[BUGFIX] stdWrap numRows fails due to wrong SELECT clause
[Packages/TYPO3.CMS.git] / t3lib / class.t3lib_tsfebeuserauth.php
1 <?php
2 /***************************************************************
3 * Copyright notice
4 *
5 * (c) 1999-2011 Kasper Skårhøj (kasperYYYY@typo3.com)
6 * All rights reserved
7 *
8 * This script is part of the TYPO3 project. The TYPO3 project is
9 * free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
13 *
14 * The GNU General Public License can be found at
15 * http://www.gnu.org/copyleft/gpl.html.
16 * A copy is found in the textfile GPL.txt and important notices to the license
17 * from the author is found in LICENSE.txt distributed with these scripts.
18 *
19 *
20 * This script is distributed in the hope that it will be useful,
21 * but WITHOUT ANY WARRANTY; without even the implied warranty of
22 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
23 * GNU General Public License for more details.
24 *
25 * This copyright notice MUST APPEAR in all copies of the script!
26 ***************************************************************/
27 /**
28 * Class for TYPO3 backend user authentication in the TSFE frontend
29 *
30 * Revised for TYPO3 3.6 July/2003 by Kasper Skårhøj
31 * XHTML compliant
32 *
33 * @author Kasper Skårhøj <kasperYYYY@typo3.com>
34 */
35
36 /**
37 * TYPO3 backend user authentication in the TSFE frontend.
38 * This includes mainly functions related to the Admin Panel
39 *
40 * @author Kasper Skårhøj <kasperYYYY@typo3.com>
41 * @package TYPO3
42 * @subpackage t3lib
43 */
44 class t3lib_tsfeBeUserAuth extends t3lib_beUserAuth {
45 /**
46 * Form field with login name.
47 *
48 * @var string
49 */
50 public $formfield_uname = '';
51
52 /**
53 * Form field with password.
54 *
55 * @var string
56 */
57 public $formfield_uident = '';
58
59 /**
60 * Form field with a unique value which is used to encrypt the password and username.
61 *
62 * @var string
63 */
64 public $formfield_chalvalue = '';
65
66 /**
67 * Sets the level of security. *'normal' = clear-text. 'challenged' = hashed password/username.
68 * from form in $formfield_uident. 'superchallenged' = hashed password hashed again with username.
69 *
70 * @var string
71 * @deprecated since 4.7 will be removed in 6.1
72 */
73 public $security_level = '';
74
75 /**
76 * Decides if the writelog() function is called at login and logout.
77 *
78 * @var boolean
79 */
80 public $writeStdLog = FALSE;
81
82 /**
83 * If the writelog() functions is called if a login-attempt has be tried without success.
84 *
85 * @var boolean
86 */
87 public $writeAttemptLog = FALSE;
88
89 /**
90 * Array of page related information (uid, title, depth).
91 *
92 * @var array
93 */
94 public $extPageInTreeInfo = array();
95
96 /**
97 * General flag which is set if the adminpanel should be displayed at all.
98 *
99 * @var boolean
100 */
101 public $extAdmEnabled = FALSE;
102
103 /**
104 * Instance of the admin panel
105 *
106 * @var tslib_AdminPanel
107 */
108 public $adminPanel = NULL;
109
110 /**
111 * Class for frontend editing.
112 *
113 * @var t3lib_frontendedit
114 */
115 public $frontendEdit = NULL;
116
117 /**
118 * Initializes the admin panel.
119 *
120 * @return void
121 */
122 public function initializeAdminPanel() {
123 $this->extAdminConfig = $this->getTSConfigProp('admPanel');
124
125 if (isset($this->extAdminConfig['enable.'])) {
126 foreach ($this->extAdminConfig['enable.'] as $key => $value) {
127 if ($value) {
128 $this->adminPanel = t3lib_div::makeInstance('tslib_AdminPanel');
129 $this->extAdmEnabled = TRUE;
130
131 break;
132 }
133 }
134 }
135 }
136
137 /**
138 * Initializes frontend editing.
