYPO3_CONF_VARS['SYS']['sitename']);
213
214 // Add login form:
215 $this->content.=$this->wrapLoginForm($loginForm);
216
217 $this->content.= $TBE_TEMPLATE->endPage();
218 }
219
220 /**
221 * Outputting the accumulated content to screen
222 *
223 * @return void
224 */
225 function printContent() {
226 echo $this->content;
227 }
228
229 /*****************************
230 *
231 * Various functions
232 *
233 ******************************/
234
235 /**
236 * Creates the login form
237 * This is drawn when NO login exists.
238 *
239 * @return string HTML output
240 */
241 function makeLoginForm() {
242 $content = t3lib_parsehtml::getSubpart($GLOBALS['TBE_TEMPLATE']->moduleTemplate, '###LOGIN_FORM###');
243 $markers = array(
244 'VALUE_USERNAME' => htmlspecialchars($this->u),
245 'VALUE_PASSWORD' => htmlspecialchars($this->p),
246 'VALUE_SUBMIT' => $GLOBALS['LANG']->getLL('labels.submitLogin', true),
247 );
248
249 // show an error message if the login command was successful already, otherwise remove the subpart
250 if (!$this->commandLI) {
251 $content = t3lib_parsehtml::substituteSubpart($content, '###LOGIN_ERROR###', '');
252 } else {
253 $markers['ERROR_MESSAGE'] = $GLOBALS['LANG']->getLL('error.login', true);
254 $markers['ERROR_LOGIN_TITLE'] = $GLOBALS['LANG']->getLL('error.login.title', true);
255 $markers['ERROR_LOGIN_DESCRIPTION'] = $GLOBALS['LANG']->getLL('error.login.description', true);
256 }
257
258
259 // remove the interface selector markers if it's not available
260 if (!($this->interfaceSelector && !$this->loginRefresh)) {
261 $content = t3lib_parsehtml::substituteSubpart($content, '###INTERFACE_SELECTOR###', '');
262 } else {
263 $markers['LABEL_INTERFACE'] = $GLOBALS['LANG']->getLL('labels.interface', true);
264 $markers['VALUE_INTERFACE'] = $this->interfaceSelector;
265 }
266
267 return t3lib_parsehtml::substituteMarkerArray($content, $markers, '###|###');
268 }
269
270
271 /**
272 * Creates the logout form
273 * This is drawn if a user login already exists.
274 *
275 * @return string HTML output
276 */
277 function makeLogoutForm() {
278 $content = t3lib_parsehtml::getSubpart($GLOBALS['TBE_TEMPLATE']->moduleTemplate, '###LOGOUT_FORM###');
279 $markers = array(
280 'LABEL_USERNAME' => $GLOBALS['LANG']->getLL('labels.username', true),
281 'VALUE_USERNAME' => htmlspecialchars($GLOBALS['BE_USER']->user['username']),
282 'VALUE_SUBMIT' => $GLOBALS['LANG']->getLL('labels.submitLogout', true),
283 );
284
285 // remove the interface selector markers if it's not available
286 if (!$this->interfaceSelector_jump) {
287 $content = t3lib_parsehtml::substituteSubpart($content, '###INTERFACE_SELECTOR###', '');
288 } else {
289 $markers['LABEL_INTERFACE'] = $GLOBALS['LANG']->getLL('labels.interface', true);
290 $markers['VALUE_INTERFACE'] = $this->interfaceSelector_jump;
291 }
292
293 return t3lib_parsehtml::substituteMarkerArray($content, $markers, '###|###');
294 }
295
296
297 /**
298 * Wrapping the login form table in another set of tables etc:
299 *
300 * @param string HTML content for the login form
301 * @return string The HTML for the page.
