* Added some file icons from Ben and Emile
[Packages/TYPO3.CMS.git] / t3lib / class.t3lib_userauth.php
1 <?php
2 /***************************************************************
3 * Copyright notice
4 *
5 * (c) 1999-2004 Kasper Skaarhoj (kasper@typo3.com)
6 * All rights reserved
7 *
8 * This script is part of the TYPO3 project. The TYPO3 project is
9 * free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
13 *
14 * The GNU General Public License can be found at
15 * http://www.gnu.org/copyleft/gpl.html.
16 * A copy is found in the textfile GPL.txt and important notices to the license
17 * from the author is found in LICENSE.txt distributed with these scripts.
18 *
19 *
20 * This script is distributed in the hope that it will be useful,
21 * but WITHOUT ANY WARRANTY; without even the implied warranty of
22 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
23 * GNU General Public License for more details.
24 *
25 * This copyright notice MUST APPEAR in all copies of the script!
26 ***************************************************************/
27 /**
28 * Contains a base class for authentication of users in TYPO3, both frontend and backend.
29 *
30 * $Id$
31 * Revised for TYPO3 3.6 July/2003 by Kasper Skaarhoj
32 *
33 * @author Kasper Skaarhoj <kasper@typo3.com>
34 */
35 /**
36 * [CLASS/FUNCTION INDEX of SCRIPT]
37 *
38 *
39 *
40 * 86: class t3lib_userAuth
41 * 155: function start()
42 * 255: function check_authentication()
43 * 406: function redirect()
44 * 419: function logoff()
45 * 434: function gc()
46 * 448: function user_where_clause()
47 * 462: function ipLockClause()
48 * 478: function writeUC($variable='')
49 * 501: function writelog($type,$action,$error,$details_nr,$details,$data,$tablename,$recuid,$recpid)
50 * 510: function checkLogFailures()
51 * 519: function unpack_uc($theUC='')
52 * 535: function pushModuleData($module,$data,$noSave=0)
53 * 548: function getModuleData($module,$type='')
54 * 561: function getSessionData($key)
55 * 574: function setAndSaveSessionData($key,$data)
56 * 593: function setBeUserByUid($uid)
57 * 606: function setBeUserByName($name)
58 *
59 * TOTAL FUNCTIONS: 17
60 * (This index is automatically created/updated by the extension "extdeveval")
61 *
62 */
63
64
65
66
67
68
69
70
71
72
73
74 /**
75 * Authentication of users in TYPO3
76 *
77 * This class is used to authenticate a login user.
78 * The class is used by both the frontend and backend. In both cases this class is a parent class to beuserauth and feuserauth
79 *
80 * See Inside TYPO3 for more information about the API of the class and internal variables.
81 *
82 * @author Kasper Skaarhoj <kasper@typo3.com>
83 * @package TYPO3
84 * @subpackage t3lib
85 */
86 class t3lib_userAuth {
87 var $global_database = ''; // Which global database to connect to
88 var $session_table = ''; // Table to use for session data.
89 var $name = ''; // Session/Cookie name
90 var $get_name = ''; // Session/GET-var name
91
92 var $user_table = ''; // Table in database with userdata
93 var $username_column = ''; // Column for login-name
94 var $userident_column = ''; // Column for password
95 var $userid_column = ''; // Column for user-id
96 var $lastLogin_column = '';
97
98 var $enablecolumns = Array (
99 'rootLevel' => '', // Boolean: If true, 'AND pid=0' will be a part of the query...
100 'disabled' => '',
101 'starttime' => '',
102 'endtime' => '',
103 'deleted' => ''
104 );
105
106 var $formfield_uname = ''; // formfield with login-name
107 var $formfield_uident = ''; // formfield with password
108 var $formfield_chalvalue = ''; // formfield with a unique value which is used to encrypt the password and username
109 var $formfield_status = ''; // formfield with status: *'login', 'logout'. If empty login is not verified.
110 var $security_level = ''; // sets the level of security. *'normal' = clear-text. 'challenged' = hashed password/username from form in $formfield_uident. 'superchallenged' = hashed password hashed again with username.
111
112 var $auth_include = ''; // this is the name of the include-file containing the login form. If not set, login CAN be anonymous. If set login IS needed.
113
114 var $auth_timeout_field = 0; // if > 0 : session-timeout in seconds. if false/<0 : no timeout. if string: The string is fieldname from the usertable where the timeout can be found.
