Fixed bug #17133: Pagetree - qtip can be used to execute custom javascript (XSS)...
[Packages/TYPO3.CMS.git] / t3lib / class.t3lib_superadmin.php
1 <?php
2 /***************************************************************
3 * Copyright notice
4 *
5 * (c) 1999-2011 Kasper Skårhøj (kasperYYYY@typo3.com)
6 * All rights reserved
7 *
8 * This script is part of the TYPO3 project. The TYPO3 project is
9 * free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
13 *
14 * The GNU General Public License can be found at
15 * http://www.gnu.org/copyleft/gpl.html.
16 * A copy is found in the textfile GPL.txt and important notices to the license
17 * from the author is found in LICENSE.txt distributed with these scripts.
18 *
19 *
20 * This script is distributed in the hope that it will be useful,
21 * but WITHOUT ANY WARRANTY; without even the implied warranty of
22 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
23 * GNU General Public License for more details.
24 *
25 * This copyright notice MUST APPEAR in all copies of the script!
26 ***************************************************************/
27 /**
28 * Super Admin class has functions for the administration of multiple TYPO3 sites in folders
29 * See 'misc/superadmin.php' for details on how to use!
30 *
31 * $Id$
32 * Revised for TYPO3 3.6 February/2004 by Kasper Skårhøj
33 * XHTML Compliant
34 *
35 * @author Kasper Skårhøj <kasperYYYY@typo3.com>
36 */
37 /**
38 * [CLASS/FUNCTION INDEX of SCRIPT]
39 *
40 * 120: function debug($p1,$p2='')
41 *
42 *
43 * 134: class t3lib_superadmin
44 *
45 * SECTION: Initialize stuff
46 * 180: function t3lib_superadmin()
47 * 192: function init($parentDirs)
48 *
49 * SECTION: Main functions
50 * 215: function defaultSet()
51 * 271: function make()
52 *
53 * SECTION: Output preparation
54 * 376: function setMenuItem($code,$label)
55 * 390: function error($str)
56 * 401: function headerParentDir($str)
57 * 412: function headerSiteDir($str)
58 *
59 * SECTION: Collection information
60 * 444: function initProcess()
61 * 482: function processSiteDir($path,$dir)
62 * 524: function includeLocalconf($localconf)
63 * 554: function connectToDatabase($siteInfo)
64 * 576: function getDBInfo($key)
65 *
66 * SECTION: Content: Installation Overview
67 * 626: function makeTable()
68 *
69 * SECTION: Content: Local extensions
70 * 729: function localExtensions()
71 * 902: function getExtensionInfo($path,$extKey,$k)
72 * 956: function getAllFilesAndFoldersInPath($fileArr,$extPath,$extList='',$regDirs=0)
73 * 978: function findMostRecent($fileArr,$extPath)
74 * 996: function removePrefixPathFromList($fileArr,$extPath)
75 *
76 * SECTION: Content: Other
77 * 1033: function singleSite($exp)
78 * 1064: function loginLog($DB)
79 * 1102: function log_getDetails($text,$data)
80 * 1116: function rmCachedFiles($exp)
81 * 1149: function menuContent($exp)
82 * 1221: function makeAdminLogin()
83 * 1295: function changeAdminPasswordsForm()
84 * 1330: function setNewPasswords()
85 *
86 * TOTAL FUNCTIONS: 28
87 * (This index is automatically created/updated by the extension "extdeveval")
88 *
89 */
90
91
92 // *******************************
93 // Set error reporting
94 // *******************************
95 if (defined('E_DEPRECATED')) {
96 error_reporting(E_ALL ^ E_NOTICE ^ E_DEPRECATED);
97 } else {
98 error_reporting(E_ALL ^ E_NOTICE);
99 }
100
101 define('TYPO3_mainDir', 'typo3/'); // This is the directory of the backend administration for the sites of this TYPO3 installation.
102
103
104 // Dependency:
105 $path_t3lib = './typo3_src/t3lib/';
106 include_once($path_t3lib . 'class.t3lib_div.php');
107 include_once($path_t3lib . 'class.t3lib_db.php');
108 $TYPO3_DB = t3lib_div::makeInstance('t3lib_DB');
109
110
111 t3lib_div::deprecationLog('class.t3lib_superadmin.php is deprecated since TYPO3 4.5, this file will be removed in TYPO3 4.7.');
112
113
114 /**
115 * Debug function. Substitute since no config_default.php file is included anywhere
116 *
117 * @param mixed Debug var
118 * @param string Header string
119 * @return void
120 */
121 function debug($p1, $p2 = '') {
122 t3lib_div::debug($p1, $p2);
123 }
124
125
126 /**
127 * Super Admin class has functions for the administration of multiple TYPO3 sites in folders
128 * NOTICE: Only compliant with single MySQL database usage per installation!