302 */
303 function wrapLoginForm($content) {
304 $mainContent = t3lib_parsehtml::getSubpart($GLOBALS['TBE_TEMPLATE']->moduleTemplate, '###PAGE###');
305
306 if ($GLOBALS['TBE_STYLES']['logo_login']) {
307 $logo = '<img src="'.htmlspecialchars($GLOBALS['BACK_PATH'] . $GLOBALS['TBE_STYLES']['logo_login']) . '" alt="" />';
308 } else {
309 $logo = '<img'.t3lib_iconWorks::skinImg($GLOBALS['BACK_PATH'],'gfx/typo3logo.gif','width="123" height="34"').' alt="" />';
310 }
311
312 $markers = array(
313 'LOGO' => $logo,
314 'LOGINBOX_IMAGE' => $this->makeLoginBoxImage(),
315 'FORM' => $content,
316 'NEWS' => $this->makeLoginNews(),
317 'COPYRIGHT' => $this->makeCopyrightNotice(),
318 'CSS_ERRORCLASS' => ($this->commandLI ? ' class="error"' : ''),
319 'CSS_OPENIDCLASS' => 't3-login-openid-' . (t3lib_extMgm::isLoaded('openid') ? 'enabled' : 'disabled'),
320
321 // the labels will be replaced later on, thus the other parts above
322 // can use these markers as well and it will be replaced
323 'HEADLINE' => $GLOBALS['LANG']->getLL('headline', true),
324 'INFO_ABOUT' => $GLOBALS['LANG']->getLL('info.about', true),
325 'INFO_RELOAD' => $GLOBALS['LANG']->getLL('info.reset', true),
326 'INFO' => $GLOBALS['LANG']->getLL('info.cookies_and_js', true),
327 'ERROR_JAVASCRIPT' => $GLOBALS['LANG']->getLL('error.javascript', true),
328 'ERROR_COOKIES' => $GLOBALS['LANG']->getLL('error.cookies', true),
329 'ERROR_COOKIES_IGNORE' => $GLOBALS['LANG']->getLL('error.cookies_ignore', true),
330 'ERROR_CAPSLOCK' => $GLOBALS['LANG']->getLL('error.capslock', true),
331 'ERROR_FURTHERHELP' => $GLOBALS['LANG']->getLL('error.furtherInformation', true),
332 'LABEL_DONATELINK' => $GLOBALS['LANG']->getLL('labels.donate', true),
333 'LABEL_USERNAME' => $GLOBALS['LANG']->getLL('labels.username', true),
334 'LABEL_OPENID' => $GLOBALS['LANG']->getLL('labels.openId', true),
335 'LABEL_PASSWORD' => $GLOBALS['LANG']->getLL('labels.password', true),
336 'LABEL_WHATISOPENID' => $GLOBALS['LANG']->getLL('labels.whatIsOpenId', true),
337 'LABEL_SWITCHOPENID' => $GLOBALS['LANG']->getLL('labels.switchToOpenId', true),
338 'LABEL_SWITCHDEFAULT' => $GLOBALS['LANG']->getLL('labels.switchToDefault', true),
339 'CLEAR' => $GLOBALS['LANG']->getLL('clear', true),
340 'LOGIN_PROCESS' => $GLOBALS['LANG']->getLL('login_process', true),
341 'SITELINK' => '<a href="/">###SITENAME###</a>',
342
343 // global variables will now be replaced (at last)
344 'SITENAME' => $GLOBALS['TYPO3_CONF_VARS']['SYS']['sitename']
345 );
346 return t3lib_parsehtml::substituteMarkerArray($mainContent, $markers, '###|###');
347 }
348
349
350 /**
351 * Checking, if we should perform some sort of redirection OR closing of windows.
352 *
353 * @return void
354 */
355 function checkRedirect() {
356 global $BE_USER,$TBE_TEMPLATE;
357
358 // Do redirect:
359 // If a user is logged in AND a) if either the login is just done (commandLI) or b) a loginRefresh is done or c) the interface-selector is NOT enabled (If it is on the other hand, it should not just load an interface, because people has to choose then...)
360 if ($BE_USER->user['uid'] && ($this->commandLI || $this->loginRefresh || !$this->interfaceSelector)) {
361
362 // If no cookie has been set previously we tell people that this is a problem. This assumes that a cookie-setting script (like this one) has been hit at least once prior to this instance.
363 if (!$_COOKIE[$BE_USER->name]) {
364 if ($this->commandLI=='setCookie') {
365 // we tried it a second time but still no cookie
366 // 26/4 2005: This does not work anymore, because the saving of challenge values in $_SESSION means the system will act as if the password was wrong.