115 var $lifetime = 0; // 0 = Session-cookies. If session-cookies, the browser will stop session when the browser is closed. Else it keeps the session for $lifetime seconds.
116 var $gc_time = 24; // GarbageCollection. Purge all session data older than $gc_time hours.
117 var $gc_probability = 1; // Possibility (in percent) for GarbageCollection to be run.
118 var $writeStdLog = 0; // Decides if the writelog() function is called at login and logout
119 var $writeAttemptLog = 0; // If the writelog() functions is called if a login-attempt has be tried without success
120 var $sendNoCacheHeaders = 1; // If this is set, headers is sent to assure, caching is NOT done
121 var $getFallBack = 0; // If this is set, authentication is also accepted by the HTTP_GET_VARS. Notice that the identification is NOT 128bit MD5 hash but reduced. This is done in order to minimize the size for mobile-devices, such as WAP-phones
122 var $hash_length = 32; // The ident-hash is normally 32 characters and should be! But if you are making sites for WAP-devices og other lowbandwidth stuff, you may shorten the length. Never let this value drop below 6. A length of 6 would give you more than 16 mio possibilities.
123 var $getMethodEnabled = 0; // Setting this flag true lets user-authetication happen from GET_VARS if POST_VARS are not set. Thus you may supply username/password from the URL.
124 var $lockIP = 1; // If set, will lock the session to the users IP address.
125
126 var $warningEmail = ''; // warning -emailaddress:
127 var $warningPeriod = 3600; // Period back in time (in seconds) in which number of failed logins are collected
128 var $warningMax = 3; // The maximum accepted number of warnings before an email is sent
129 var $checkPid=1; // If set, the user-record must $checkPid_value as pid
130 var $checkPid_value=0; // The pid, the user-record must have as page-id
131
132 // Internals
133 var $id; // Internal: Will contain session_id (MD5-hash)
134 var $cookieId; // Internal: Will contain the session_id gotten from cookie or GET method. This is used in statistics as a reliable cookie (one which is known to come from HTTP_COOKIE_VARS).
135 var $loginSessionStarted = 0; // Will be set to 1 if the login session is actually written during auth-check.
136
137 var $user; // Internal: Will contain user- AND session-data from database (joined tables)
138 var $get_URL_ID = ''; // Internal: Will will be set to the url--ready (eg. '&login=ab7ef8d...') GET-auth-var if getFallBack is true. Should be inserted in links!
139
140 var $forceSetCookie=0; // Will force the session cookie to be set everytime (liftime must be 0)
141 var $dontSetCookie=0; // Will prevent the setting of the session cookie (takes precedence over forceSetCookie.
142
143
144 /**
145 * Starts a user session
146 * Typical configurations will:
147 * a) check if session cookie was set and if not, set one,
148 * b) check if a password/username was sent and if so, try to authenticate the user
149 * c) Lookup a session attached to a user and check timeout etc.
150 * d) Garbage collection, setting of no-cache headers.
151 * If a user is authenticated the database record of the user (array) will be set in the ->user internal variable.
152 *
153 * @return void
154 */
155 function start() {
156 global $HTTP_COOKIE_VARS, $HTTP_GET_VARS;
157
158 // Init vars.
159 $mode='';
160 $new_id = false; // Default: not a new session
161 $id = isset($HTTP_COOKIE_VARS[$this->name]) ? stripslashes($HTTP_COOKIE_VARS[$this->name]) : ''; // $id is set to ses_id if cookie is present. Else set to false, which will start a new session
162 $this->hash_length = t3lib_div::intInRange($this->hash_length,6,32);
163
164 // If fallback to get mode....
165 if (!$id && $this->getFallBack && $this->get_name) {
166 $id = isset($HTTP_GET_VARS[$this->get_name]) ? t3lib_div::_GET($this->get_name) : '';
167 if (strlen($id)!=$this->hash_length) $id='';
168 $mode='get';
169 }
170 $this->cookieId = $id;
171
172 if (!$id) { // If new session...
173 $id = substr(md5(uniqid('')),0,$this->hash_length); // New random session-$id is made
174 $new_id = true; // New session
175 }
176 // Internal var 'id' is set
177 $this->id = $id;
178 if ($mode=='get' && $this->getFallBack && $this->get_name) { // If fallback to get mode....