129 *
130 * @author Kasper Skårhøj <kasperYYYY@typo3.com>
131 * @package TYPO3
132 * @subpackage t3lib
133 */
134 class t3lib_superadmin {
135
136 // External, static:
137 var $targetWindow = 'superAdminWindow';
138 var $targetWindowAdmin = 'superAdminWindowAdmin';
139 var $targetWindowInstall = 'superAdminWindowInstall';
140 var $scriptName = 'superadmin.php';
141
142 // GP vars:
143 var $show; // "menu", "all", "admin", "info", "rmTempCached", "localext"
144 var $type; // "phpinfo", "page" - default renders a frameset
145 var $exp; // Additional parameter, typically a md5-hash pointing to an installation of TYPO3
146
147 // Internal, static:
148 var $parentDirs = array(); // Configured directories to search
149 var $globalSiteInfo = array(); // Array with information about found TYPO3 installations
150
151 var $currentUrl = '';
152 var $mapDBtoKey = array();
153 var $collectAdminPasswords = array();
154 var $changeAdminPasswords = array();
155 var $collectInstallPasswords = array();
156
157 // Control:
158 var $full = 0; // If set, the full information array per site is printed.
159
160 var $noCVS = 0; // See tools/em/index.php....
161
162
163 /**********************************
164 *
165 * Initialize stuff
166 *
167 **********************************/
168
169 /**
170 * Constructor, setting GP vars
171 *
172 * @return void
173 */
174 function t3lib_superadmin() {
175 $this->show = t3lib_div::_GP('show');
176 $this->type = t3lib_div::_GP('type');
177 $this->exp = t3lib_div::_GP('exp');
178 }
179
180 /**
181 * Initialize with configuration - from the 'superadmin.php' script. See misc/superadmin.php for example.
182 *
183 * @param array Numerical array with arrays having two keys, 'dir' and 'url' where 'dir' is the absolute path to a directory with TYPO3 installations inside.
184 * @return void
185 */
186 function init($parentDirs) {
187 $this->parentDirs = $parentDirs;
188 }
189
190
191 /**************************
192 *
193 * Main functions
194 *
195 **************************/
196
197 /**
198 * Main function, creating HTML content; frameset, menu, content frames.
199 * Outputs the full HTML to browser.
200 *
201 * @return void
202 */
203 function defaultSet() {
204
205 // Creating content based on "type" variable:
206 switch ($this->type) {
207 case 'phpinfo':
208 phpinfo();
209 break;
210 case 'page':
211 ?>
212 <!DOCTYPE html
213 PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
214 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
215 <html>
216 <head>
217 <style type="text/css">
218 .redclass {
219 color: red;
220 }
221
222 P {
223 font-family: Verdana, Arial, Helvetica, sans-serif;
224 font-size: 11px
225 }
226
227 BODY {
228 font-family: Verdana, Arial, Helvetica, sans-serif;
229 font-size: 10px
230 }
231
232 H1 {
233 font-family: Verdana, Arial, Helvetica, sans-serif;
234 font-size: 20px;
235 color: #000066;
236 }
237
238 H2 {
239 font-family: Verdana, Arial, Helvetica, sans-serif;
240 font-size: 17px;
241 color: #000066;
242 }
243
244 H3 {
245 font-family: Verdana, Arial, Helvetica, sans-serif;
246 font-size: 14px;
247 color: #000066;
248 }
249
250 H4 {
251 font-family: Verdana, Arial, Helvetica, sans-serif;
252 font-size: 11px;
253 color: maroon;
254 }
255
256 TD {
257 font-family: Verdana, Arial, Helvetica, sans-serif;
258 font-size: 10px
259 }
260 </style>
261 <title>TYPO3 Super Admin</title>
262 </head>
263 <body>
264 <?php
265 echo $this->make();
266 ?>
267 </body>
268 </html>
269 <?php
270 break;
271 default:
272 ?>
273 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
274 <html>
275 <head>
276 <title>TYPO3 Super Admin</title>
277 </head>
278 <frameset cols="250,*">
279 <frame name="TSAmenu" src="superadmin.php?type=page&show=menu" marginwidth="10" marginheight="10"
280 scrolling="auto" frameborder="0">
281 <frame name="TSApage" src="superadmin.php?type=page" marginwidth="10" marginheight="10"
282 scrolling="auto" frameborder="0">
283 </frameset>
284 </html>
285 <?php
286 break;
287 }
288 }
289
290 /**
291 * Main function, creating page content.
