2 /***************************************************************
5 * (c) 1999-2011 Kasper Skårhøj (kasperYYYY@typo3.com)
8 * This script is part of the TYPO3 project. The TYPO3 project is
9 * free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
14 * The GNU General Public License can be found at
15 * http://www.gnu.org/copyleft/gpl.html.
16 * A copy is found in the textfile GPL.txt and important notices to the license
17 * from the author is found in LICENSE.txt distributed with these scripts.
20 * This script is distributed in the hope that it will be useful,
21 * but WITHOUT ANY WARRANTY; without even the implied warranty of
22 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
23 * GNU General Public License for more details.
25 * This copyright notice MUST APPEAR in all copies of the script!
26 ***************************************************************/
28 * TYPO3 Backend initialization
30 * This script is called by every backend script.
31 * The script authenticates the backend user.
32 * In addition this script also initializes the database and other stuff by including the script localconf.php
35 * This script exits if no user is logged in!
36 * If you want the script to return even if no user is logged in,
37 * you must define the constant TYPO3_PROCEED_IF_NO_USER=1
38 * before you include this script.
41 * This script does the following:
42 * - extracts and defines path's
43 * - includes certain libraries
44 * - authenticates the user
45 * - sets the configuration values (localconf.php)
46 * - includes tables.php that sets more values and possibly overrides others
47 * - load the groupdata for the user and set filemounts / webmounts
49 * For a detailed description of this script, the scope of constants and variables in it,
50 * please refer to the document "Inside TYPO3"
52 * Revised for TYPO3 3.6 2/2003 by Kasper Skårhøj
54 * @author Kasper Skårhøj <kasperYYYY@typo3.com>
59 // *******************************
60 // Checking PHP version
61 // *******************************
62 if (version_compare(phpversion(), '5.3', '<')) die ('TYPO3 requires PHP 5.3.0 or higher.');
65 // *******************************
66 // Set error reporting
67 // *******************************
68 error_reporting(E_ALL ^ E_NOTICE ^ E_DEPRECATED
);
70 // *******************************
71 // Prevent any unwanted output that may corrupt AJAX/compression. Note: this does
72 // not interfeer with "die()" or "echo"+"exit()" messages!
73 // *******************************
76 // *******************************
78 // *******************************
79 define('TYPO3_MODE','BE');
81 require_once('Bootstrap.php');
82 Typo3_Bootstrap
::defineBaseConstants();
83 Typo3_Bootstrap
::defineAndCheckPaths('typo3/');
87 // *********************
88 // Unset variable(s) in global scope (fixes #13959)
89 // *********************
92 // *************************************************
93 // t3lib_div + extention management class included
94 // *************************************************
95 require_once(PATH_t3lib
.'class.t3lib_div.php'); // The standard-library is included
96 require_once(PATH_t3lib
.'class.t3lib_extmgm.php'); // Extension API Management library included
98 // ****************************************************
99 // Include configuration (localconf + ext_localconf)
100 // ****************************************************
101 require(PATH_t3lib
.'config_default.php');
102 if (!defined ('TYPO3_db')) die ('The configuration file was not included.');
107 // *********************
108 // Error & Exception handling
109 // *********************
110 if ($TYPO3_CONF_VARS['SC_OPTIONS']['errors']['exceptionHandler'] !== '') {
111 if ($TYPO3_CONF_VARS['SYS']['errorHandler'] !== '') {
112 // register an error handler for the given errorHandlerErrors
113 $errorHandler = t3lib_div
::makeInstance($TYPO3_CONF_VARS['SYS']['errorHandler'], $TYPO3_CONF_VARS['SYS']['errorHandlerErrors']);
114 // set errors which will be converted in an exception
115 $errorHandler->setExceptionalErrors($TYPO3_CONF_VARS['SC_OPTIONS']['errors']['exceptionalErrors']);
117 $exceptionHandler = t3lib_div
::makeInstance($TYPO3_CONF_VARS['SC_OPTIONS']['errors']['exceptionHandler']);
120 /** @var TYPO3_DB t3lib_db */
121 $TYPO3_DB = t3lib_div