367 t3lib_BEfunc::typo3PrintError ('Login-error',"Yeah, that's a classic. No cookies, no TYPO3.<br /><br />Please accept cookies from TYPO3 - otherwise you'll not be able to use the system.",0);
368 exit;
369 } else {
370 // try it once again - that might be needed for auto login
371 $this->redirectToURL = 'index.php?commandLI=setCookie';
372 }
373 }
374
375 if (($redirectToURL = (string)$BE_USER->getTSConfigVal('auth.BE.redirectToURL'))) {
376 $this->redirectToURL = $redirectToURL;
377 $this->GPinterface = '';
378 }
379
380 // store interface
381 $BE_USER->uc['interfaceSetup'] = $this->GPinterface;
382 $BE_USER->writeUC();
383
384 // Based on specific setting of interface we set the redirect script:
385 switch ($this->GPinterface) {
386 case 'backend':
387 $this->redirectToURL = 'backend.php';
388 break;
389 case 'backend_old':
390 $this->redirectToURL = 'alt_main.php';
391 break;
392 case 'frontend':
393 $this->redirectToURL = '../';
394 break;
395 }
396
397 // If there is a redirect URL AND if loginRefresh is not set...
398 if (!$this->loginRefresh) {
399 t3lib_utility_Http::redirect($this->redirectToURL);
400 } else {
401 $TBE_TEMPLATE->JScode.=$TBE_TEMPLATE->wrapScriptTags('
402 if (parent.opener && (parent.opener.busy || parent.opener.TYPO3.loginRefresh)) {
403 if (parent.opener.TYPO3.loginRefresh) {
404 parent.opener.TYPO3.loginRefresh.startTimer();
405 } else {
406 parent.opener.busy.loginRefreshed();
407 }
408 parent.close();
409 }
410 ');
411 }
412 } elseif (!$BE_USER->user['uid'] && $this->commandLI) {
413 sleep(5); // Wrong password, wait for 5 seconds
414 }
415 }
416
417 /**
418 * Making interface selector:
419 *
420 * @return void
421 */
422 function makeInterfaceSelectorBox() {
423 global $TYPO3_CONF_VARS;
424
425 // Reset variables:
426 $this->interfaceSelector = '';
427 $this->interfaceSelector_hidden='';
428 $this->interfaceSelector_jump = '';
429
430 // If interfaces are defined AND no input redirect URL in GET vars:
431 if ($TYPO3_CONF_VARS['BE']['interfaces'] && ($this->commandLI || !$this->redirect_url)) {
432 $parts = t3lib_div::trimExplode(',',$TYPO3_CONF_VARS['BE']['interfaces']);
433 if (count($parts)>1) { // Only if more than one interface is defined will we show the selector:
434
435 // Initialize:
436 $labels=array();
437
438 $labels['backend'] = $GLOBALS['LANG']->getLL('interface.backend');
439 $labels['backend_old'] = $GLOBALS['LANG']->getLL('interface.backend_old');
440 $labels['frontend'] = $GLOBALS['LANG']->getLL('interface.frontend');
441
442 $jumpScript=array();
443 $jumpScript['backend'] = 'backend.php';
444 $jumpScript['backend_old'] = 'alt_main.php';
445 $jumpScript['frontend'] = '../';
446
447 // Traverse the interface keys:
448 foreach($parts as $valueStr) {
449 $this->interfaceSelector.='
450 <option value="'.htmlspecialchars($valueStr).'"'.(t3lib_div::_GP('interface')==htmlspecialchars($valueStr) ? ' selected="selected"' : '').'>'.htmlspecialchars($labels[$valueStr]).'</option>';
451 $this->interfaceSelector_jump.='
452 <option value="'.htmlspecialchars($jumpScript[$valueStr]).'">'.htmlspecialchars($labels[$valueStr]).'</option>';
453 }
454 $this->interfaceSelector='
455 <select id="t3-interfaceselector" name="interface" class="c-interfaceselector" tabindex="3">'.$this->interfaceSelector.'