179 $this->get_URL_ID = '&'.$this->get_name.'='.$id;
180 }
181 $this->user = ''; // Make certain that NO user is set initially
182
183 // Setting cookies
184 if (($new_id || $this->forceSetCookie) && $this->lifetime==0 ) { // If new session and the cookie is a sessioncookie, we need to set it only once!
185 if (!$this->dontSetCookie) SetCookie($this->name, $id, 0, '/'); // Cookie is set
186 }
187 if ($this->lifetime > 0) { // If it is NOT a session-cookie, we need to refresh it.
188 if (!$this->dontSetCookie) SetCookie($this->name, $id, time()+$this->lifetime, '/');
189 }
190
191 // Check to see if anyone has submitted login-information and if so register the user with the session. $this->user[uid] may be used to write log...
192 if ($this->formfield_status) {
193 $this->check_authentication();
194 }
195 unset($this->user); // Make certain that NO user is set initially. ->check_authentication may have set a session-record which will provide us with a user record in the next section:
196
197
198 // The session_id is used to find user in the database. Two tables are joined: The session-table with user_id of the session and the usertable with its primary key
199 $dbres = $GLOBALS['TYPO3_DB']->exec_SELECTquery(
200 '*',
201 $this->session_table.','.$this->user_table,
202 $this->session_table.'.ses_id = "'.$GLOBALS['TYPO3_DB']->quoteStr($this->id, $this->session_table).'"
203 AND '.$this->session_table.'.ses_name = "'.$GLOBALS['TYPO3_DB']->quoteStr($this->name, $this->session_table).'"
204 AND '.$this->session_table.'.ses_userid = '.$this->user_table.'.'.$this->userid_column.'
205 '.$this->ipLockClause().'
206 '.$this->user_where_clause()
207 );
208 if ($this->user = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($dbres)) {
209 // A user was found
210 if (is_string($this->auth_timeout_field)) {
211 $timeout = intval($this->user[$this->auth_timeout_field]); // Get timeout-time from usertable
212 } else {
213 $timeout = intval($this->auth_timeout_field); // Get timeout from object
214 }
215 // If timeout > 0 (true) and currenttime has not exceeded the latest sessions-time plus the timeout in seconds then accept user
216 // Option later on: We could check that last update was at least x seconds ago in order not to update twice in a row if one script redirects to another...
217 if ($timeout>0 && ($GLOBALS['EXEC_TIME'] < ($this->user['ses_tstamp']+$timeout))) {
218 $GLOBALS['TYPO3_DB']->exec_UPDATEquery(
219 $this->session_table,
220 'ses_id="'.$GLOBALS['TYPO3_DB']->quoteStr($this->id, $this->session_table).'"
221 AND ses_name="'.$GLOBALS['TYPO3_DB']->quoteStr($this->name, $this->session_table).'"',
222 array('ses_tstamp' => $GLOBALS['EXEC_TIME'])
223 );
224 $this->user['ses_tstamp'] = $GLOBALS['EXEC_TIME']; // Make sure that the timestamp is also updated in the array
225 } else {
226 $this->user = '';
227 $this->logoff(); // delete any user set...
228 }
229 } else {
230 $this->logoff(); // delete any user set...
231 }
232
233 $this->redirect(); // If any redirection (inclusion of file) then it will happen in this function
234
235 // Set all posible headers that could ensure that the script is not cached on the client-side
236 if ($this->sendNoCacheHeaders) {
237 header('Expires: Mon, 26 Jul 1997 05:00:00 GMT');
238 header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
239 header('Expires: 0');
240 header('Cache-Control: no-cache, must-revalidate');
241 header('Pragma: no-cache');
242 }
243
244 // If we're lucky we'll get to clean up old sessions....
245 if ((rand()%100) <= $this->gc_probability) {
246 $this->gc();
247 }
248 }
249
250 /**
251 * Checks if a submission of username and password is present
252 *
253 * @return string Returns "login" if login, "logout" if logout, or empty if $F_status was none of these values.
254 * @internal
255 */
256 function check_authentication() {
257
258 // The values fetched from input variables here are supposed to already BE slashed...