::makeInstance('t3lib_DB');
122 $TYPO3_DB->debugOutput
= $TYPO3_CONF_VARS['SYS']['sqlDebug'];
124 $CLIENT = t3lib_div
::clientInfo(); // $CLIENT includes information about the browser/user-agent
125 $PARSETIME_START = t3lib_div
::milliseconds(); // Is set to the system time in milliseconds. This could be used to output script parsetime in the end of the script
128 // *************************
129 // CLI dispatch processing
130 // *************************
131 if ((TYPO3_REQUESTTYPE
& TYPO3_REQUESTTYPE_CLI
) && basename(PATH_thisScript
) == 'cli_dispatch.phpsh') {
132 // First, take out the first argument (cli-key)
133 $temp_cliScriptPath = array_shift($_SERVER['argv']);
134 $temp_cliKey = array_shift($_SERVER['argv']);
135 array_unshift($_SERVER['argv'],$temp_cliScriptPath);
137 // If cli_key was found in configuration, then set up the cliInclude path and module name:
139 if (is_array($TYPO3_CONF_VARS['SC_OPTIONS']['GLOBAL']['cliKeys'][$temp_cliKey])) {
140 define('TYPO3_cliInclude', t3lib_div
::getFileAbsFileName($TYPO3_CONF_VARS['SC_OPTIONS']['GLOBAL']['cliKeys'][$temp_cliKey][0]));
141 $MCONF['name'] = $TYPO3_CONF_VARS['SC_OPTIONS']['GLOBAL']['cliKeys'][$temp_cliKey][1];
143 $message = "The supplied 'cliKey' was not valid. Please use one of the available from this list:\n\n";
144 $message .= var_export(array_keys($TYPO3_CONF_VARS['SC_OPTIONS']['GLOBAL']['cliKeys']), TRUE);
145 fwrite(STDERR
, $message . LF
);
149 $message = "Please supply a 'cliKey' as first argument. The following are available:\n\n";
150 $message .= var_export(array_keys($TYPO3_CONF_VARS['SC_OPTIONS']['GLOBAL']['cliKeys']), TRUE);
151 fwrite(STDERR
, $message . LF
);
157 // **********************
158 // Check Hardcoded lock on BE:
159 // **********************
160 if ($TYPO3_CONF_VARS['BE']['adminOnly'] < 0) {
161 throw new RuntimeException('TYPO3 Backend locked: Backend and Install Tool are locked for maintenance. [BE][adminOnly] is set to "' . intval($TYPO3_CONF_VARS['BE']['adminOnly']) . '".', 1294586847);
163 if (!(TYPO3_REQUESTTYPE
& TYPO3_REQUESTTYPE_CLI
) && @is_file
(PATH_typo3conf
. 'LOCK_BACKEND')) {
164 if (TYPO3_PROCEED_IF_NO_USER
== 2) {
165 // ajax poll for login, let him pass
167 $fContent = t3lib_div
::getUrl(PATH_typo3conf
.'LOCK_BACKEND');
169 header('Location: '.$fContent); // Redirect
171 throw new RuntimeException('TYPO3 Backend locked: Browser backend is locked for maintenance. Remove lock by removing the file "typo3conf/LOCK_BACKEND" or use CLI-scripts.', 1294586848);
178 // **********************
180 // **********************
181 if (trim($TYPO3_CONF_VARS['BE']['IPmaskList']) && !(TYPO3_REQUESTTYPE
& TYPO3_REQUESTTYPE_CLI
)) {
182 if (!t3lib_div
::cmpIP(t3lib_div
::getIndpEnv('REMOTE_ADDR'), $TYPO3_CONF_VARS['BE']['IPmaskList'])) {
183 header('Status: 404 Not Found'); // Send Not Found header - if the webserver can make use of it...
184 header('Location: http://'); // Just point us away from here...
185 exit; // ... and exit good!
190 // **********************
192 // **********************
193 if (intval($TYPO3_CONF_VARS['BE']['lockSSL']) && !(TYPO3_REQUESTTYPE
& TYPO3_REQUESTTYPE_CLI
)) {
194 if(intval($TYPO3_CONF_VARS['BE']['lockSSLPort'])) {
195 $sslPortSuffix = ':'.intval($TYPO3_CONF_VARS['BE']['lockSSLPort']);
199 if ($TYPO3_CONF_VARS['BE']['lockSSL'] == 3) {
200 $requestStr = substr(t3lib_div
::getIndpEnv('TYPO3_REQUEST_SCRIPT'), strlen(t3lib_div
::getIndpEnv('TYPO3_SITE_URL').TYPO3_mainDir
));
201 if($requestStr == 'index.php' && !t3lib_div
::getIndpEnv('TYPO3_SSL')) {
202 list(,$url) = explode('://',t3lib_div
::getIndpEnv('TYPO3_REQUEST_URL'),2);
203 list($server,$address) = explode('/',$url,2);
204 header('Location: https://'.$server.$sslPortSuffix.'/'.$address);
207 } elseif (!t3lib_div
::getIndpEnv('TYPO3_SSL') ) {
208 if ($TYPO3_CONF_VARS['BE']['lockSSL'] == 2) {
209 list(,$url) = explode('://',t3lib_div
::getIndpEnv('TYPO3_SITE_URL').TYPO3_mainDir
,2);
210 list($server,$address) = explode('/',$url,2);
211 header('Location: https://'.$server.$sslPortSuffix.'/'.$address);
213 header('Status: 404 Not Found'); // Send Not Found header - if the webserver can make use of it...
214 header('Location: http://'); // Just point us away from here...
216 exit; // ... and exit good!