456 </select>';
457 $this->interfaceSelector_jump='
458 <select id="t3-interfaceselector" name="interface" class="c-interfaceselector" tabindex="3" onchange="window.location.href=this.options[this.selectedIndex].value;">'.$this->interfaceSelector_jump.'
459 </select>';
460
461 } else { // If there is only ONE interface value set:
462
463 $this->interfaceSelector_hidden='<input type="hidden" name="interface" value="'.trim($TYPO3_CONF_VARS['BE']['interfaces']).'" />';
464 }
465 }
466 }
467
468 /**
469 * COPYRIGHT notice
470 *
471 * Warning:
472 * DO NOT prevent this notice from being shown in ANY WAY.
473 * According to the GPL license an interactive application must show such a notice on start-up ('If the program is interactive, make it output a short notice... ' - see GPL.txt)
474 * Therefore preventing this notice from being properly shown is a violation of the license, regardless of whether you remove it or use a stylesheet to obstruct the display.
475 *
476 * @return string Text/Image (HTML) for copyright notice.
477 */
478 function makeCopyrightNotice() {
479
480 // Get values from TYPO3_CONF_VARS:
481 $loginCopyrightWarrantyProvider = strip_tags(trim($GLOBALS['TYPO3_CONF_VARS']['SYS']['loginCopyrightWarrantyProvider']));
482 $loginCopyrightWarrantyURL = strip_tags(trim($GLOBALS['TYPO3_CONF_VARS']['SYS']['loginCopyrightWarrantyURL']));
483 $loginImageSmall = (trim($GLOBALS['TBE_STYLES']['loginBoxImageSmall'])) ? trim($GLOBALS['TBE_STYLES']['loginBoxImageSmall']) : 'gfx/loginlogo_transp.gif';
484
485 // Make warranty note:
486 if (strlen($loginCopyrightWarrantyProvider)>=2 && strlen($loginCopyrightWarrantyURL)>=10) {
487 $warrantyNote = sprintf($GLOBALS['LANG']->getLL('warranty.by'), htmlspecialchars($loginCopyrightWarrantyProvider), '<a href="' . htmlspecialchars($loginCopyrightWarrantyURL) . '" target="_blank">', '</a>');
488 } else {
489 $warrantyNote = sprintf($GLOBALS['LANG']->getLL('no.warranty'), '<a href="http://typo3.com/1316.0.html" target="_blank">', '</a>');
490 }
491
492 // Compile full copyright notice:
493 $copyrightNotice = '<a href="http://typo3.com/" target="_blank">'.
494 '<img src="' . $loginImageSmall . '" alt="' . $GLOBALS['LANG']->getLL('typo3.logo') . '" align="left" />' .
495 $GLOBALS['LANG']->getLL('typo3.cms') . ($GLOBALS['TYPO3_CONF_VARS']['SYS']['loginCopyrightShowVersion']?' ' . $GLOBALS['LANG']->getLL('version.short') . ' ' . htmlspecialchars($GLOBALS['TYPO_VERSION']):'') .
496 '</a>. ' .
497 $GLOBALS['LANG']->getLL('copyright') . ' &copy; ' . TYPO3_copyright_year . ' Kasper Sk&#229;rh&#248;j. ' . $GLOBALS['LANG']->getLL('extension.copyright') . ' ' .
498 sprintf($GLOBALS['LANG']->getLL('details.link'), '<a href="http://typo3.com/" target="_blank">http://typo3.com/</a>') . '<br /> ' .
499 $warrantyNote . ' ' .
500 sprintf($GLOBALS['LANG']->getLL('free.software'), '<a href="http://typo3.com/1316.0.html" target="_blank">', '</a> ') .
501 $GLOBALS['LANG']->getLL('keep.notice');
502
503 // Return notice:
504 return $copyrightNotice;
505 }
506
507 /**
508 * Returns the login box image, whether the default or an image from the rotation folder.
509 *
510 * @return string HTML image tag.
