[TASK] Encrypt password transmission in user setup
[Packages/TYPO3.CMS.git] / typo3 / sysext / setup / mod / index.php
1 <?php
2 /***************************************************************
3 * Copyright notice
4 *
5 * (c) 1999-2011 Kasper Skårhøj (kasperYYYY@typo3.com)
6 * All rights reserved
7 *
8 * This script is part of the TYPO3 project. The TYPO3 project is
9 * free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
13 *
14 * The GNU General Public License can be found at
15 * http://www.gnu.org/copyleft/gpl.html.
16 * A copy is found in the textfile GPL.txt and important notices to the license
17 * from the author is found in LICENSE.txt distributed with these scripts.
18 *
19 *
20 * This script is distributed in the hope that it will be useful,
21 * but WITHOUT ANY WARRANTY; without even the implied warranty of
22 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
23 * GNU General Public License for more details.
24 *
25 * This copyright notice MUST APPEAR in all copies of the script!
26 ***************************************************************/
27 /**
28 * Module: User configuration
29 *
30 * This module lets users viev and change their individual settings
31 *
32 * @author Kasper Skårhøj <kasperYYYY@typo3.com>
33 * Revised for TYPO3 3.7 6/2004 by Kasper Skårhøj
34 * XHTML compatible.
35 */
36
37 unset($MCONF);
38 require('conf.php');
39 require($BACK_PATH.'init.php');
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54 /**
55 * Script class for the Setup module
56 *
57 * @author Kasper Skårhøj <kasperYYYY@typo3.com>
58 * @package TYPO3
59 * @subpackage tx_setup
60 */
61 class SC_mod_user_setup_index {
62
63 // Internal variables:
64 var $MCONF = array();
65 var $MOD_MENU = array();
66 var $MOD_SETTINGS = array();
67
68 /**
69 * document template object
70 *
71 * @var mediumDoc
72 */
73 var $doc;
74
75 var $content;
76 var $overrideConf;
77
78 /**
79 * backend user object, set during simulate-user operation
80 *
81 * @var t3lib_beUserAuth
82 */
83 var $OLD_BE_USER;
84 var $languageUpdate;
85 protected $pagetreeNeedsRefresh = FALSE;
86
87 protected $isAdmin;
88 protected $dividers2tabs;
89
90 protected $tsFieldConf;
91
92 protected $saveData = FALSE;
93 protected $passwordIsUpdated = FALSE;
94 protected $passwordIsSubmitted = FALSE;
95 protected $setupIsUpdated = FALSE;
96 protected $tempDataIsCleared = FALSE;
97 protected $settingsAreResetToDefault = FALSE;
98 protected $installToolFileExists = FALSE;
99 protected $installToolFileKeep = FALSE;
100
101 /**
102 * Form protection instance
103 *
104 * @var t3lib_formprotection_BackendFormProtection
105 */
106 protected $formProtection;
107
108 /******************************
109 *
110 * Saving data
111 *
112 ******************************/
113
114
115 /**
116 * Instanciate the form protection before a simulated user is initialized.
117 */
118 public function __construct() {
119 $this->formProtection = t3lib_formProtection_Factory::get();
120 }
121
122 /**
123 * Getter for the form protection instance.
124 *
125 * @return t3lib_formprotection_BackendFormProtection
126 */
127 public function getFormProtection() {
128 return $this->formProtection;
129 }
130
131 /**
132 * If settings are submitted to _POST[DATA], store them
133 * NOTICE: This method is called before the template.php is included. See
134 * bottom of document.
135 */
136 public function storeIncomingData() {
137
138 // First check if something is submitted in the data-array from POST vars
139 $d = t3lib_div::_POST('data');
140 $columns = $GLOBALS['TYPO3_USER_SETTINGS']['columns'];
141 $beUserId = $GLOBALS['BE_USER']->user['uid'];
142 $storeRec = array();
143 $fieldList = $this->getFieldsFromShowItem();
144
145 if (is_array($d) && $this->formProtection->validateToken(
146 (string) t3lib_div::_POST('formToken'),
147 'BE user setup', 'edit'
148 )
149 ) {
150 // UC hashed before applying changes
151 $save_before = md5(serialize($GLOBALS['BE_USER']->uc));
152
153 // PUT SETTINGS into the ->uc array:
154
155 // reload left frame when switching BE language
156 if (isset($d['lang']) && ($d['lang'] != $GLOBALS['BE_USER']->uc['lang'])) {
157 $this->languageUpdate = TRUE;
158 }
159
160 // reload pagetree if the title length is changed
161 if (isset($d['titleLen']) && ($d['titleLen'] !== $GLOBALS['BE_USER']->uc['titleLen'])) {
162 $this->pagetreeNeedsRefresh = TRUE;
163 }
164
165 if ($d['setValuesToDefault']) {
166 // If every value should be default
167 $GLOBALS['BE_USER']->resetUC();
168 $this->settingsAreResetToDefault = TRUE;
169 } elseif ($d['clearSessionVars']) {
170 foreach ($GLOBALS['BE_USER']->uc as $key => $value) {
171 if (!isset($columns[$key])) {
172 unset ($GLOBALS['BE_USER']->uc[$key]);
173 }
174 }
175 $this->tempDataIsCleared = TRUE;
176 } elseif ($d['save']) {
177 // save all submitted values if they are no array (arrays are with table=be_users) and exists in $GLOBALS['TYPO3_USER_SETTINGS'][columns]
178
179 foreach($columns as $field => $config) {
180 if (!in_array($field, $fieldList)) {
181 continue;
182 }
183 if ($config['table']) {
184 if ($config['table'] == 'be_users' && !in_array($field, array('password', 'password2', 'email', 'realName', 'admin'))) {
185 if (!isset($config['access']) || $this->checkAccess($config) && $GLOBALS['BE_USER']->user[$field] !== $d['be_users'][$field]) {
186 $storeRec['be_users'][$beUserId][$field] = $d['be_users'][$field];
187 $GLOBALS['BE_USER']->user[$field] = $d['be_users'][$field];
188 }
189 }
190 }
191 if ($config['type'] == 'check') {
192 $GLOBALS['BE_USER']->uc[$field] = isset($d[$field]) ? 1 : 0;
193 } else {
194 $GLOBALS['BE_USER']->uc[$field] = htmlspecialchars($d[$field]);
195 }
196 }
197
198 // Personal data for the users be_user-record (email, name, password...)
