[TASK] Replace csConvObj calls
[Packages/TYPO3.CMS.git] / typo3 / sysext / backend / Classes / FrontendBackendUserAuthentication.php
1 <?php
2 namespace TYPO3\CMS\Backend;
3
4 /*
5 * This file is part of the TYPO3 CMS project.
6 *
7 * It is free software; you can redistribute it and/or modify it under
8 * the terms of the GNU General Public License, either version 2
9 * of the License, or any later version.
10 *
11 * For the full copyright and license information, please read the
12 * LICENSE.txt file that was distributed with this source code.
13 *
14 * The TYPO3 project - inspiring people to share!
15 */
16
17 use TYPO3\CMS\Core\Cache\Frontend\FrontendInterface;
18 use TYPO3\CMS\Core\Charset\CharsetConverter;
19 use TYPO3\CMS\Core\Utility\GeneralUtility;
20 use TYPO3\CMS\Lang\LanguageService;
21
22 /**
23 * TYPO3 backend user authentication in the TSFE frontend.
24 * This includes mainly functions related to the Admin Panel
25 */
26 class FrontendBackendUserAuthentication extends \TYPO3\CMS\Core\Authentication\BackendUserAuthentication
27 {
28 /**
29 * Form field with login name.
30 *
31 * @var string
32 */
33 public $formfield_uname = '';
34
35 /**
36 * Form field with password.
37 *
38 * @var string
39 */
40 public $formfield_uident = '';
41
42 /**
43 * Decides if the writelog() function is called at login and logout.
44 *
45 * @var bool
46 */
47 public $writeStdLog = false;
48
49 /**
50 * If the writelog() functions is called if a login-attempt has be tried without success.
51 *
52 * @var bool
53 */
54 public $writeAttemptLog = false;
55
56 /**
57 * Array of page related information (uid, title, depth).
58 *
59 * @var array
60 */
61 public $extPageInTreeInfo = array();
62
63 /**
64 * General flag which is set if the adminpanel is enabled at all.
65 *
66 * @var bool
67 */
68 public $extAdmEnabled = false;
69
70 /**
71 * @var \TYPO3\CMS\Frontend\View\AdminPanelView Instance of admin panel
72 */
73 public $adminPanel = null;
74
75 /**
76 * @var \TYPO3\CMS\Core\FrontendEditing\FrontendEditingController
77 */
78 public $frontendEdit = null;
79
80 /**
81 * @var array
82 */
83 public $extAdminConfig = array();
84
85 /**
86 * Initializes the admin panel.
87 *
88 * @return void
89 */
90 public function initializeAdminPanel()
91 {
92 $this->extAdminConfig = $this->getTSConfigProp('admPanel');
93 if (isset($this->extAdminConfig['enable.'])) {
94 foreach ($this->extAdminConfig['enable.'] as $value) {
95 if ($value) {
96 $this->adminPanel = GeneralUtility::makeInstance(\TYPO3\CMS\Frontend\View\AdminPanelView::class);
97 $this->extAdmEnabled = true;
98 break;
99 }
100 }
101 }
102 }
103
104 /**
105 * Initializes frontend editing.
106 *
107 * @return void
108 */
109 public function initializeFrontendEdit()
110 {
111 if (isset($this->extAdminConfig['enable.']) && $this->isFrontendEditingActive()) {
112 foreach ($this->extAdminConfig['enable.'] as $value) {
113 if ($value) {
114 if ($GLOBALS['TSFE'] instanceof \TYPO3\CMS\Frontend\Controller\TypoScriptFrontendController) {
115 // Grab the Page TSConfig property that determines which controller to use.
116 $pageTSConfig = $GLOBALS['TSFE']->getPagesTSconfig();
117 $controllerKey = isset($pageTSConfig['TSFE.']['frontendEditingController'])
118 ? $pageTSConfig['TSFE.']['frontendEditingController']
119 : 'default';
120 } else {
121 $controllerKey = 'default';
122 }
123 $controllerClass = $GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['t3lib/class.t3lib_tsfebeuserauth.php']['frontendEditingController'][$controllerKey];
124 if ($controllerClass) {
125 $this->frontendEdit = GeneralUtility::getUserObj($controllerClass);
126 }
127 break;
128 }
129 }
130 }
131 }
132
133 /**
134 * Determines whether frontend editing is currently active.
135 *
136 * @return bool Whether frontend editing is active
137 */
138 public function isFrontendEditingActive()
139 {
140 return $this->extAdmEnabled && (
141 $this->adminPanel->isAdminModuleEnabled('edit') ||
142 $GLOBALS['TSFE']->displayEditIcons == 1 ||
143 $GLOBALS['TSFE']->displayFieldEditIcons == 1
144 );
145 }
146
147 /**
148 * Delegates to the appropriate view and renders the admin panel content.
149 *
150 * @return string.
151 */
152 public function displayAdminPanel()
153 {
154 return $this->adminPanel->display();
155 }
156
157 /**
158 * Determines whether the admin panel is enabled and visible.
159 *
160 * @return bool Whether the admin panel is enabled and visible
161 */
162 public function isAdminPanelVisible()
163 {
164 return $this->extAdmEnabled && !$this->extAdminConfig['hide'] && $GLOBALS['TSFE']->config['config']['admPanel'];
165 }
166
167 /*****************************************************
168 *
169 * TSFE BE user Access Functions
170 *
171 ****************************************************/
172 /**
173 * Implementing the access checks that the TYPO3 CMS bootstrap script does before a user is ever logged in.
174 * Used in the frontend.
