4eab5c7fc943d8817f0d77b9d634fb89e0a474b0
[Packages/TYPO3.CMS.git] / typo3 / sysext / backend / Classes / Controller / LoginController.php
1 <?php
2 namespace TYPO3\CMS\Backend\Controller;
3
4 /**
5 * This file is part of the TYPO3 CMS project.
6 *
7 * It is free software; you can redistribute it and/or modify it under
8 * the terms of the GNU General Public License, either version 2
9 * of the License, or any later version.
10 *
11 * For the full copyright and license information, please read the
12 * LICENSE.txt file that was distributed with this source code.
13 *
14 * The TYPO3 project - inspiring people to share!
15 */
16
17 use TYPO3\CMS\Backend\Utility\BackendUtility;
18 use TYPO3\CMS\Backend\Utility\IconUtility;
19 use TYPO3\CMS\Core\Html\HtmlParser;
20 use TYPO3\CMS\Core\Messaging\FlashMessage;
21 use TYPO3\CMS\Core\Utility\GeneralUtility;
22 use TYPO3\CMS\Core\Utility\HttpUtility;
23
24 /**
25 * Script Class for rendering the login form
26 *
27 * @author Kasper Skårhøj <kasperYYYY@typo3.com>
28 */
29 class LoginController {
30
31 const SIGNAL_RenderLoginForm = 'renderLoginForm';
32
33 /**
34 * The URL to redirect to after login.
35 *
36 * @var string
37 */
38 public $redirect_url;
39
40 /**
41 * Defines which interface to load (from interface selector)
42 *
43 * @var string
44 */
45 public $GPinterface;
46
47 /**
48 * preset username
49 *
50 * @var string
51 */
52 public $u;
53
54 /**
55 * preset password
56 *
57 * @var string
58 */
59 public $p;
60
61 /**
62 * OpenID URL submitted by form
63 *
64 * @var string
65 */
66 protected $openIdUrl;
67
68 /**
69 * If "L" is "OUT", then any logged in used is logged out. If redirect_url is given, we redirect to it
70 *
71 * @var string
72 */
73 public $L;
74
75 /**
76 * Login-refresh boolean; The backend will call this script
77 * with this value set when the login is close to being expired
78 * and the form needs to be redrawn.
79 *
80 * @var bool
81 */
82 public $loginRefresh;
83
84 /**
85 * Value of forms submit button for login.
86 *
87 * @var string
88 */
89 public $commandLI;
90
91 /**
92 * Set to the redirect URL of the form (may be redirect_url or "backend.php")
93 *
94 * @var string
95 */
96 public $redirectToURL;
97
98 /**
99 * Content accumulation
100 *
101 * @var string
102 */
103 public $content;
104
105 /**
106 * A selector box for selecting value for "interface" may be rendered into this variable
107 *
108 * @var string
109 */
110 public $interfaceSelector;
111
112 /**
113 * A selector box for selecting value for "interface" may be rendered into this variable
114 * this will have an onchange action which will redirect the user to the selected interface right away
115 *
116 * @var string
117 */
118 public $interfaceSelector_jump;
119
120 /**
121 * A hidden field, if the interface is not set.
122 *
123 * @var string
124 */
125 public $interfaceSelector_hidden;
126
127 /**
128 * Additional hidden fields to be placed at the login form
129 *
130 * @var string
131 */
132 public $addFields_hidden = '';
133
134 /**
135 * Sets the level of security. *'normal' = clear-text. 'challenged' = hashed
136 * password/username from form in $formfield_uident. 'superchallenged' = hashed password hashed again with username.
137 *
138 * @var string
139 */
140 public $loginSecurityLevel = 'superchallenged';
141
142 /**
143 * @var \TYPO3\CMS\Extbase\SignalSlot\Dispatcher
144 */
145 protected $signalSlotDispatcher;
146
147 /**
148 * Constructor
149 */
150 public function __construct() {
151 $this->init();
152 }
153
154 /**
155 * Initialize the login box. Will also react on a &L=OUT flag and exit.