199 // If email and name is changed, set it in the users record:
200 $be_user_data = $d['be_users'];
201
202 // Possibility to modify the transmitted values. Useful to do transformations, like RSA password decryption
203 if (is_array($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['ext/setup/mod/index.php']['modifyUserDataBeforeSave'])) {
204 foreach ($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['ext/setup/mod/index.php']['modifyUserDataBeforeSave'] as $function) {
205 $params = array('be_user_data' => &$be_user_data);
206 t3lib_div::callUserFunction($function, $params, $this);
207 }
208 }
209
210 $this->passwordIsSubmitted = (strlen($be_user_data['password']) > 0);
211 $passwordIsConfirmed = ($this->passwordIsSubmitted && $be_user_data['password'] === $be_user_data['password2']);
212
213 // Update the real name:
214 if ($be_user_data['realName'] !== $GLOBALS['BE_USER']->user['realName']) {
215 $GLOBALS['BE_USER']->user['realName'] = $storeRec['be_users'][$beUserId]['realName'] = substr($be_user_data['realName'], 0, 80);
216 }
217 // Update the email address:
218 if ($be_user_data['email'] !== $GLOBALS['BE_USER']->user['email']) {
219 $GLOBALS['BE_USER']->user['email'] = $storeRec['be_users'][$beUserId]['email'] = substr($be_user_data['email'], 0, 80);
220 }
221 // Update the password:
222 if ($passwordIsConfirmed) {
223 $storeRec['be_users'][$beUserId]['password'] = $be_user_data['password2'];
224 $this->passwordIsUpdated = TRUE;
225 }
226
227 $this->saveData = TRUE;
228 }
229
230 // Inserts the overriding values.
231 $GLOBALS['BE_USER']->overrideUC();
232
233 $save_after = md5(serialize($GLOBALS['BE_USER']->uc));
234 if ($save_before!=$save_after) { // If something in the uc-array of the user has changed, we save the array...
235 $GLOBALS['BE_USER']->writeUC($GLOBALS['BE_USER']->uc);
236 $GLOBALS['BE_USER']->writelog(254, 1, 0, 1, 'Personal settings changed', array());
237 $this->setupIsUpdated = TRUE;
238 }
239 // If the temporary data has been cleared, lets make a log note about it
240 if ($this->tempDataIsCleared) {
241 $GLOBALS['BE_USER']->writelog(254, 1, 0, 1, $GLOBALS['LANG']->getLL('tempDataClearedLog'), array());
242 }
243
244 // Persist data if something has changed:
245 if (count($storeRec) && $this->saveData) {
246 // Make instance of TCE for storing the changes.
247 $tce = t3lib_div::makeInstance('t3lib_TCEmain');
248 $tce->stripslashes_values=0;
249 $tce->start($storeRec, array(), $GLOBALS['BE_USER']);
250 $tce->admin = 1; // This is so the user can actually update his user record.
251 $tce->bypassWorkspaceRestrictions = TRUE; // This is to make sure that the users record can be updated even if in another workspace. This is tolerated.
252 $tce->process_datamap();
253 unset($tce);
254
255 if (!$this->passwordIsUpdated || count($storeRec['be_users'][$beUserId]) > 1) {
256 $this->setupIsUpdated = TRUE;
257 }
258 }
259 }
260 }
261
262
263 /******************************
264 *
265 * Rendering module
266 *
267 ******************************/
268
269 /**
270 * Initializes the module for display of the settings form.
271 *
272 * @return void
273 */
274 function init() {
275 $this->MCONF = $GLOBALS['MCONF'];
276
277 // check Install Tool enable file
278 $this->setInstallToolFileExists();
279 $this->setInstallToolFileKeep();
280
281 // Returns the script user - that is the REAL logged in user! ($GLOBALS[BE_USER] might be another user due to simulation!)