259 if ($this->getMethodEnabled) {
260 $F_status = t3lib_div::_GP($this->formfield_status);
261 $F_uname = t3lib_div::_GP($this->formfield_uname);
262 $F_uident = t3lib_div::_GP($this->formfield_uident);
263 $F_chalvalue = t3lib_div::_GP($this->formfield_chalvalue);
264 } else {
265 $F_status = t3lib_div::_POST($this->formfield_status);
266 $F_uname = t3lib_div::_POST($this->formfield_uname);
267 $F_uident = t3lib_div::_POST($this->formfield_uident);
268 $F_chalvalue = t3lib_div::_POST($this->formfield_chalvalue);
269 }
270
271 switch ($F_status) {
272 case 'login':
273 $refInfo=parse_url(t3lib_div::getIndpEnv('HTTP_REFERER'));
274 $httpHost = t3lib_div::getIndpEnv('TYPO3_HOST_ONLY');
275 if (!$this->getMethodEnabled && ($httpHost!=$refInfo['host'] && !$GLOBALS['TYPO3_CONF_VARS']['SYS']['doNotCheckReferer'])) {
276 die('Error: This host address ("'.$httpHost.'") and the referer host ("'.$refInfo['host'].'") mismatches!<br />
277 It\'s possible that the environment variable HTTP_REFERER is not passed to the script because of a proxy.<br />
278 The site administrator can disable this check in the configuration (flag: TYPO3_CONF_VARS[SYS][doNotCheckReferer]).');
279 }
280 if ($F_uident && $F_uname) {
281
282 // Reset this flag
283 $loginFailure=0;
284
285 // delete old user session if any
286 $this->logoff();
287
288 // Look up the new user by the username:
289 $dbres = $GLOBALS['TYPO3_DB']->exec_SELECTquery(
290 '*',
291 $this->user_table,
292 ($this->checkPid ? 'pid IN ('.$GLOBALS['TYPO3_DB']->cleanIntList($this->checkPid_value).') AND ' : '').
293 $this->username_column.'="'.$GLOBALS['TYPO3_DB']->quoteStr($F_uname, $this->user_table).'" '.
294 $this->user_where_clause()
295 );
296
297 // Enter, if a user was found:
298 if ($tempuser = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($dbres)) {
299 // Internal user record set (temporarily)
300 $this->user = $tempuser;
301
302 // Default: not OK - will be set true if password matches in the comparison hereafter
303 $OK = false;
304
305 // check the password
306 switch ($this->security_level) {
307 case 'superchallenged': // If superchallenged the password in the database ($tempuser[$this->userident_column]) must be a md5-hash of the original password.
308 case 'challenged':
309 if (!strcmp($F_uident,md5($tempuser[$this->username_column].':'.$tempuser[$this->userident_column].':'.$F_chalvalue))) {
310 $OK = true;
311 };
312 break;
313 default: // normal
314 if (!strcmp($F_uident,$tempuser[$this->userident_column])) {
315 $OK = true;
316 };
317 break;
318 }
319
320 // Write session-record in case user was verified OK
321 if ($OK) {
322 // Checking the domain (lockToDomain)
323 if ($this->user['lockToDomain'] && $this->user['lockToDomain']!=t3lib_div::getIndpEnv('HTTP_HOST')) {
324 // Lock domain didn't match, so error:
325 if ($this->writeAttemptLog) {
326 $this->writelog(255,3,3,1,
327 "Login-attempt from %s (%s), username '%s', locked domain '%s' did not match '%s'!",
328 Array(t3lib_div::getIndpEnv('REMOTE_ADDR'),t3lib_div::getIndpEnv('REMOTE_HOST'),$F_uname,$this->user['lockToDomain'],t3lib_div::getIndpEnv('HTTP_HOST')));
329 }
330 $loginFailure=1;
331 } else {
332 // The loginsession is started.
333 $this->loginSessionStarted = 1;
334
335 // Inserting session record:
336 $insertFields = array(
337 'ses_id' => $this->id,
338 'ses_name' => $this->name,
339 'ses_iplock' => $this->user['disableIPlock'] ? '[DISABLED]' : t3lib_div::getIndpEnv('REMOTE_ADDR'),
340 'ses_userid' => $tempuser[$this->userid_column],
341 'ses_tstamp' => $GLOBALS['EXEC_TIME']
342 );
343 $GLOBALS['TYPO3_DB']->exec_INSERTquery($this->session_table, $insertFields);
344
345 // Updating column carrying information about last login.