156 *
157 * @return void
158 */
159 public function init() {
160 // We need a PHP session session for most login levels
161 session_start();
162 $this->redirect_url = GeneralUtility::sanitizeLocalUrl(GeneralUtility::_GP('redirect_url'));
163 $this->GPinterface = GeneralUtility::_GP('interface');
164 // Grabbing preset username and password, for security reasons this feature only works if SSL is used
165 if (GeneralUtility::getIndpEnv('TYPO3_SSL')) {
166 $this->u = GeneralUtility::_GP('u');
167 $this->p = GeneralUtility::_GP('p');
168 $this->openIdUrl = GeneralUtility::_GP('openid_url');
169 }
170 // If "L" is "OUT", then any logged in is logged out. If redirect_url is given, we redirect to it
171 $this->L = GeneralUtility::_GP('L');
172 // Login
173 $this->loginRefresh = GeneralUtility::_GP('loginRefresh');
174 // Value of "Login" button. If set, the login button was pressed.
175 $this->commandLI = GeneralUtility::_GP('commandLI');
176 // Sets the level of security from conf vars
177 if ($GLOBALS['TYPO3_CONF_VARS']['BE']['loginSecurityLevel']) {
178 $this->loginSecurityLevel = $GLOBALS['TYPO3_CONF_VARS']['BE']['loginSecurityLevel'];
179 }
180 // Try to get the preferred browser language
181 $preferredBrowserLanguage = $GLOBALS['LANG']->csConvObj->getPreferredClientLanguage(GeneralUtility::getIndpEnv('HTTP_ACCEPT_LANGUAGE'));
182 // If we found a $preferredBrowserLanguage and it is not the default language and no be_user is logged in
183 // initialize $GLOBALS['LANG'] again with $preferredBrowserLanguage
184 if ($preferredBrowserLanguage !== 'default' && empty($GLOBALS['BE_USER']->user['uid'])) {
185 $GLOBALS['LANG']->init($preferredBrowserLanguage);
186 }
187 $GLOBALS['LANG']->includeLLFile('EXT:lang/locallang_login.xlf');
188 // Setting the redirect URL to "backend.php" if no alternative input is given
189 $this->redirectToURL = $this->redirect_url ?: 'backend.php';
190 // Do a logout if the command is set
191 if ($this->L == 'OUT' && is_object($GLOBALS['BE_USER'])) {
192 $GLOBALS['BE_USER']->logoff();
193 HttpUtility::redirect($this->redirect_url);
194 }
195 }
196
197 /**
198 * Main function - creating the login/logout form
199 *
200 * @return void
201 */
202 public function main() {
203 // Initialize template object:
204 $GLOBALS['TBE_TEMPLATE']->moduleTemplate = $GLOBALS['TBE_TEMPLATE']->getHtmlTemplate('EXT:backend/Resources/Private/Templates/login.html');
205 /** @var $pageRenderer \TYPO3\CMS\Core\Page\PageRenderer */
206 $pageRenderer = $GLOBALS['TBE_TEMPLATE']->getPageRenderer();
207 $pageRenderer->loadJquery();
208
209 // support placeholders for IE9 and lower
210 $clientInfo = GeneralUtility::clientInfo();
211 if ($clientInfo['BROWSER'] == 'msie' && $clientInfo['VERSION'] <= 9) {
212 $pageRenderer->addJsLibrary('placeholders', 'contrib/placeholdersjs/placeholders.jquery.min.js');
213 }
214
215 $pageRenderer->loadRequireJsModule('TYPO3/CMS/Backend/Login');
216 if (is_array($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['typo3/index.php']['loginScriptHook'])) {
217 foreach ($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['typo3/index.php']['loginScriptHook'] as $function) {
218 $params = array();
219 $JSCode = GeneralUtility::callUserFunction($function, $params, $this);
220 if ($JSCode) {
221 $GLOBALS['TBE_TEMPLATE']->JScode .= $JSCode;
222 break;
223 }
224 }
225 }
226
227 // Checking, if we should make a redirect.
228 // Might set JavaScript in the header to close window.