282 $scriptUser = $this->getRealScriptUserObj();
283 // ... and checking module access for the logged in user.
284 $scriptUser->modAccess($this->MCONF, 1);
285
286 $this->isAdmin = $scriptUser->isAdmin();
287
288 // Getting the 'override' values as set might be set in User TSconfig
289 $this->overrideConf = $GLOBALS['BE_USER']->getTSConfigProp('setup.override');
290 // Getting the disabled fields might be set in User TSconfig (eg setup.fields.password.disabled=1)
291 $this->tsFieldConf = $GLOBALS['BE_USER']->getTSConfigProp('setup.fields');
292 // id password is disabled, disable repeat of password too (password2)
293 if (isset($this->tsFieldConf['password.']) && ($this->tsFieldConf['password.']['disabled'])) {
294 $this->tsFieldConf['password2.']['disabled'] = 1;
295 }
296 // Create instance of object for output of data
297 $this->doc = t3lib_div::makeInstance('template');
298 $this->doc->backPath = $GLOBALS['BACK_PATH'];
299 $this->doc->setModuleTemplate('templates/setup.html');
300 $this->doc->form = '<form action="index.php" method="post" name="usersetup" enctype="application/x-www-form-urlencoded">';
301 $this->doc->tableLayout = array(
302 'defRow' => array(
303 '0' => array('<td class="td-label">','</td>'),
304 'defCol' => array('<td valign="top">','</td>')
305 )
306 );
307 $this->doc->table_TR = '<tr>';
308 $this->doc->table_TABLE = '<table border="0" cellspacing="1" cellpadding="2" class="typo3-usersettings">';
309 $this->doc->JScode .= $this->getJavaScript();
310 }
311
312 /**
313 * Generate necessary JavaScript
314 *
315 * @return string
316 */
317 protected function getJavaScript() {
318 $javaScript = '';
319 if (is_array($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['ext/setup/mod/index.php']['setupScriptHook'])) {
320 foreach ($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['ext/setup/mod/index.php']['setupScriptHook'] as $function) {
321 $params = array();
322 $javaScript .= t3lib_div::callUserFunction($function, $params, $this);
323 }
324 }
325
326 return $javaScript;
327 }
328
329 /**
330 * Generate the main settings formular:
331 *
332 * @return void
333 */
334 function main() {
335 global $LANG;
336
337 // file creation / delete
338 if ($this->isAdmin) {
339 if ($this->installToolFileKeep) {
340 $flashMessage = t3lib_div::makeInstance(
341 't3lib_FlashMessage',
342 $LANG->getLL('enableInstallTool.fileHasKeep'),
343 $LANG->getLL('enableInstallTool.file'),
344 t3lib_FlashMessage::WARNING
345 );
346 $this->content .= $flashMessage->render();
347 }
348
349 if (t3lib_div::_POST('deleteInstallToolEnableFile')) {
350 unlink(PATH_typo3conf . 'ENABLE_INSTALL_TOOL');
351 $this->setInstallToolFileExists();
352 if ($this->getInstallToolFileExists()) {
353 $flashMessage = t3lib_div::makeInstance(
354 't3lib_FlashMessage',
355 $LANG->getLL('enableInstallTool.fileDelete_failed'),
356 $LANG->getLL('enableInstallTool.file'),
357 t3lib_FlashMessage::ERROR
358 );
359 } else {
360 $flashMessage = t3lib_div::makeInstance(
361 't3lib_FlashMessage',
362 $LANG->getLL('enableInstallTool.fileDelete_ok'),
363 $LANG->getLL('enableInstallTool.file'),
364 t3lib_FlashMessage::OK
365 );
366 }
367 $this->content .= $flashMessage->render();
368 }
369 if (t3lib_div::_POST('createInstallToolEnableFile')) {
370 touch(PATH_typo3conf . 'ENABLE_INSTALL_TOOL');
371 t3lib_div::fixPermissions(PATH_typo3conf . 'ENABLE_INSTALL_TOOL');
372 $this->setInstallToolFileExists();
373 if ($this->getInstallToolFileExists()) {
374 $flashMessage = t3lib_div::makeInstance(
375 't3lib_FlashMessage',
376 $LANG->getLL('enableInstallTool.fileCreate_ok'),
377 $LANG->getLL('enableInstallTool.file'),
378 t3lib_FlashMessage::OK
379 );
380 } else {
381 $flashMessage = t3lib_div::makeInstance(
382 't3lib_FlashMessage',
383 $LANG->getLL('enableInstallTool.fileCreate_failed'),
384 $LANG->getLL('enableInstallTool.file'),
385 t3lib_FlashMessage::ERROR
386 );
387 }
388 $this->content .= $flashMessage->render();
389 }
390 }
391
392 if ($this->languageUpdate) {
393 $this->doc->JScodeArray['languageUpdate'] .= '
394 if (top.refreshMenu) {
395 top.refreshMenu();
396 } else {
397 top.TYPO3ModuleMenu.refreshMenu();
398 }
399 ';
400 }
401
402 if ($this->pagetreeNeedsRefresh) {
403 t3lib_BEfunc::setUpdateSignal('updatePageTree');
404 }
405
406 // Start page:
407 $this->doc->loadJavascriptLib('md5.js');
408
409 // use a wrapper div
410 $this->content .= '<div id="user-setup-wrapper">';
411
412 // Load available backend modules
413 $this->loadModules = t3lib_div::makeInstance('t3lib_loadModules');
414 $this->loadModules->observeWorkspaces = TRUE;
415 $this->loadModules->load($GLOBALS['TBE_MODULES']);
416
417 $this->content .= $this->doc->header($LANG->getLL('UserSettings') . ' - '.$GLOBALS['BE_USER']->user['realName'] .