346 if ($this->lastLogin_column) {
347 $GLOBALS['TYPO3_DB']->exec_UPDATEquery(
348 $this->user_table,
349 $this->userid_column.'="'.$GLOBALS['TYPO3_DB']->quoteStr($tempuser[$this->userid_column], $this->user_table).'"',
350 array($this->lastLogin_column => $GLOBALS['EXEC_TIME'])
351 );
352 }
353 // User logged in - write that to the log!
354 if ($this->writeStdLog) {
355 $this->writelog(255,1,0,1,
356 'User %s logged in from %s (%s)',
357 Array($this->user['username'],t3lib_div::getIndpEnv('REMOTE_ADDR'),t3lib_div::getIndpEnv('REMOTE_HOST')));
358 }
359 }
360 } else {
361 // Failed login attempt (wrong password) - write that to the log!
362 if ($this->writeAttemptLog) {
363 $this->writelog(255,3,3,1,
364 "Login-attempt from %s (%s), username '%s', password not accepted!",
365 Array(t3lib_div::getIndpEnv('REMOTE_ADDR'),t3lib_div::getIndpEnv('REMOTE_HOST'),$F_uname));
366 }
367 $loginFailure=1;
368 }
369 // Make sure to clear the user again!!
370 unset($this->user);
371 } else {
372 // Failed login attempt (no username found)
373 if ($this->writeAttemptLog) {
374 $this->writelog(255,3,3,2,
375 "Login-attempt from %s (%s), username '%s' not found!!",
376 Array(t3lib_div::getIndpEnv('REMOTE_ADDR'),t3lib_div::getIndpEnv('REMOTE_HOST'),$F_uname)); // Logout written to log
377 }
378 $loginFailure=1;
379 }
380
381 // If there were a login failure, check to see if a warning email should be sent:
382 if ($loginFailure) {
383 $this->checkLogFailures($this->warningEmail, $this->warningPeriod, $this->warningMax);
384 }
385 }
386
387 // Return "login" - since this was the $F_status
388 return 'login';
389 break;
390 case 'logout':
391 // Just logout:
392 if ($this->writeStdLog) $this->writelog(255,2,0,2,'User %s logged out',Array($this->user['username'])); // Logout written to log
393 $this->logoff();
394
395 // Return "logout" - since this was the $F_status
396 return 'logout';
397 break;
398 }
399 }
400
401 /**
402 * Redirect to somewhere. Obsolete, depreciated etc.
403 *
404 * @return void
405 * @ignore
406 */
407 function redirect() {
408 if (!$this->userid && $this->auth_url) { // if no userid AND an include-document for login is given
409 include ($this->auth_include);
410 exit;
411 }
412 }
413
414 /**
415 * Log out current user!
416 * Removes the current session record, sets the internal ->user array to a blank string; Thereby the current user (if any) is effectively logged out!
417 *
418 * @return void
419 */
420 function logoff() {
421 $GLOBALS['TYPO3_DB']->exec_DELETEquery(
422 $this->session_table,
423 'ses_id = "'.$GLOBALS['TYPO3_DB']->quoteStr($this->id, $this->session_table).'"
424 AND ses_name = "'.$GLOBALS['TYPO3_DB']->quoteStr($this->name, $this->session_table).'"'
425 );
426 $this->user = "";
427 }
428
429 /**
430 * Garbage collector, removing old expired sessions.
431 *
432 * @return void
433 * @internal
434 */
435 function gc() {
436 $GLOBALS['TYPO3_DB']->exec_DELETEquery(
437 $this->session_table,
438 'ses_tstamp < '.intval(time()-($this->gc_time*60*60)).'
439 AND ses_name = "'.$GLOBALS['TYPO3_DB']->quoteStr($this->name, $this->session_table).'"'
440 );
441 }
442
443 /**
444 * This returns the where-clause needed to select the user with respect flags like deleted, hidden, starttime, endtime
445 *
446 * @return string
447 * @access private
448 */
449 function user_where_clause() {
450 return (($this->enablecolumns['rootLevel']) ? 'AND '.$this->user_table.'.pid=0 ' : '').
451 (($this->enablecolumns['disabled']) ? ' AND NOT '.$this->user_table.'.'.$this->enablecolumns['disabled'] : '').
452 (($this->enablecolumns['deleted']) ? ' AND NOT '.$this->user_table.'.'.$this->enablecolumns['deleted'] : '').