229 $this->checkRedirect();
230 // Initialize interface selectors:
231 $this->makeInterfaceSelectorBox();
232 // Creating form based on whether there is a login or not:
233 if (empty($GLOBALS['BE_USER']->user['uid'])) {
234 $GLOBALS['TBE_TEMPLATE']->form = $this->startForm();
235 $loginForm = $this->makeLoginForm();
236 } else {
237 $GLOBALS['TBE_TEMPLATE']->form = '
238 <form action="index.php" method="post" name="loginform">
239 <input type="hidden" name="login_status" value="logout" />
240 ';
241 $loginForm = $this->makeLogoutForm();
242 }
243 // Starting page:
244 $this->content .= $GLOBALS['TBE_TEMPLATE']->startPage('TYPO3 CMS Login: ' . $GLOBALS['TYPO3_CONF_VARS']['SYS']['sitename'], FALSE);
245 // Add login form:
246 $this->content .= $this->wrapLoginForm($loginForm);
247 $this->content .= $GLOBALS['TBE_TEMPLATE']->endPage();
248 }
249
250 /**
251 * Outputting the accumulated content to screen
252 *
253 * @return void
254 */
255 public function printContent() {
256 echo $this->content;
257 }
258
259 /*****************************
260 *
261 * Various functions
262 *
263 ******************************/
264 /**
265 * Creates the login form
266 * This is drawn when NO login exists.
267 *
268 * @return string HTML output
269 */
270 public function makeLoginForm() {
271 $content = HtmlParser::getSubpart($GLOBALS['TBE_TEMPLATE']->moduleTemplate, '###LOGIN_FORM###');
272 $markers = array(
273 'VALUE_USERNAME' => htmlspecialchars($this->u),
274 'VALUE_PASSWORD' => htmlspecialchars($this->p),
275 'VALUE_OPENID_URL' => htmlspecialchars($this->openIdUrl),
276 'VALUE_SUBMIT' => $GLOBALS['LANG']->getLL('labels.submitLogin', TRUE)
277 );
278 // Show an error message if the login command was successful already, otherwise remove the subpart
279 if (!$this->isLoginInProgress()) {
280 $content = HtmlParser::substituteSubpart($content, '###LOGIN_ERROR###', '');
281 } else {
282 $markers['ERROR_MESSAGE'] = $GLOBALS['LANG']->getLL('error.login', TRUE);
283 $markers['ERROR_LOGIN_TITLE'] = $GLOBALS['LANG']->getLL('error.login.title', TRUE);
284 $markers['ERROR_LOGIN_DESCRIPTION'] = $GLOBALS['LANG']->getLL('error.login.description', TRUE);
285 }
286 // Remove the interface selector markers if it's not available
287 if (!($this->interfaceSelector && !$this->loginRefresh)) {
288 $content = HtmlParser::substituteSubpart($content, '###INTERFACE_SELECTOR###', '');
289 } else {
290 $markers['LABEL_INTERFACE'] = $GLOBALS['LANG']->getLL('labels.interface', TRUE);
291 $markers['VALUE_INTERFACE'] = $this->interfaceSelector;
292 }
293 return HtmlParser::substituteMarkerArray($content, $markers, '###|###');
294 }
295
296 /**
297 * Creates the logout form
298 * This is drawn if a user login already exists.
299 *
300 * @return string HTML output
301 */
302 public function makeLogoutForm() {
303 $content = HtmlParser::getSubpart($GLOBALS['TBE_TEMPLATE']->moduleTemplate, '###LOGOUT_FORM###');
304 $markers = array(
305 'LABEL_USERNAME' => $GLOBALS['LANG']->getLL('labels.username', TRUE),
306 'VALUE_USERNAME' => htmlspecialchars($GLOBALS['BE_USER']->user['username']),
307 'VALUE_SUBMIT' => $GLOBALS['LANG']->getLL('labels.submitLogout', TRUE)
308 );
309 // Remove the interface selector markers if it's not available
310 if (!$this->interfaceSelector_jump) {
311 $content = HtmlParser::substituteSubpart($content, '###INTERFACE_SELECTOR###', '');
312 } else {
313 $markers['LABEL_INTERFACE'] = $GLOBALS['LANG']->getLL('labels.interface', TRUE);
314 $markers['VALUE_INTERFACE'] = $this->interfaceSelector_jump;
315 }
316 return HtmlParser::substituteMarkerArray($content, $markers, '###|###');
317 }
318
319 /**
320 * Wrapping the login form table in another set of tables etc:
321 *
322 * @param string $content HTML content for the login form
323 * @return string The HTML for the page.