418 ' ['.$GLOBALS['BE_USER']->user['username'] . ']');
419
420 // show if setup was saved
421 if ($this->setupIsUpdated && !$this->tempDataIsCleared && !$this->settingsAreResetToDefault) {
422 $flashMessage = t3lib_div::makeInstance(
423 't3lib_FlashMessage',
424 $LANG->getLL('setupWasUpdated'),
425 $LANG->getLL('UserSettings')
426 );
427 $this->content .= $flashMessage->render();
428 }
429 // Show if temporary data was cleared
430 if ($this->tempDataIsCleared) {
431 $flashMessage = t3lib_div::makeInstance(
432 't3lib_FlashMessage',
433 $LANG->getLL('tempDataClearedFlashMessage'),
434 $LANG->getLL('tempDataCleared')
435 );
436 $this->content .= $flashMessage->render();
437 }
438 // Show if temporary data was cleared
439 if ($this->settingsAreResetToDefault) {
440 $flashMessage = t3lib_div::makeInstance(
441 't3lib_FlashMessage',
442 $LANG->getLL('settingsAreReset'),
443 $LANG->getLL('resetConfiguration')
444 );
445 $this->content .= $flashMessage->render();
446 }
447 // If password is updated, output whether it failed or was OK.
448 if ($this->passwordIsSubmitted) {
449 if ($this->passwordIsUpdated) {
450 $flashMessage = t3lib_div::makeInstance(
451 't3lib_FlashMessage',
452 $LANG->getLL('newPassword_ok'),
453 $LANG->getLL('newPassword')
454 );
455 } else {
456 $flashMessage = t3lib_div::makeInstance(
457 't3lib_FlashMessage',
458 $LANG->getLL('newPassword_failed'),
459 $LANG->getLL('newPassword'),
460 t3lib_FlashMessage::ERROR
461 );
462 }
463 $this->content .= $flashMessage->render();
464 }
465
466
467 // render the menu items
468 $menuItems = $this->renderUserSetup();
469
470 $this->content .= $this->doc->spacer(20) . $this->doc->getDynTabMenu($menuItems, 'user-setup', FALSE, FALSE, 0, 1, FALSE, 1, $this->dividers2tabs);
471
472 $formToken = $this->formProtection->generateToken('BE user setup', 'edit');
473
474 // Submit and reset buttons
475 $this->content .= $this->doc->spacer(20);
476 $this->content .= $this->doc->section('',
477 t3lib_BEfunc::cshItem('_MOD_user_setup', 'reset', $GLOBALS['BACK_PATH']) . '
478 <input type="hidden" name="simUser" value="'.$this->simUser.'" />
479 <input type="hidden" name="formToken" value="' . $formToken . '" />
480 <input type="submit" name="data[save]" value="'.$LANG->getLL('save').'" />
481 <input type="button" value="' . $LANG->getLL('resetConfiguration') .
482 '" onclick="if(confirm(\''.$LANG->getLL('setToStandardQuestion').'\')) {document.getElementById(\'setValuesToDefault\').value=1;this.form.submit();}" />
483 <input type="button" value="' . $LANG->getLL('clearSessionVars') .
484 '" onclick="if(confirm(\'' . $LANG->getLL('clearSessionVarsQuestion') . '\')){document.getElementById(\'clearSessionVars\').value=1;this.form.submit();}" />
485 <input type="hidden" name="data[setValuesToDefault]" value="0" id="setValuesToDefault" />
486 <input type="hidden" name="data[clearSessionVars]" value="0" id="clearSessionVars" />'
487 );
488
489 // Notice
490 $this->content .= $this->doc->spacer(30);
491 $flashMessage = t3lib_div::makeInstance(
492 't3lib_FlashMessage',
493 $LANG->getLL('activateChanges'),
494 '',
495 t3lib_FlashMessage::INFO
496 );
497 $this->content .= $flashMessage->render();
498 // end of wrapper div
499 $this->content .= '</div>';
500
501 // Setting up the buttons and markers for docheader
502 $docHeaderButtons = $this->getButtons();
503 $markers['CSH'] = $docHeaderButtons['csh'];
504 $markers['CONTENT'] = $this->content;
505
506 // Build the <body> for the module
507 $this->content = $this->doc->moduleBody($this->pageinfo, $docHeaderButtons, $markers);
508 // Renders the module page
509 $this->content = $this->doc->render(
510 $LANG->getLL('UserSettings'),
511 $this->content
512 );
513
514 }
515
516 /**
517 * Sets existance of Install Tool file
518 *
519 * return void
520 */
521 public function setInstallToolFileExists() {
522 $this->installToolFileExists = is_file(PATH_typo3conf . 'ENABLE_INSTALL_TOOL');
523 }
524
525 /**
526 * Sets property if Install Tool file contains "KEEP_FILE"
527 */
528 public function setInstallToolFileKeep() {
529 if ($this->installToolFileExists) {
530 $this->installToolFileKeep = (trim(file_get_contents(PATH_typo3conf . 'ENABLE_INSTALL_TOOL')) === 'KEEP_FILE');
531 }
532 }
533
534 /**
535 * Gets property installToolFileExists
536 *
537 * @return boolean $this->installToolFileExists
538 */
539 public function getInstallToolFileExists() {
540 return $this->installToolFileExists;
541 }
542
543 /**
544 * Gets property installToolFileKeep
545 *
546 * @return boolean $this->installToolFileKeep
547 */
548 public function getInstallToolFileKeep() {
549 return $this->installToolFileKeep;
550 }
551
552 /**
553 * Prints the content / ends page
554 *
555 * @return void
556 */
557 function printContent() {
558 echo $this->content;
559 }
560
561 /**
562 * Create the panel of buttons for submitting the form or otherwise perform operations.