139 *
140 * @return void
141 */
142 public function initializeFrontendEdit() {
143 if (isset($this->extAdminConfig['enable.']) && $this->isFrontendEditingActive()) {
144 foreach ($this->extAdminConfig['enable.'] as $key => $value) {
145 if ($value) {
146 if ($GLOBALS['TSFE'] instanceof tslib_fe) {
147 // Grab the Page TSConfig property that determines which controller to use.
148 $pageTSConfig = $GLOBALS['TSFE']->getPagesTSconfig();
149 $controllerKey = isset($pageTSConfig['TSFE.']['frontendEditingController']) ? $pageTSConfig['TSFE.']['frontendEditingController'] : 'default';
150 } else {
151 $controllerKey = 'default';
152 }
153
154 $controllerClass = $GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['t3lib/class.t3lib_tsfebeuserauth.php']['frontendEditingController'][$controllerKey];
155 if ($controllerClass) {
156 $this->frontendEdit = t3lib_div::getUserObj($controllerClass, FALSE);
157 }
158
159 break;
160 }
161 }
162 }
163 }
164
165 /**
166 * Determines whether frontend editing is currently active.
167 *
168 * @return boolean Wheter frontend editing is active
169 */
170 public function isFrontendEditingActive() {
171 return ($this->extAdmEnabled
172 && ($this->adminPanel->isAdminModuleEnabled('edit') && $this->adminPanel->isAdminModuleOpen('edit')
173 || $GLOBALS['TSFE']->displayEditIcons == 1)
174 );
175 }
176
177 /**
178 * Delegates to the appropriate view and renders the admin panel content.
179 *
180 * @return string.
181 */
182 public function displayAdminPanel() {
183 $content = $this->adminPanel->display();
184
185 return $content;
186 }
187
188 /**
189 * Determines whether the admin panel is enabled and visible.
190 *
191 * @return boolean Whether the admin panel is enabled and visible
192 */
193 public function isAdminPanelVisible() {
194 return ($this->extAdmEnabled && !$this->extAdminConfig['hide'] && $GLOBALS['TSFE']->config['config']['admPanel']);
195 }
196
197 /*****************************************************
198 *
199 * TSFE BE user Access Functions
200 *
201 ****************************************************/
202
203 /**
204 * Implementing the access checks that the typo3/init.php script does before a user is ever logged in.
205 * Used in the frontend.
206 *
207 * @return boolean Returns TRUE if access is OK
208 * @see typo3/init.php, t3lib_beuserauth::backendCheckLogin()
209 */
210 public function checkBackendAccessSettingsFromInitPhp() {
211 // Check Hardcoded lock on BE
212 if ($GLOBALS['TYPO3_CONF_VARS']['BE']['adminOnly'] < 0) {
213 return FALSE;
214 }
215 // Check IP
216 if (trim($GLOBALS['TYPO3_CONF_VARS']['BE']['IPmaskList'])) {
217 if (!t3lib_div::cmpIP(t3lib_div::getIndpEnv('REMOTE_ADDR'), $GLOBALS['TYPO3_CONF_VARS']['BE']['IPmaskList'])) {
218 return FALSE;
219 }
220 }
221
222 // Check SSL (https)
223 if (intval($GLOBALS['TYPO3_CONF_VARS']['BE']['lockSSL']) && $GLOBALS['TYPO3_CONF_VARS']['BE']['lockSSL'] != 3) {
224 if (!t3lib_div::getIndpEnv('TYPO3_SSL')) {
225 return FALSE;
226 }
227 }
228
229 // Finally a check from t3lib_beuserauth::backendCheckLogin()
230 if ($this->isUserAllowedToLogin()) {
231 return TRUE;
232 } else {
233 return FALSE;
234 }
235 }
236
237 /**
238 * Evaluates if the Backend User has read access to the input page record.
239 * The evaluation is based on both read-permission and whether the page is found in one of the users webmounts. Only if both conditions are TRUE will the function return TRUE.