324 */
325 public function wrapLoginForm($content) {
326 $mainContent = HtmlParser::getSubpart($GLOBALS['TBE_TEMPLATE']->moduleTemplate, '###PAGE###');
327
328 if ($GLOBALS['TBE_STYLES']['logo_login']) {
329 $logo = '<img src="' . htmlspecialchars(($GLOBALS['BACK_PATH'] . $GLOBALS['TBE_STYLES']['logo_login'])) . '" alt="" class="t3-login-logo" />';
330 } else {
331 $logo = '<img' . IconUtility::skinImg($GLOBALS['BACK_PATH'], 'gfx/typo3-transparent@2x.png', 'width="140" height="39"') . ' alt="" class="t3-login-logo t3-default-logo" />';
332 }
333
334 $additionalCssClasses = array();
335 if ($this->isLoginInProgress()) {
336 $additionalCssClasses[] = 'error';
337 }
338 if ($this->loginRefresh) {
339 $additionalCssClasses[] = 'refresh';
340 }
341 $markers = array(
342 'LOGO' => $logo,
343 'LOGINBOX_IMAGE' => '',
344 'FORM' => $content,
345 'NEWS' => $this->makeLoginNews(),
346 'COPYRIGHT' => BackendUtility::TYPO3_copyRightNotice($GLOBALS['TYPO3_CONF_VARS']['SYS']['loginCopyrightShowVersion']),
347 'CSS_CLASSES' => !empty($additionalCssClasses) ? 'class="' . implode(' ', $additionalCssClasses) . '"' : '',
348 'CSS_OPENIDCLASS' => 't3-login-openid-' . (\TYPO3\CMS\Core\Utility\ExtensionManagementUtility::isLoaded('openid') ? 'enabled' : 'disabled'),
349 // The labels will be replaced later on, thus the other parts above
350 // can use these markers as well and it will be replaced
351 'HEADLINE' => $GLOBALS['LANG']->getLL('headline', TRUE),
352 'INFO_ABOUT' => $GLOBALS['LANG']->getLL('info.about', TRUE),
353 'INFO_RELOAD' => $GLOBALS['LANG']->getLL('info.reset', TRUE),
354 'INFO' => $GLOBALS['LANG']->getLL('info.cookies_and_js', TRUE),
355 'ERROR_JAVASCRIPT' => $GLOBALS['LANG']->getLL('error.javascript', TRUE),
356 'ERROR_COOKIES' => $GLOBALS['LANG']->getLL('error.cookies', TRUE),
357 'ERROR_COOKIES_IGNORE' => $GLOBALS['LANG']->getLL('error.cookies_ignore', TRUE),
358 'ERROR_CAPSLOCK' => $GLOBALS['LANG']->getLL('error.capslock', TRUE),
359 'ERROR_FURTHERHELP' => $GLOBALS['LANG']->getLL('error.furtherInformation', TRUE),
360 'LABEL_DONATELINK' => $GLOBALS['LANG']->getLL('labels.donate', TRUE),
361 'LABEL_USERNAME' => $GLOBALS['LANG']->getLL('labels.username', TRUE),
362 'LABEL_OPENID' => $GLOBALS['LANG']->getLL('labels.openId', TRUE),
363 'LABEL_PASSWORD' => $GLOBALS['LANG']->getLL('labels.password', TRUE),
364 'LABEL_WHATISOPENID' => $GLOBALS['LANG']->getLL('labels.whatIsOpenId', TRUE),
365 'LABEL_SWITCHOPENID' => $GLOBALS['LANG']->getLL('labels.switchToOpenId', TRUE),
366 'LABEL_SWITCHDEFAULT' => $GLOBALS['LANG']->getLL('labels.switchToDefault', TRUE),
367 'CLEAR' => $GLOBALS['LANG']->getLL('clear', TRUE),
368 'LOGIN_PROCESS' => $GLOBALS['LANG']->getLL('login_process', TRUE),
369 'SITELINK' => '<a href="/">###SITENAME###</a>',
370 // Global variables will now be replaced (at last)
371 'SITENAME' => htmlspecialchars($GLOBALS['TYPO3_CONF_VARS']['SYS']['sitename'])
372 );
373 $markers = $this->emitRenderLoginFormSignal($markers);
374 return HtmlParser::substituteMarkerArray($mainContent, $markers, '###|###');
375 }
376
377 /**
378 * Checking, if we should perform some sort of redirection OR closing of windows.