563 *
564 * @return array all available buttons as an assoc. array
565 */
566 protected function getButtons() {
567 $buttons = array(
568 'csh' => '',
569 'save' => '',
570 'shortcut' => '',
571 );
572
573 $buttons['csh'] = t3lib_BEfunc::cshItem('_MOD_user_setup', '', $GLOBALS['BACK_PATH'], '|', TRUE);
574
575 if ($GLOBALS['BE_USER']->mayMakeShortcut()) {
576 $buttons['shortcut'] = $this->doc->makeShortcutIcon('','',$this->MCONF['name']);
577 }
578
579 return $buttons;
580 }
581
582
583
584
585 /******************************
586 *
587 * Render module
588 *
589 ******************************/
590
591
592 /**
593 * renders the data for all tabs in the user setup and returns
594 * everything that is needed with tabs and dyntab menu
595 *
596 * @return ready to use for the dyntabmenu itemarray
597 */
598 protected function renderUserSetup() {
599 $result = array();
600 $firstTabLabel = '';
601 $code = array();
602 $i = 0;
603
604 $fieldArray = $this->getFieldsFromShowItem();
605
606 $this->dividers2tabs = isset($GLOBALS['TYPO3_USER_SETTINGS']['ctrl']['dividers2tabs']) ? intval($GLOBALS['TYPO3_USER_SETTINGS']['ctrl']['dividers2tabs']) : 0;
607 $tabLabel = '';
608
609 foreach ($fieldArray as $fieldName) {
610 $more = '';
611
612 if (substr($fieldName, 0, 8) == '--div--;') {
613 if ($firstTabLabel == '') {
614 // first tab
615 $tabLabel = $this->getLabel(substr($fieldName, 8), '', FALSE);
616 $firstTabLabel = $tabLabel;
617 } else {
618 if ($this->dividers2tabs) {
619 $result[] = array(
620 'label' => $tabLabel,
621 'content' => count($code) ? $this->doc->spacer(20) . $this->doc->table($code) : ''
622 );
623 $tabLabel = $this->getLabel(substr($fieldName, 8), '', FALSE);
624 $i = 0;
625 $code = array();
626 }
627 }
628 continue;
629 }
630
631 $config = $GLOBALS['TYPO3_USER_SETTINGS']['columns'][$fieldName];
632
633 // field my be disabled in setup.fields
634 if (isset($this->tsFieldConf[$fieldName . '.']['disabled']) && $this->tsFieldConf[$fieldName . '.']['disabled'] == 1) {
635 continue;
636 }
637 if (isset($config['access']) && !$this->checkAccess($config)) {
638 continue;
639 }
640
641 $label = $this->getLabel($config['label'], $fieldName);
642 $label = $this->getCSH($config['csh'] ? $config['csh'] : $fieldName, $label);
643
644 $type = $config['type'];
645 $eval = $config['eval'];
646 $class = $config['class'];
647 $style = $config['style'];
648
649 if ($class) {
650 $more .= ' class="' . $class . '"';
651 }
652 if ($style) {
653 $more .= ' style="' . $style . '"';
654 }
655 if ($this->overrideConf[$fieldName]) {
656 $more .= ' disabled="disabled"';
657 }
658
659 $value = $config['table'] == 'be_users' ? $GLOBALS['BE_USER']->user[$fieldName] : $GLOBALS['BE_USER']->uc[$fieldName];
660 if (!$value && isset($config['default'])) {
661 $value = $config['default'];
662 }
663
664 switch ($type) {
665 case 'text':
666 case 'password':
667 $dataAdd = '';
668 if ($config['table'] == 'be_users') {
669 $dataAdd = '[be_users]';
670 }
671 if ($eval == 'md5') {
672 $more .= ' onchange="this.value=this.value?MD5(this.value):\'\';"';
673 }
674
675 if ($type == 'password') {
676 $value = '';
677 }
678
679 $noAutocomplete = ($type == 'password' ? 'autocomplete="off" ' : '');
680 $html = '<input id="field_' . $fieldName . '"
681 type="' . $type . '"
682 name="data' . $dataAdd . '[' . $fieldName . ']" ' .