453 (($this->enablecolumns['starttime']) ? ' AND ('.$this->user_table.'.'.$this->enablecolumns['starttime'].'<='.time().')' : '').
454 (($this->enablecolumns['endtime']) ? ' AND ('.$this->user_table.'.'.$this->enablecolumns['endtime'].'=0 OR '.$this->user_table.'.'.$this->enablecolumns['endtime'].'>'.time().')' : '');
455 }
456
457 /**
458 * This returns the where-clause needed to lock a user to the IP address
459 *
460 * @return string
461 * @access private
462 */
463 function ipLockClause() {
464 if ($this->lockIP) {
465 $wherePart = 'AND (
466 '.$this->session_table.'.ses_iplock="'.$GLOBALS['TYPO3_DB']->quoteStr(t3lib_div::getIndpEnv('REMOTE_ADDR'),$this->session_table).'"
467 OR '.$this->session_table.'.ses_iplock="[DISABLED]"
468 )';
469 return $wherePart;
470 }
471 }
472
473 /**
474 * This writes $variable to the user-record. This is a way of providing session-data.
475 * You can fetch the data again through $this->uc in this class!
476 * If $variable is not an array, $this->uc is saved!
477 *
478 * @param array An array you want to store for the user as session data. If $variable is not supplied (is blank string), the internal variable, ->uc, is stored by default
479 * @return void
480 */
481 function writeUC($variable='') {
482 if (is_array($this->user) && $this->user['uid']) {
483 if (!is_array($variable)) { $variable = $this->uc; }
484
485 $GLOBALS['TYPO3_DB']->exec_UPDATEquery($this->user_table, 'uid='.intval($this->user['uid']), array('uc' => serialize($variable)));
486 }
487 }
488
489 /**
490 * DUMMY: Writes to log database table (in some extension classes)
491 *
492 * @param integer $type: denotes which module that has submitted the entry. This is the current list: 1=tce_db; 2=tce_file; 3=system (eg. sys_history save); 4=modules; 254=Personal settings changed; 255=login / out action: 1=login, 2=logout, 3=failed login (+ errorcode 3), 4=failure_warning_email sent
493 * @param integer $action: denotes which specific operation that wrote the entry (eg. 'delete', 'upload', 'update' and so on...). Specific for each $type. Also used to trigger update of the interface. (see the log-module for the meaning of each number !!)
494 * @param integer $error: flag. 0 = message, 1 = error (user problem), 2 = System Error (which should not happen), 3 = security notice (admin)
495 * @param integer $details_nr: The message number. Specific for each $type and $action. in the future this will make it possible to translate errormessages to other languages
496 * @param string $details: Default text that follows the message
497 * @param array $data: Data that follows the log. Might be used to carry special information. If an array the first 5 entries (0-4) will be sprintf'ed the details-text...
498 * @param string $tablename: Special field used by tce_main.php. These ($tablename, $recuid, $recpid) holds the reference to the record which the log-entry is about. (Was used in attic status.php to update the interface.)
499 * @param integer $recuid: Special field used by tce_main.php. These ($tablename, $recuid, $recpid) holds the reference to the record which the log-entry is about. (Was used in attic status.php to update the interface.)
500 * @param integer $recpid: Special field used by tce_main.php. These ($tablename, $recuid, $recpid) holds the reference to the record which the log-entry is about. (Was used in attic status.php to update the interface.)
501 * @return void
502 * @see t3lib_userauthgroup::writelog()
503 */
504 function writelog($type,$action,$error,$details_nr,$details,$data,$tablename,$recuid,$recpid) {
505 }
506
507 /**
508 * DUMMY: Check login failures (in some extension classes)
509 *
510 * @return void
511 * @ignore
512 */
513 function checkLogFailures() {
514 }
515
516 /**
517 * Sets $theUC as the internal variable ->uc IF $theUC is an array. If $theUC is false, the 'uc' content from the ->user array will be unserialized and restored in ->uc
518 *
519 * @param mixed If an array, then set as ->uc, otherwise load from user record
520 * @return void
521 */
522 function unpack_uc($theUC='') {
523 if (!$theUC) $theUC=unserialize($this->user['uc']);
524 if (is_array($theUC)) {
525 $this->uc=$theUC;
526 }
527 }
528
529 /**
530 * Stores data for a module.