511 */
512 function makeLoginBoxImage() {
513 $loginboxImage = '';
514 if ($GLOBALS['TBE_STYLES']['loginBoxImage_rotationFolder']) { // Look for rotation image folder:
515 $absPath = t3lib_div::resolveBackPath(PATH_typo3.$GLOBALS['TBE_STYLES']['loginBoxImage_rotationFolder']);
516
517 // Get rotation folder:
518 $dir = t3lib_div::getFileAbsFileName($absPath);
519 if ($dir && @is_dir($dir)) {
520
521 // Get files for rotation into array:
522 $files = t3lib_div::getFilesInDir($dir,'png,jpg,gif');
523
524 // Pick random file:
525 $randImg = array_rand($files, 1);
526
527 // Get size of random file:
528 $imgSize = @getimagesize($dir.$files[$randImg]);
529
530 $imgAuthor = is_array($GLOBALS['TBE_STYLES']['loginBoxImage_author'])&&$GLOBALS['TBE_STYLES']['loginBoxImage_author'][$files[$randImg]] ? htmlspecialchars($GLOBALS['TBE_STYLES']['loginBoxImage_author'][$files[$randImg]]) : '';
531
532 // Create image tag:
533 if (is_array($imgSize)) {
534 $loginboxImage = '<img src="'.htmlspecialchars($GLOBALS['TBE_STYLES']['loginBoxImage_rotationFolder'].$files[$randImg]).'" '.$imgSize[3].' id="loginbox-image" alt="'.$imgAuthor.'" title="'.$imgAuthor.'" />';
535 }
536 }
537 } else { // If no rotation folder configured, print default image:
538
539 if (strstr(TYPO3_version,'-dev')) { // development version
540 $loginImage = 'loginbox_image_dev.png';
541 $imagecopy = 'You are running a development version of TYPO3 '.TYPO3_branch;
542 } else {
543 $loginImage = 'loginbox_image.jpg';
544 $imagecopy = 'Photo by J.C. Franca (www.digitalphoto.com.br)';
545 }
546 $loginboxImage = '<img'.t3lib_iconWorks::skinImg($GLOBALS['BACK_PATH'],'gfx/'.$loginImage,'width="200" height="133"').' id="loginbox-image" alt="'.$imagecopy.'" title="'.$imagecopy.'" />';
547 }
548
549 // Return image tag:
550 return $loginboxImage;
551 }
552
553 /**
554 * Make login news - renders the HTML content for a list of news shown under
555 * the login form. News data is added through $TYPO3_CONF_VARS
556 *
557 * @return string HTML content
558 * @credits Idea by Jan-Hendrik Heuing
559 */
560 function makeLoginNews() {
561 $newsContent = '';
562
563 // Traverse news array IF there are records in it:
564 if (is_array($GLOBALS['TYPO3_CONF_VARS']['BE']['loginNews']) && count($GLOBALS['TYPO3_CONF_VARS']['BE']['loginNews'])) {
565
566 // get the main news template, and replace the subpart after looped through
567 $newsContent = t3lib_parsehtml::getSubpart($GLOBALS['TBE_TEMPLATE']->moduleTemplate, '###LOGIN_NEWS###');
568 $newsItemTemplate = t3lib_parsehtml::getSubpart($newsContent, '###NEWS_ITEM###');
569
570 $newsItemContent = '';
571 $count = 1;
572 foreach ($GLOBALS['TYPO3_CONF_VARS']['BE']['loginNews'] as $newsItem) {
573 $additionalClass = '';
574 if ($count == 1) {
575 $additionalClass = ' first-item';
576 } elseif($count == count($GLOBALS['TYPO3_CONF_VARS']['BE']['loginNews'])) {
577 $additionalClass = ' last-item';
578 }
579 $newsItemMarker = array(
580 '###HEADER###' => htmlspecialchars($newsItem['header']),
581 '###DATE###' => htmlspecialchars($newsItem['date']),
582 '###CONTENT###' => trim($newsItem['content']),
583 '###CLASS###' => $additionalClass
584 );
585
586 $count++;
587 $newsItemContent .= t3lib_parsehtml::substituteMarkerArray($newsItemTemplate, $newsItemMarker);
588 }
589
590 $title = ($GLOBALS['TYPO3_CONF_VARS']['BE']['loginNewsTitle'] ? $GLOBALS['TYPO3_CONF_VARS']['BE']['loginNewsTitle'] : $GLOBALS['LANG']->getLL('newsheadline'));
591
592 $newsContent = t3lib_parsehtml::substituteMarker($newsContent, '###NEWS_HEADLINE###', htmlspecialchars($title));
593 $newsContent = t3lib_parsehtml::substituteSubpart($newsContent, '###NEWS_ITEM###', $newsItemContent);
594 }
595
596 return $newsContent;
597 }
598
599 /**
600 * Returns the form tag
601 *
602 * @return string Opening form tag string
603 */
604 function startForm() {
605 $output = '';
606
607 // The form defaults to 'no login'. This prevents plain
608 // text logins to the Backend. The 'sv' extension changes the form to
609 // use superchallenged method and rsaauth extension makes rsa authetication.