221 // *******************************
222 // Checking environment
223 // *******************************
224 if (isset($_POST['GLOBALS']) ||
isset($_GET['GLOBALS'])) {
225 die('You cannot set the GLOBALS-array from outside the script.');
227 if (!get_magic_quotes_gpc()) {
228 t3lib_div
::addSlashesOnArray($_GET);
229 t3lib_div
::addSlashesOnArray($_POST);
230 $HTTP_GET_VARS = $_GET;
231 $HTTP_POST_VARS = $_POST;
235 // ********************************************
236 // Check if the install script should be run:
237 // ********************************************
238 if (TYPO3_REQUESTTYPE
& TYPO3_REQUESTTYPE_INSTALL
) {
239 if(!t3lib_extMgm
::isLoaded('install')) {
240 die('Install Tool is not loaded as an extension.<br />You must add the key "install" to the list of installed extensions in typo3conf/localconf.php, $TYPO3_CONF_VARS[\'EXT\'][\'extList\'].');
243 require_once(t3lib_extMgm
::extPath('install').'mod/class.tx_install.php');
244 $install_check = t3lib_div
::makeInstance('tx_install');
245 $install_check->allowUpdateLocalConf
= 1;
246 $install_check->init();
251 // *************************
252 // Connect to the database
253 // *************************
254 // Redirect to install tool if database host and database are not defined
255 if (!TYPO3_db_host
&& !TYPO3_db
) {
256 t3lib_utility_Http
::redirect('install/index.php?mode=123&step=1&password=joh316');
258 $TYPO3_DB->connectDB();
262 // *******************************
263 // Checks for proper browser
264 // *******************************
265 if (!$CLIENT['BROWSER'] && !(TYPO3_REQUESTTYPE
& TYPO3_REQUESTTYPE_CLI
)) {
266 throw new RuntimeException('Browser Error: Your browser version looks incompatible with this TYPO3 version!', 1294587023);
270 // ****************************************************
271 // Include tables customization (tables + ext_tables)
272 // ****************************************************
273 include (TYPO3_tables_script ? PATH_typo3conf
.TYPO3_tables_script
: PATH_t3lib
.'stddb/tables.php');
274 // Extension additions
275 if ($TYPO3_LOADED_EXT['_CACHEFILE']) {
276 include (PATH_typo3conf
.$TYPO3_LOADED_EXT['_CACHEFILE'].'_ext_tables.php');
278 include (PATH_t3lib
.'stddb/load_ext_tables.php');
281 if (TYPO3_extTableDef_script
) {
282 include (PATH_typo3conf
.TYPO3_extTableDef_script
);
285 // Hook for postprocessing values set in extTables.php
286 if (is_array($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['GLOBAL']['extTablesInclusion-PostProcessing'])) {
287 foreach ($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['GLOBAL']['extTablesInclusion-PostProcessing'] as $_classRef) {
288 $hookObject = t3lib_div
::getUserObj($_classRef);
289 if (!$hookObject instanceof t3lib_extTables_PostProcessingHook
) {
290 throw new UnexpectedValueException('$hookObject must implement interface t3lib_extTables_PostProcessingHook', 1320585902);
292 $hookObject->processData();
297 // load TYPO3 SpriteGenerating API
298 $spriteManager = t3lib_div
::makeInstance('t3lib_SpriteManager', TRUE);
299 $spriteManager->loadCacheFile();
302 // *******************************
303 // BackEnd User authentication
304 // *******************************
307 if constant TYPO3_PROCEED_IF_NO_USER is defined TRUE (in the mainscript), this script will return even though a user did not log in!
309 $BE_USER = t3lib_div
::makeInstance('t3lib_beUserAuth'); // New backend user object
310 $BE_USER->warningEmail
= $TYPO3_CONF_VARS['BE']['warning_email_addr'];
311 $BE_USER->lockIP
= $TYPO3_CONF_VARS['BE']['lockIP'];
312 $BE_USER->auth_timeout_field
= intval($TYPO3_CONF_VARS['BE']['sessionTimeout']);
313 $BE_USER->OS
= TYPO3_OS
;
314 if (TYPO3_REQUESTTYPE
& TYPO3_REQUESTTYPE_CLI
) {
315 $BE_USER->dontSetCookie
= TRUE;
317 $BE_USER->start(); // Object is initialized
318 $BE_USER->checkCLIuser();
319 $BE_USER->backendCheckLogin(); // Checking if there's a user logged in
321 // Setting the web- and filemount global vars:
322 $WEBMOUNTS = $BE_USER->returnWebmounts(); // ! WILL INCLUDE deleted mount pages as well!
323 $FILEMOUNTS = $BE_USER->returnFilemounts();
325 // *******************************
326 // $GLOBALS['LANG'] initialisation
327 // *******************************
328 // $GLOBALS needed here ?? we still are in the global scope.
330 $GLOBALS['LANG'] = t3lib_div
::makeInstance('language');
331 $GLOBALS['LANG']->init($BE_USER->uc
['lang']);
337 if (extension_loaded('zlib') && $TYPO3_CONF_VARS['BE']['compressionLevel']) {
338 if (t3lib_utility_Math
::canBeInterpretedAsInteger($TYPO3_CONF_VARS['BE']['compressionLevel'])) {
339 @ini_set
('zlib.output_compression_level', $TYPO3_CONF_VARS['BE']['compressionLevel']);
341 ob_start('ob_gzhandler');