683 $noAutocomplete .
684 'value="' . htmlspecialchars($value) . '" ' . $GLOBALS['TBE_TEMPLATE']->formWidth(20) . $more . ' />';
685 break;
686 case 'check':
687 if (!$class) {
688 $more .= ' class="check"';
689 }
690 $html = '<input id="field_' . $fieldName . '"
691 type="checkbox"
692 name="data[' . $fieldName . ']"' .
693 ($value ? ' checked="checked"' : '') . $more . ' />';
694 break;
695 case 'select':
696 if (!$class) {
697 $more .= ' class="select"';
698 }
699
700 if ($config['itemsProcFunc']) {
701 $html = t3lib_div::callUserFunction($config['itemsProcFunc'], $config, $this, '');
702 } else {
703 $html = '<select id="field_' . $fieldName . '" name="data[' . $fieldName . ']"' . $more . '>' . LF;
704 foreach ($config['items'] as $key => $optionLabel) {
705 $html .= '<option value="' . $key . '"' .
706 ($value == $key ? ' selected="selected"' : '') .
707 '>' . $this->getLabel($optionLabel, '', FALSE) . '</option>' . LF;
708 }
709 $html .= '</select>';
710 }
711
712 break;
713 case 'user':
714 $html = t3lib_div::callUserFunction($config['userFunc'], $config, $this, '');
715 break;
716 default:
717 $html = '';
718 }
719
720
721 $code[$i][1] = $label;
722 $code[$i++][2] = $html;
723
724
725
726 }
727
728 if ($this->dividers2tabs == 0) {
729 $tabLabel = $firstTabLabel;
730 }
731
732 $result[] = array(
733 'label' => $tabLabel,
734 'content' => count($code) ? $this->doc->spacer(20) . $this->doc->table($code) : ''
735 );
736
737
738 return $result;
739 }
740
741
742
743
744
745
746 /******************************
747 *
748 * Helper functions
749 *
750 ******************************/
751
752 /**
753 * Returns the backend user object, either the global OR the $this->OLD_BE_USER which is set during simulate-user operation.
754 * Anyway: The REAL user is returned - the one logged in.
755 *
756 * @return object The REAL user is returned - the one logged in.
757 */
758 protected function getRealScriptUserObj() {
759 return is_object($this->OLD_BE_USER) ? $this->OLD_BE_USER : $GLOBALS['BE_USER'];
760 }
761
762
763 /**
764 * Return a select with available languages
765 *
766 * @return string complete select as HTML string or warning box if something went wrong.
767 */
768 public function renderLanguageSelect($params, $pObj) {
769
770 $languageOptions = array();
771
772 // compile the languages dropdown
773 $langDefault = $GLOBALS['LANG']->getLL('lang_default', 1);
774 $languageOptions[$langDefault] = '<option value="">' . $langDefault . '</option>';
775
776 // traverse the number of languages
777 /** @var $locales t3lib_l10n_Locales */
778 $locales = t3lib_div::makeInstance('t3lib_l10n_Locales');
779 foreach ($locales->getLocales() as $language) {
780 if ($language != 'default') {
781 $languageValue = $GLOBALS['LOCAL_LANG']['default']['lang_' . $language][0]['source'];
782 $localLabel = ' - ['.htmlspecialchars($languageValue) . ']';
783 $unavailable = (is_dir(PATH_typo3conf . 'l10n/' . $language) ? FALSE : TRUE);
784 if (!$unavailable) {
785 $languageOptions[$languageValue] = '<option value="'.$language.'"'.($GLOBALS['BE_USER']->uc['lang'] == $language ?
786 ' selected="selected"' : '') . ($unavailable ? ' class="c-na"' : '') . '>' .
787 $GLOBALS['LANG']->getLL('lang_' . $language, 1) . $localLabel . '</option>';
788 }
789 }
790 }
791 ksort($languageOptions);
792
793 $languageCode = '
794 <select id="field_lang" name="data[lang]" class="select">' .
795 implode('', $languageOptions) . '
796 </select>';
797 if ( $GLOBALS['BE_USER']->uc['lang'] && !@is_dir(PATH_typo3conf . 'l10n/' . $GLOBALS['BE_USER']->uc['lang'])) {
798 $languageUnavailableWarning = 'The selected language "'
799 . $GLOBALS['LANG']->getLL('lang_' . $GLOBALS['BE_USER']->uc['lang'], 1)
800 . '" is not available before the language pack is installed.<br />'
801 . ($GLOBALS['BE_USER']->isAdmin() ?
802 'You can use the Extension Manager to easily download and install new language packs.'