379 *
380 * @return void
381 */
382 public function checkRedirect() {
383 // Do redirect:
384 // If a user is logged in AND a) if either the login is just done (isLoginInProgress) or b) a loginRefresh is done or c) the interface-selector is NOT enabled (If it is on the other hand, it should not just load an interface, because people has to choose then...)
385 if (!empty($GLOBALS['BE_USER']->user['uid']) && ($this->isLoginInProgress() || $this->loginRefresh || !$this->interfaceSelector)) {
386 // If no cookie has been set previously we tell people that this is a problem. This assumes that a cookie-setting script (like this one) has been hit at least once prior to this instance.
387 if (!$_COOKIE[\TYPO3\CMS\Core\Authentication\BackendUserAuthentication::getCookieName()]) {
388 if ($this->commandLI == 'setCookie') {
389 // we tried it a second time but still no cookie
390 // 26/4 2005: This does not work anymore, because the saving of challenge values in $_SESSION means the system will act as if the password was wrong.
391 throw new \RuntimeException('Login-error: Yeah, that\'s a classic. No cookies, no TYPO3.<br /><br />Please accept cookies from TYPO3 - otherwise you\'ll not be able to use the system.', 1294586846);
392 } else {
393 // try it once again - that might be needed for auto login
394 $this->redirectToURL = 'index.php?commandLI=setCookie';
395 }
396 }
397 if ($redirectToURL = (string)$GLOBALS['BE_USER']->getTSConfigVal('auth.BE.redirectToURL')) {
398 $this->redirectToURL = $redirectToURL;
399 $this->GPinterface = '';
400 }
401 // store interface
402 $GLOBALS['BE_USER']->uc['interfaceSetup'] = $this->GPinterface;
403 $GLOBALS['BE_USER']->writeUC();
404 // Based on specific setting of interface we set the redirect script:
405 switch ($this->GPinterface) {
406 case 'backend':
407 $this->redirectToURL = 'backend.php';
408 break;
409 case 'frontend':
410 $this->redirectToURL = '../';
411 break;
412 }
413 /** @var $formProtection \TYPO3\CMS\Core\FormProtection\BackendFormProtection */
414 $formProtection = \TYPO3\CMS\Core\FormProtection\FormProtectionFactory::get();
415 // If there is a redirect URL AND if loginRefresh is not set...
416 if (!$this->loginRefresh) {
417 $formProtection->storeSessionTokenInRegistry();
418 HttpUtility::redirect($this->redirectToURL);
419 } else {
420 $formProtection->setSessionTokenFromRegistry();
421 $formProtection->persistSessionToken();
422 $GLOBALS['TBE_TEMPLATE']->JScode .= $GLOBALS['TBE_TEMPLATE']->wrapScriptTags('
423 if (parent.opener && (parent.opener.busy || parent.opener.TYPO3.loginRefresh)) {
424 if (parent.opener.TYPO3.loginRefresh) {
425 parent.opener.TYPO3.loginRefresh.startTimer();
426 } else {
427 parent.opener.busy.loginRefreshed();
428 }
429 parent.close();
430 }
431 ');
432 }
433 } elseif (empty($GLOBALS['BE_USER']->user['uid']) && $this->isLoginInProgress()) {
434 // Wrong password, wait for 5 seconds
435 sleep(5);
436 }
437 }
438
439 /**
440 * Making interface selector:
441 *
442 * @return void
443 */
444 public function makeInterfaceSelectorBox() {
445 // Reset variables:
446 $this->interfaceSelector = '';
447 $this->interfaceSelector_hidden = '';
448 $this->interfaceSelector_jump = '';
449 // If interfaces are defined AND no input redirect URL in GET vars:
450 if ($GLOBALS['TYPO3_CONF_VARS']['BE']['interfaces'] && ($this->isLoginInProgress() || !$this->redirect_url)) {
451 $parts = GeneralUtility::trimExplode(',', $GLOBALS['TYPO3_CONF_VARS']['BE']['interfaces']);
452 // Only if more than one interface is defined will we show the selector:
453 if (count($parts) > 1) {
454 // Initialize:
455 $labels = array(
456 'backend' => $GLOBALS['LANG']->getLL('interface.backend'),
457 'frontend' => $GLOBALS['LANG']->getLL('interface.frontend')
458 );
459 $jumpScript = array(
460 'backend' => 'backend.php',