610 $form = '<form action="index.php" method="post" name="loginform" ' .
611 'onsubmit="alert(\'No authentication methods available. Please, ' .
612 'contact your TYPO3 administrator.\');return false">';
613
614 // Call hooks. If they do not return anything, we fail to login
615 if (is_array($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['typo3/index.php']['loginFormHook'])) {
616 foreach ($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['typo3/index.php']['loginFormHook'] as $function) {
617 $params = array();
618 $formCode = t3lib_div::callUserFunction($function, $params, $this);
619 if ($formCode) {
620 $form = $formCode;
621 break;
622 }
623 }
624 }
625
626 $output .= $form .
627 '<input type="hidden" name="login_status" value="login" />' .
628 '<input type="hidden" name="userident" value="" />' .
629 '<input type="hidden" name="redirect_url" value="'.htmlspecialchars($this->redirectToURL).'" />' .
630 '<input type="hidden" name="loginRefresh" value="'.htmlspecialchars($this->loginRefresh).'" />' .
631 $this->interfaceSelector_hidden . $this->addFields_hidden;
632
633 return $output;
634 }
635
636 /**
637 * Outputs an empty string. This function is obsolete and kept for the
638 * compatibility only.
639 *
640 * @param string $unused Unused
641 * @return string HTML output
642 * @deprecated since TYPO3 4.3, all the functionality was put in $this->startForm() and $this->addFields_hidden
643 */
644 function getHiddenFields($unused = '') {
645 t3lib_div::logDeprecatedFunction();
646 return '';
647 }
648
649 /**
650 * Creates JavaScript for the login form
651 *
652 * @return string JavaScript code
653 */
654 function getJScode() {
655 $JSCode = '';
656 if (is_array($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['typo3/index.php']['loginScriptHook'])) {
657 foreach ($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['typo3/index.php']['loginScriptHook'] as $function) {
658 $params = array();
659 $JSCode = t3lib_div::callUserFunction($function, $params, $this);
660 if ($JSCode) {
661 break;
662 }
663 }
664 }
665 $JSCode .= $GLOBALS['TBE_TEMPLATE']->wrapScriptTags('
666 function startUp() {
667 // If the login screen is shown in the login_frameset window for re-login, then try to get the username of the current/former login from opening windows main frame:
668 try {
669 if (parent.opener && parent.opener.TS && parent.opener.TS.username && document.loginform && document.loginform.username) {
670 document.loginform.username.value = parent.opener.TS.username;
671 }
672 }
673 catch(error) {
674 //continue
675 }
676
677 // Wait a few millisecons before calling checkFocus(). This might be necessary because some browsers need some time to auto-fill in the form fields
678 window.setTimeout("checkFocus()", 50);
679 }
680
681 // This moves focus to the right input field:
682 function checkFocus() {
683 // If for some reason there already is a username in the username form field, move focus to the password field:
684 if (document.loginform.username && document.loginform.username.value == "") {
685 document.loginform.username.focus();
686 } else if (document.loginform.p_field && document.loginform.p_field.type!="hidden") {
687 document.loginform.p_field.focus();
688 }
689 }
690
691 // This function shows a warning, if user has capslock enabled
692 // parameter showWarning: shows warning if true and capslock active, otherwise only hides warning, if capslock gets inactive