240 * Read access means that previewing is allowed etc.
241 * Used in index_ts.php
242 *
243 * @param array $pageRec The page record to evaluate for
244 * @return boolean TRUE if read access
245 */
246 public function extPageReadAccess($pageRec) {
247 return $this->isInWebMount($pageRec['uid']) && $this->doesUserHaveAccess($pageRec, 1);
248 }
249
250 /*****************************************************
251 *
252 * TSFE BE user Access Functions
253 *
254 ****************************************************/
255
256 /**
257 * Generates a list of Page-uid's from $id. List does not include $id itself
258 * The only pages excluded from the list are deleted pages.
259 *
260 * @param integer $id Start page id
261 * @param integer $depth Depth to traverse down the page tree.
262 * @param integer $begin Is an optional integer that determines at which level in the tree to start collecting uid's. Zero means 'start right away', 1 = 'next level and out'
263 * @param string $perms_clause Perms clause
264 * @return string Returns the list with a comma in the end (if any pages selected!)
265 */
266 public function extGetTreeList($id, $depth, $begin = 0, $perms_clause) {
267 $depth = intval($depth);
268 $begin = intval($begin);
269 $id = intval($id);
270 $theList = '';
271
272 if ($id && $depth > 0) {
273 $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery(
274 'uid,title',
275 'pages',
276 'pid=' . $id . ' AND doktype IN (' . $GLOBALS['TYPO3_CONF_VARS']['FE']['content_doktypes'] . ') AND deleted=0 AND ' . $perms_clause
277 );
278 while ($row = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res)) {
279 if ($begin <= 0) {
280 $theList .= $row['uid'] . ',';
281 $this->extPageInTreeInfo[] = array($row['uid'], htmlspecialchars($row['title'], $depth));
282 }
283 if ($depth > 1) {
284 $theList .= $this->extGetTreeList($row['uid'], $depth - 1, $begin - 1, $perms_clause);
285 }
286 }
287 $GLOBALS['TYPO3_DB']->sql_free_result($res);
288 }
289 return $theList;
290 }
291
292 /**
293 * Returns the number of cached pages for a page id.
294 *
295 * @param integer $pageId The page id.
296 * @return integer The number of pages for this page in the table "cache_pages"
297 */
298 public function extGetNumberOfCachedPages($pageId) {
299 $pageCache = $GLOBALS['typo3CacheManager']->getCache('cache_pages');
300 $pageCacheEntries = $pageCache->getByTag('pageId_' . (int)$pageId);
301 return count($pageCacheEntries);
302 }
303
304 /*****************************************************
305 *
306 * Localization handling
307 *
308 ****************************************************/
309
310 /**
311 * Returns the label for key, $key. If a translation for the language set in $this->uc['lang'] is found that is returned, otherwise the default value.
312 * IF the global variable $LOCAL_LANG is NOT an array (yet) then this function loads the global $LOCAL_LANG array with the content of "sysext/lang/locallang_tsfe.php" so that the values therein can be used for labels in the Admin Panel
313 *
314 * @param string $key Key for a label in the $GLOBALS['LOCAL_LANG'] array of "sysext/lang/locallang_tsfe.php"
315 * @return string The value for the $key
316 */
317 public function extGetLL($key) {
318 if (!is_array($GLOBALS['LOCAL_LANG'])) {
319 $GLOBALS['LANG']->includeLLFile('EXT:lang/locallang_tsfe.php');
320
321 if (!is_array($GLOBALS['LOCAL_LANG'])) {
322 $GLOBALS['LOCAL_LANG'] = array();
323 }
324 }
325
326 // Label string in the default backend output charset.
327 $labelStr = htmlspecialchars($GLOBALS['LANG']->getLL($key));
328
329 $labelStr = $GLOBALS['LANG']->csConvObj->utf8_to_entities($labelStr);
330
331 // Return the result:
332 return $labelStr;
333 }
334 }
335
336 ?>