461 'frontend' => '../'
462 );
463 // Traverse the interface keys:
464 foreach ($parts as $valueStr) {
465 $this->interfaceSelector .= '
466 <option value="' . htmlspecialchars($valueStr) . '"' . (GeneralUtility::_GP('interface') == htmlspecialchars($valueStr) ? ' selected="selected"' : '') . '>' . htmlspecialchars($labels[$valueStr]) . '</option>';
467 $this->interfaceSelector_jump .= '
468 <option value="' . htmlspecialchars($jumpScript[$valueStr]) . '">' . htmlspecialchars($labels[$valueStr]) . '</option>';
469 }
470 $this->interfaceSelector = '
471 <select id="t3-interfaceselector" name="interface" class="form-control t3-interfaces input-lg" tabindex="3">' . $this->interfaceSelector . '
472 </select>';
473 $this->interfaceSelector_jump = '
474 <select id="t3-interfaceselector" name="interface" class="form-control t3-interfaces input-lg" tabindex="3" onchange="window.location.href=this.options[this.selectedIndex].value;">' . $this->interfaceSelector_jump . '
475 </select>';
476 } elseif (!$this->redirect_url) {
477 // If there is only ONE interface value set and no redirect_url is present:
478 $this->interfaceSelector_hidden = '<input type="hidden" name="interface" value="' . trim($GLOBALS['TYPO3_CONF_VARS']['BE']['interfaces']) . '" />';
479 }
480 }
481 }
482
483 /**
484 * Returns the login box image, whether the default or an image from the rotation folder.
485 *
486 * @return string HTML image tag.
487 * @deprecated since 6.3, see Deprecation-60559-MakeLoginBoxImage.rst
488 */
489 public function makeLoginBoxImage() {
490 GeneralUtility::logDeprecatedFunction();
491 return '';
492 }
493
494 /**
495 * Make login news - renders the HTML content for a list of news shown under
496 * the login form. News data is added through sys_news records
497 *
498 * @return string HTML content
499 * @credits Idea by Jan-Hendrik Heuing
500 */
501 public function makeLoginNews() {
502 $newsContent = '';
503 $systemNews = $this->getSystemNews();
504 // Traverse news array IF there are records in it:
505 if (is_array($systemNews) && count($systemNews) && !GeneralUtility::_GP('loginRefresh')) {
506 /** @var $htmlParser \TYPO3\CMS\Core\Html\RteHtmlParser */
507 $htmlParser = GeneralUtility::makeInstance('TYPO3\\CMS\\Core\\Html\\RteHtmlParser');
508 $htmlParser->procOptions['dontHSC_rte'] = TRUE;
509
510 // Get the main news template, and replace the subpart after looped through
511 $newsContent = HtmlParser::getSubpart($GLOBALS['TBE_TEMPLATE']->moduleTemplate, '###LOGIN_NEWS###');
512 $newsItemTemplate = HtmlParser::getSubpart($newsContent, '###NEWS_ITEM###');
513 $newsItem = '';
514 $count = 1;
515 foreach ($systemNews as $newsItemData) {
516 $additionalClass = '';
517 if ($count === 1) {
518 $additionalClass = ' first-item';
519 } elseif ($count === count($systemNews)) {
520 $additionalClass = ' last-item';
521 }
522 $newsItemContent = $htmlParser->TS_transform_rte($htmlParser->TS_links_rte($newsItemData['content']));
523 $newsItemMarker = array(
524 '###HEADER###' => htmlspecialchars($newsItemData['header']),
525 '###DATE###' => htmlspecialchars($newsItemData['date']),
526 '###CONTENT###' => $newsItemContent,
527 '###CLASS###' => $additionalClass
528 );
529 $count++;
530 $newsItem .= HtmlParser::substituteMarkerArray($newsItemTemplate, $newsItemMarker);
531 }
532 $title = $GLOBALS['TYPO3_CONF_VARS']['BE']['loginNewsTitle'] ? $GLOBALS['TYPO3_CONF_VARS']['BE']['loginNewsTitle'] : $GLOBALS['LANG']->getLL('newsheadline');
533 $newsContent = HtmlParser::substituteMarker($newsContent, '###NEWS_HEADLINE###', htmlspecialchars($title));
534 $newsContent = HtmlParser::substituteSubpart($newsContent, '###NEWS_ITEM###', $newsItem);
535 }
536 return $newsContent;
537 }
538
539 /**
540 * Gets news from sys_news and converts them into a format suitable for
541 * showing them at the login screen.