803 : 'Please ask your system administrator to do this.');
804
805
806 $languageUnavailableMessage = t3lib_div::makeInstance(
807 't3lib_FlashMessage',
808 $languageUnavailableWarning,
809 '',
810 t3lib_FlashMessage::WARNING
811 );
812
813 $languageCode = $languageUnavailableMessage->render() . $languageCode;
814 }
815
816 return $languageCode;
817 }
818
819 /**
820 * Returns a select with all modules for startup
821 *
822 * @return string complete select as HTML string
823 */
824 public function renderStartModuleSelect($params, $pObj) {
825 // start module select
826 if (empty($GLOBALS['BE_USER']->uc['startModule'])) {
827 $GLOBALS['BE_USER']->uc['startModule'] = $GLOBALS['BE_USER']->uc_default['startModule'];
828 }
829 $startModuleSelect = '<option value=""></option>';
830 foreach ($pObj->loadModules->modules as $mainMod => $modData) {
831 if (isset($modData['sub']) && is_array($modData['sub'])) {
832 $startModuleSelect .= '<option disabled="disabled">'.$GLOBALS['LANG']->moduleLabels['tabs'][$mainMod.'_tab'].'</option>';
833 foreach ($modData['sub'] as $subKey => $subData) {
834 $modName = $subData['name'];
835 $startModuleSelect .= '<option value="' . $modName . '"' . ($GLOBALS['BE_USER']->uc['startModule'] == $modName ? ' selected="selected"' : '') . '>';
836 $startModuleSelect .= ' - ' . $GLOBALS['LANG']->moduleLabels['tabs'][$modName.'_tab'] . '</option>';
837 }
838 }
839 }
840
841
842 return '<select id="field_startModule" name="data[startModule]" class="select">' . $startModuleSelect . '</select>';
843 }
844
845 /**
846 *
847 * @param array $params config of the field
848 * @param SC_mod_user_setup_index $parent this class as reference
849 * @return string html with description and button
850 */
851 public function renderInstallToolEnableFileButton(array $params, SC_mod_user_setup_index $parent) {
852 // Install Tool access file
853 $installToolEnableFile = PATH_typo3conf . 'ENABLE_INSTALL_TOOL';
854 if ($parent->getInstallToolFileExists() && ($GLOBALS['EXEC_TIME'] - filemtime($installToolEnableFile) > 3600)) {
855 if (!$parent->getInstallToolFileKeep()) {
856 // Delete the file if it is older than 3600s (1 hour)
857 unlink($installToolEnableFile);
858 $parent->setInstallToolFileExists();
859 }
860 }
861
862 if ($parent->getInstallToolFileExists()) {
863 return '<input type="button" name="deleteInstallToolEnableFile"' .
864 ($parent->getInstallToolFileKeep() ? ' disabled="disabled"' : '') .
865 ' value="' . $GLOBALS['LANG']->sL('LLL:EXT:setup/mod/locallang.xml:enableInstallTool.deleteFile') . '" onclick="document.getElementById(\'deleteInstallToolEnableFile\').value=1;this.form.submit();" />
866 <input type="hidden" name="deleteInstallToolEnableFile" value="0" id="deleteInstallToolEnableFile" />
867 ';
868
869 } else {
870 return '<input type="button" name="createInstallToolEnableFile" value="' .
871 $GLOBALS['LANG']->sL('LLL:EXT:setup/mod/locallang.xml:enableInstallTool.createFile') . '" onclick="document.getElementById(\'createInstallToolEnableFile\').value=1;this.form.submit();" />
872 <input type="hidden" name="createInstallToolEnableFile" value="0" id="createInstallToolEnableFile" />';
873 }
874 }
875
876 /**
877 * Will make the simulate-user selector if the logged in user is administrator.
878 * It will also set the GLOBAL(!) BE_USER to the simulated user selected if any (and set $this->OLD_BE_USER to logged in user)
879 *
880 * @return void
881 */
882 public function simulateUser() {
883
884 // *******************************************************************************
885 // If admin, allow simulation of another user
886 // *******************************************************************************
887 $this->simUser = 0;
888 $this->simulateSelector = '';
889 unset($this->OLD_BE_USER);
890 if ($GLOBALS['BE_USER']->isAdmin()) {
891 $this->simUser = intval(t3lib_div::_GP('simUser'));
892
893 // Make user-selector:
894 $users = t3lib_BEfunc::getUserNames('username,usergroup,usergroup_cached_list,uid,realName', t3lib_BEfunc::BEenableFields('be_users'));
895 $opt = array();
896 foreach ($users as $rr) {
897 if ($rr['uid'] != $GLOBALS['BE_USER']->user['uid']) {
898 $opt[] = '<option value="'.$rr['uid'].'"'.($this->simUser==$rr['uid']?' selected="selected"':'').'>'.htmlspecialchars($rr['username'].' ('.$rr['realName'].')').'</option>';
899 }
900 }
901 if (count($opt)) {
902 $this->simulateSelector = '<select id="field_simulate" name="simulateUser" onchange="window.location.href=\'index.php?simUser=\'+this.options[this.selectedIndex].value;"><option></option>'.implode('',$opt).'</select>';
903 }
904 }
905
906 if ($this->simUser>0) { // This can only be set if the previous code was executed.
907 // Save old user...