693 function checkCapslock(e, showWarning) {
694 if (!isCapslock(e)) {
695 document.getElementById(\'t3-capslock\').style.display = \'none\';
696 } else if (showWarning) {
697 document.getElementById(\'t3-capslock\').style.display = \'block\';
698 }
699 }
700
701 // Checks weather capslock is enabled (returns true if enabled, false otherwise)
702 // thanks to http://24ways.org/2007/capturing-caps-lock
703
704 function isCapslock(e) {
705 var ev = e ? e : window.event;
706 if (!ev) {
707 return;
708 }
709 var targ = ev.target ? ev.target : ev.srcElement;
710 // get key pressed
711 var which = -1;
712 if (ev.which) {
713 which = ev.which;
714 } else if (ev.keyCode) {
715 which = ev.keyCode;
716 }
717 // get shift status
718 var shift_status = false;
719 if (ev.shiftKey) {
720 shift_status = ev.shiftKey;
721 } else if (ev.modifiers) {
722 shift_status = !!(ev.modifiers & 4);
723 }
724 return (((which >= 65 && which <= 90) && !shift_status) ||
725 ((which >= 97 && which <= 122) && shift_status));
726 }
727
728 // prevent opening the login form in the backend frameset
729 if (top.location.href != self.location.href) {
730 top.location.href = self.location.href;
731 }
732
733 ');
734
735 return $JSCode;
736 }
737
738
739 /**
740 * Checks if labels from $GLOBALS['TYPO3_CONF_VARS']['BE']['loginLabels'] were changed, and merge them to $GLOBALS['LOCAL_LANG'] if needed
741 *
742 * This method keeps backwards compatibility, if you modified your
743 * labels with the install tool, we recommend to transfer this labels to a locallang.xml file
744 * using the llxml extension
745 *
746 * @return void
747 */
748 protected function mergeOldLoginLabels() {
749 // Getting login labels
750 $oldLoginLabels = trim($GLOBALS['TYPO3_CONF_VARS']['BE']['loginLabels']);
751 if ($oldLoginLabels != '') {
752 // md5 hash of the default loginLabels string
753 $defaultOldLoginLabelsHash = 'bcf0d32e58c6454ea50c6c956f1f18f0';
754 // compare loginLabels from TYPO3_CONF_VARS to default value
755 if (md5($oldLoginLabels) != $defaultOldLoginLabelsHash) {
756 $lang = $GLOBALS['LANG']->lang;
757 $oldLoginLabelArray = explode('|',$oldLoginLabels);
758 $overrideLabelKeys = array(
759 'labels.username' => $oldLoginLabelArray[0],
760 'labels.password' => $oldLoginLabelArray[1],
761 'labels.interface' => $oldLoginLabelArray[2],
762 'labels.submitLogin' => $oldLoginLabelArray[3],
763 'labels.submitLogout' => $oldLoginLabelArray[4],
764 'availableInterfaces' => $oldLoginLabelArray[5],
765 'headline' => $oldLoginLabelArray[6],
766 'info.jscookies' => $oldLoginLabelArray[7],
767 'newsheadline' => $oldLoginLabelArray[8],
768 'error.login' => $oldLoginLabelArray[9],
769 );
770 if (!is_array($GLOBALS['LOCAL_LANG'][$lang])) {
771 $GLOBALS['LOCAL_LANG'][$lang] = array();
772 }
773 // now override the labels from the LOCAL_LANG with the TYPO3_CONF_VARS
774 foreach ($overrideLabelKeys as $labelKey => $label) {
775 $GLOBALS['LOCAL_LANG'][$lang][$labelKey] = $GLOBALS['LOCAL_LANG']['default'][$labelKey] = $label;
776 }
777 }
778 }
779 }
780 }
781
782
783 if (defined('TYPO3_MODE') && $TYPO3_CONF_VARS[TYPO3_MODE]['XCLASS']['typo3/index.php']) {
784 include_once($TYPO3_CONF_VARS[TYPO3_MODE]['XCLASS']['typo3/index.php']);
785 }
786
787
788
789 // Make instance:
790 $SOBE = t3lib_div::makeInstance('SC_index');
791 $SOBE->init();
792 $SOBE->main();
793 $SOBE->printContent();
794
795 ?>