542 *
543 * @return array An array of login news.
544 */
545 protected function getSystemNews() {
546 $systemNewsTable = 'sys_news';
547 $systemNews = array();
548 $systemNewsRecords = $GLOBALS['TYPO3_DB']->exec_SELECTgetRows('title, content, crdate', $systemNewsTable, '1=1' . BackendUtility::BEenableFields($systemNewsTable) . BackendUtility::deleteClause($systemNewsTable), '', 'crdate DESC');
549 foreach ($systemNewsRecords as $systemNewsRecord) {
550 $systemNews[] = array(
551 'date' => date($GLOBALS['TYPO3_CONF_VARS']['SYS']['ddmmyy'], $systemNewsRecord['crdate']),
552 'header' => $systemNewsRecord['title'],
553 'content' => $systemNewsRecord['content']
554 );
555 }
556 return $systemNews;
557 }
558
559 /**
560 * Returns the form tag
561 *
562 * @return string Opening form tag string
563 */
564 public function startForm() {
565 $output = '';
566 // The form defaults to 'no login'. This prevents plain
567 // text logins to the Backend. The 'sv' extension changes the form to
568 // use superchallenged method and rsaauth extension makes rsa authentication.
569 $form = '<form action="index.php" method="post" name="loginform" ' . 'onsubmit="alert(\'No authentication methods available. Please, contact your TYPO3 administrator.\');return false">';
570 // Call hooks. If they do not return anything, we fail to login
571 if (is_array($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['typo3/index.php']['loginFormHook'])) {
572 foreach ($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['typo3/index.php']['loginFormHook'] as $function) {
573 $params = array();
574 $formCode = GeneralUtility::callUserFunction($function, $params, $this);
575 if ($formCode) {
576 $form = $formCode;
577 break;
578 }
579 }
580 }
581 $output .= $form . '<input type="hidden" name="login_status" value="login" />' .
582 '<input type="hidden" id="t3-field-userident" name="userident" value="" />' .
583 '<input type="hidden" name="redirect_url" value="' . htmlspecialchars($this->redirectToURL) . '" />' .
584 '<input type="hidden" name="loginRefresh" value="' . htmlspecialchars($this->loginRefresh) . '" />' .
585 $this->interfaceSelector_hidden . $this->addFields_hidden;
586 return $output;
587 }
588
589 /**
590 * Creates JavaScript for the login form
591 *
592 * @return string JavaScript code
593 * @deprecated since TYPO3 6.3, not in use anymore
594 */
595 public function getJScode() {
596 GeneralUtility::logDeprecatedFunction();
597 }
598
599 /**
600 * Checks if login credentials are currently submitted
601 *
602 * @return bool
603 */
604 protected function isLoginInProgress() {
605 $username = GeneralUtility::_GP('username');
606 return !(empty($username) && empty($this->commandLI));
607 }
608
609 /**
610 * Emits the render login form signal
611 *
612 * @param array $markers Array with markers for the login form
613 * @return array Modified markers array
614 */
615 protected function emitRenderLoginFormSignal(array $markers) {
616 $signalArguments = $this->getSignalSlotDispatcher()->dispatch('TYPO3\\CMS\\Backend\\Controller\\LoginController', self::SIGNAL_RenderLoginForm, array($this, $markers));
617 return $signalArguments[1];
618 }
619
620 /**
621 * Get the SignalSlot dispatcher
622 *
623 * @return \TYPO3\CMS\Extbase\SignalSlot\Dispatcher
624 */
625 protected function getSignalSlotDispatcher() {
626 if (!isset($this->signalSlotDispatcher)) {
627 $this->signalSlotDispatcher = $this->getObjectManager()->get('TYPO3\\CMS\\Extbase\\SignalSlot\\Dispatcher');
628 }
629 return $this->signalSlotDispatcher;
630 }
631
632 /**
633 * Get the ObjectManager
634 *
635 * @return \TYPO3\CMS\Extbase\Object\ObjectManager
636 */
637 protected function getObjectManager() {
638 return GeneralUtility::makeInstance('TYPO3\\CMS\\Extbase\\Object\\ObjectManager');
639 }
640
641 }