531 * The data is stored with the session id so you can even check upon retrieval if the module data is from a previous session or from the current session.
532 *
533 * @param string $module is the name of the module ($MCONF['name'])
534 * @param mixed $data is the data you want to store for that module (array, string, ...)
535 * @param boolean If $noSave is set, then the ->uc array (which carries all kinds of user data) is NOT written immediately, but must be written by some subsequent call.
536 * @return void
537 */
538 function pushModuleData($module,$data,$noSave=0) {
539 $this->uc['moduleData'][$module] = $data;
540 $this->uc['moduleSessionID'][$module] = $this->id;
541 if (!$noSave) $this->writeUC();
542 }
543
544 /**
545 * Gets module data for a module (from a loaded ->uc array)
546 *
547 * @param string $module is the name of the module ($MCONF['name'])
548 * @param string If $type = 'ses' then module data is returned only if it was stored in the current session, otherwise data from a previous session will be returned (if available).
549 * @return mixed The module data if available: $this->uc['moduleData'][$module];
550 */
551 function getModuleData($module,$type='') {
552 if ($type!='ses' || $this->uc['moduleSessionID'][$module]==$this->id) {
553 return $this->uc['moduleData'][$module];
554 }
555 }
556
557 /**
558 * Returns the session data stored for $key.
559 * The data will last only for this login session since it is stored in the session table.
560 *
561 * @param string Pointer to an associative key in the session data array which is stored serialized in the field "ses_data" of the session table.
562 * @return mixed
563 */
564 function getSessionData($key) {
565 $sesDat = unserialize($this->user['ses_data']);
566 return $sesDat[$key];
567 }
568
569 /**
570 * Sets the session data ($data) for $key and writes all session data (from ->user['ses_data']) to the database.
571 * The data will last only for this login session since it is stored in the session table.
572 *
573 * @param string Pointer to an associative key in the session data array which is stored serialized in the field "ses_data" of the session table.
574 * @param mixed The variable to store in index $key
575 * @return void
576 */
577 function setAndSaveSessionData($key,$data) {
578 $sesDat = unserialize($this->user['ses_data']);
579 $sesDat[$key] = $data;
580 $this->user['ses_data'] = serialize($sesDat);
581
582 $GLOBALS['TYPO3_DB']->exec_UPDATEquery($this->session_table, 'ses_id="'.$GLOBALS['TYPO3_DB']->quoteStr($this->user['ses_id'], $this->session_table).'"', array('ses_data' => $this->user['ses_data']));
583 }
584
585 /**
586 * Raw initialization of the be_user with uid=$uid
587 * This will circumvent all login procedures and select a be_users record from the database and set the content of ->user to the record selected. Thus the BE_USER object will appear like if a user was authenticated - however without a session id and the fields from the session table of course.
588 * Will check the users for disabled, start/endtime, etc. ($this->user_where_clause())
589 *
590 * @param integer The UID of the backend user to set in ->user
591 * @return void
592 * @params integer 'uid' of be_users record to select and set.
593 * @internal
594 * @see SC_mod_tools_be_user_index::compareUsers(), SC_mod_user_setup_index::simulateUser(), freesite_admin::startCreate()
595 */
596 function setBeUserByUid($uid) {
597 $dbres = $GLOBALS['TYPO3_DB']->exec_SELECTquery('*', $this->user_table, 'uid="'.intval($uid).'" '.$this->user_where_clause());
598 $this->user = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($dbres);
599 }
600
601 /**
602 * Raw initialization of the be_user with username=$name
603 *
604 * @param string The username to look up.
605 * @return void
606 * @see t3lib_userAuth::setBeUserByUid()
607 * @internal
608 */
609 function setBeUserByName($name) {
610 $dbres = $GLOBALS['TYPO3_DB']->exec_SELECTquery('*', $this->user_table, 'username="'.$GLOBALS['TYPO3_DB']->quoteStr($name, $this->user_table).'" '.$this->user_where_clause());
611 $this->user = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($dbres);
612 }
613 }
614
615
616
617 if (defined('TYPO3_MODE') && $TYPO3_CONF_VARS[TYPO3_MODE]['XCLASS']['t3lib/class.t3lib_userauth.php']) {
618 include_once($TYPO3_CONF_VARS[TYPO3_MODE]['XCLASS']['t3lib/class.t3lib_userauth.php']);
619 }
620 ?>