908 $this->OLD_BE_USER = $GLOBALS['BE_USER'];
909 unset($GLOBALS['BE_USER']); // Unset current
910
911 $BE_USER = t3lib_div::makeInstance('t3lib_beUserAuth'); // New backend user object
912 $BE_USER->OS = TYPO3_OS;
913 $BE_USER->setBeUserByUid($this->simUser);
914 $BE_USER->fetchGroupData();
915 $BE_USER->backendSetUC();
916 $GLOBALS['BE_USER'] = $BE_USER; // Must do this, because unsetting $BE_USER before apparently unsets the reference to the global variable by this name!
917 }
918 }
919
920 /**
921 * Returns a select with simulate users
922 *
923 * @return string complete select as HTML string
924 */
925 public function renderSimulateUserSelect($params, $pObj) {
926 return $pObj->simulateSelector;
927 }
928
929 /**
930 * Returns access check (currently only "admin" is supported)
931 *
932 * @param array $config: Configuration of the field, access mode is defined in key 'access'
933 * @return boolean Whether it is allowed to modify the given field
934 */
935 protected function checkAccess(array $config) {
936 $access = $config['access'];
937 // check for hook
938 if (t3lib_div::hasValidClassPrefix($access)) {
939 $accessObject = t3lib_div::getUserObj($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['setup']['accessLevelCheck'][$access] . ':&' . $access);
940 if (is_object($accessObject) && method_exists($accessObject, 'accessLevelCheck')) {
941 // initialize vars. If method fails, $set will be set to FALSE
942 return $accessObject->accessLevelCheck($config);
943 }
944 } elseif ($access == 'admin') {
945 return $this->isAdmin;
946 }
947 }
948
949
950 /**
951 * Returns the label $str from getLL() and grays out the value if the $str/$key is found in $this->overrideConf array
952 *
953 * @param string Locallang key
954 * @param string Alternative override-config key
955 * @param boolean Defines whether the string should be wrapped in a <label> tag.
956 * @param string Alternative id for use in "for" attribute of <label> tag. By default the $str key is used prepended with "field_".
957 * @return string HTML output.
958 */
959 protected function getLabel($str, $key='', $addLabelTag=TRUE, $altLabelTagId='') {
960 if (substr($str, 0, 4) == 'LLL:') {
961 $out = $GLOBALS['LANG']->sL($str);
962 } else {
963 $out = htmlspecialchars($str);
964 }
965
966
967 if (isset($this->overrideConf[($key?$key:$str)])) {
968 $out = '<span style="color:#999999">'.$out.'</span>';
969 }
970
971 if($addLabelTag) {
972 $out = '<label for="' . ($altLabelTagId ? $altLabelTagId : 'field_' . $key) . '">' . $out . '</label>';
973 }
974 return $out;
975 }
976
977 /**
978 * Returns the CSH Icon for given string
979 *
980 * @param string Locallang key
981 * @param string The label to be used, that should be wrapped in help
982 * @return string HTML output.
983 */
984 protected function getCSH($str, $label) {
985 $context = '_MOD_user_setup';
986 $field = $str;
987 $strParts = explode(':', $str);
988 if (count($strParts) > 1) {
989 // Setting comes from another extension
990 $context = $strParts[0];
991 $field = $strParts[1];
992 } elseif (!t3lib_div::inList('language,simuser', $str)) {
993 $field = 'option_' . $str;
994 }
995 return t3lib_BEfunc::wrapInHelp($context, $field, $label);
996 }
997 /**
998 * Returns array with fields defined in $GLOBALS['TYPO3_USER_SETTINGS']['showitem']
999 *
1000 * @param void
1001 * @return array array with fieldnames visible in form
1002 */
1003 protected function getFieldsFromShowItem() {
1004 $fieldList = $GLOBALS['TYPO3_USER_SETTINGS']['showitem'];
1005
1006 // disable fields depended on settings
1007 if (!$GLOBALS['TYPO3_CONF_VARS']['BE']['RTEenabled']) {
1008 $fieldList = t3lib_div::rmFromList('edit_RTE', $fieldList);
1009 }
1010
1011 $fieldArray = t3lib_div::trimExplode(',', $fieldList, TRUE);
1012 return $fieldArray;
1013 }
1014 }
1015
1016
1017 if (defined('TYPO3_MODE') && isset($GLOBALS['TYPO3_CONF_VARS'][TYPO3_MODE]['XCLASS']['ext/setup/mod/index.php'])) {
1018 include_once($GLOBALS['TYPO3_CONF_VARS'][TYPO3_MODE]['XCLASS']['ext/setup/mod/index.php']);
1019 }
1020
1021
1022
1023 // Make instance:
1024 $SOBE = t3lib_div::makeInstance('SC_mod_user_setup_index');
1025 $SOBE->simulateUser();
1026 $SOBE->storeIncomingData();
1027
1028 // These includes MUST be afterwards the settings are saved...!
1029 require ($BACK_PATH.'template.php');
1030 $LANG->includeLLFile('EXT:setup/mod/locallang.xml');
1031
1032 $SOBE->init();
1033 $SOBE->main();
1034 $SOBE->printContent();
1035 ?>