175 *
176 * @return bool Returns TRUE if access is OK
177 */
178 public function checkBackendAccessSettingsFromInitPhp()
179 {
180 // Check Hardcoded lock on BE
181 if ($GLOBALS['TYPO3_CONF_VARS']['BE']['adminOnly'] < 0) {
182 return false;
183 }
184 // Check IP
185 if (trim($GLOBALS['TYPO3_CONF_VARS']['BE']['IPmaskList'])) {
186 $remoteAddress = GeneralUtility::getIndpEnv('REMOTE_ADDR');
187 if (!GeneralUtility::cmpIP($remoteAddress, $GLOBALS['TYPO3_CONF_VARS']['BE']['IPmaskList'])) {
188 return false;
189 }
190 }
191 // Check SSL (https)
192 if ((int)$GLOBALS['TYPO3_CONF_VARS']['BE']['lockSSL'] && !GeneralUtility::getIndpEnv('TYPO3_SSL')) {
193 return false;
194 }
195 // Finally a check from \TYPO3\CMS\Core\Authentication\BackendUserAuthentication::backendCheckLogin()
196 if ($this->isUserAllowedToLogin()) {
197 return true;
198 } else {
199 return false;
200 }
201 }
202
203 /**
204 * Evaluates if the Backend User has read access to the input page record.
205 * The evaluation is based on both read-permission and whether the page is found in one of the users webmounts.
206 * Only if both conditions are TRUE will the function return TRUE.
207 * Read access means that previewing is allowed etc.
208 * Used in \TYPO3\CMS\Frontend\Http\RequestHandler
209 *
210 * @param array $pageRec The page record to evaluate for
211 * @return bool TRUE if read access
212 */
213 public function extPageReadAccess($pageRec)
214 {
215 return $this->isInWebMount($pageRec['uid']) && $this->doesUserHaveAccess($pageRec, 1);
216 }
217
218 /*****************************************************
219 *
220 * TSFE BE user Access Functions
221 *
222 ****************************************************/
223 /**
224 * Generates a list of Page-uid's from $id. List does not include $id itself
225 * The only pages excluded from the list are deleted pages.
226 *
227 * @param int $id Start page id
228 * @param int $depth Depth to traverse down the page tree.
229 * @param int $begin Is an optional integer that determines at which level in the tree to start collecting uid's. Zero means 'start right away', 1 = 'next level and out'
230 * @param string $perms_clause Perms clause
231 * @return string Returns the list with a comma in the end (if any pages selected!)
232 */
233 public function extGetTreeList($id, $depth, $begin = 0, $perms_clause)
234 {
235 $depth = (int)$depth;
236 $begin = (int)$begin;
237 $id = (int)$id;
238 $theList = '';
239 if ($id && $depth > 0) {
240 $where = 'pid=' . $id . ' AND doktype IN (' . $GLOBALS['TYPO3_CONF_VARS']['FE']['content_doktypes']
241 . ') AND deleted=0 AND ' . $perms_clause;
242 $res = $this->db->exec_SELECTquery('uid,title', 'pages', $where);
243 while (($row = $this->db->sql_fetch_assoc($res))) {
244 if ($begin <= 0) {
245 $theList .= $row['uid'] . ',';
246 $this->extPageInTreeInfo[] = array($row['uid'], htmlspecialchars($row['title'], $depth));
247 }
248 if ($depth > 1) {
249 $theList .= $this->extGetTreeList($row['uid'], $depth - 1, $begin - 1, $perms_clause);
250 }
251 }
252 $this->db->sql_free_result($res);
253 }
254 return $theList;
255 }
256
257 /**
258 * Returns the number of cached pages for a page id.
259 *
260 * @param int $pageId The page id.
261 * @return int The number of pages for this page in the table "cache_pages
262 */
263 public function extGetNumberOfCachedPages($pageId)
264 {
265 /** @var FrontendInterface $pageCache */
266 $pageCache = GeneralUtility::makeInstance(\TYPO3\CMS\Core\Cache\CacheManager::class)->getCache('cache_pages');
267 $pageCacheEntries = $pageCache->getByTag('pageId_' . (int)$pageId);
268 return count($pageCacheEntries);
269 }
270
271 /*****************************************************
272 *
273 * Localization handling
274 *
275 ****************************************************/
276 /**
277 * Returns the label for key. If a translation for the language set in $this->uc['lang']
278 * is found that is returned, otherwise the default value.
279 * If the global variable $LOCAL_LANG is NOT an array (yet) then this function loads
280 * the global $LOCAL_LANG array with the content of "sysext/lang/locallang_tsfe.xlf"
281 * such that the values therein can be used for labels in the Admin Panel
282 *
283 * @param string $key Key for a label in the $GLOBALS['LOCAL_LANG'] array of "sysext/lang/locallang_tsfe.xlf
284 * @return string The value for the $key
285 */
286 public function extGetLL($key)
287 {
288 if (!is_array($GLOBALS['LOCAL_LANG'])) {
289 $this->getLanguageService()->includeLLFile('EXT:lang/locallang_tsfe.xlf');
290 if (!is_array($GLOBALS['LOCAL_LANG'])) {
291 $GLOBALS['LOCAL_LANG'] = array();
292 }
293 }
294 // Label string in the default backend output charset.
295 $labelStr = htmlspecialchars($this->getLanguageService()->getLL($key));
296
297 /** @var CharsetConverter $charsetConverter */
298 $charsetConverter = GeneralUtility::makeInstance(CharsetConverter::class);
299 return $charsetConverter->utf8_to_entities($labelStr);
300 }
301
302 /**
303 * @return LanguageService
304 */
305 protected function getLanguageService()
306 {
307 return $GLOBALS['LANG'];
308 }
309 }