292 *
293 * @return string HTML content.
294 */
295 function make() {
296
297 $retVal = '';
298
299 // Creating information about the sites found:
300 $content = $this->initProcess();
301
302 // Output mode:
303 switch ($this->show) {
304 case 'menu':
305 $lines = array();
306 $lines[] = $this->setMenuItem('info', 'INFO');
307 $lines[] = $this->setMenuItem('update', 'UPDATE');
308 $lines[] = '';
309 $lines[] = '<a href="' . htmlspecialchars($this->scriptName . '?type=page') . '" target="TSApage">Default</a>';
310 $lines[] = '<a href="' . htmlspecialchars($this->scriptName . '?type=page&show=all') . '" target="TSApage">All details</a>';
311 $lines[] = '<a href="' . htmlspecialchars($this->scriptName . '?type=page&show=admin') . '" target="TSApage">Admin logins</a>';
312 $lines[] = '<a href="' . htmlspecialchars($this->scriptName . '?type=phpinfo') . '" target="TSApage">phpinfo()</a>';
313 $lines[] = '<a href="' . htmlspecialchars($this->scriptName . '?type=page&show=localext') . '" target="TSApage">Local extensions</a>';
314 $lines[] = '';
315 $content = implode('<br />', $lines);
316 $content .= '<hr />';
317 $content .= $this->menuContent($this->exp);
318 $retVal = '<h2 align="center">TYPO3<br />Super Admin</h2>' . $content;
319 break;
320 case 'all':
321 $retVal = '
322 <h1>All details:</h1>
323 <h2>Overview:</h2>
324 ' . $this->makeTable() . '
325 <br /><hr /><br />
326 <h1>Details per site:</h1>
327 ' . $content;
328 break;
329 case 'admin':
330 $content = $this->setNewPasswords();
331 $this->makeTable();
332 $retVal = $content . '
333 <h1>Admin options:</h1>
334
335 <h2>Admin logins:</h2>
336 ' . $this->makeAdminLogin() . '
337 <br /><hr /><br />
338
339 <h2>TBE Admin Passwords:</h2>
340 ' . t3lib_div::view_array($this->collectAdminPasswords) . '
341 <br /><hr /><br />
342
343 <h2>Install Tool Passwords:</h2>
344 ' . t3lib_div::view_array($this->collectInstallPasswords) . '
345 <br /><hr /><br />
346
347 <h2>Change TBE Admin Passwords:</h2>
348 ' . $this->changeAdminPasswordsForm() . '
349 <br /><hr /><br />';
350 break;
351 case 'info':
352 $retVal = '
353 <h1>Single site details</h1>
354 ' . $this->singleSite($this->exp) .
355 '<br />';
356 break;
357 case 'rmTempCached':
358 $retVal = '
359 <h1>Removing temp_CACHED_*.php files</h1>
360 ' . $this->rmCachedFiles($this->exp) .
361 '<br />';
362 break;
363 case 'localext':
364 $retVal = '
365 <h1>Local Extensions Found:</h1>
366 ' . $this->localExtensions() .
367 '<br />';
368 break;
369 default:
370 $retVal = '
371 <h1>Default info:</h1>' .
372 $content;
373 break;
374 }
375 return $retVal;
376 }
377
378
379 /********************************
380 *
381 * Output preparation
382 *
383 *******************************/
384
385 /**
386 * Creates menu item from input.
387 *
388 * @param string Value for "&exp" parameter
389 * @param string The label
390 * @return string Wrapped value
391 */
392 function setMenuItem($code, $label) {
393 $out = '<a href="' . htmlspecialchars($this->scriptName . '?type=page&show=menu&exp=' . $code) . '" target="TSAmenu">' . htmlspecialchars($label) . '</a>';
394 if ($code == $this->exp) {
395 $out = '<span style="color:red;">&gt;&gt;</span>' . $out;
396 }
397 return $out;
398 }
399
400 /**
401 * Wrap string in red span tag (for errors)
402 *
403 * @param string Input string
404 * @return string Output string
405 */
406 function error($str) {
407 $out = '<span style="color:red; font-size: 14px; font-weight: bold;">' . htmlspecialchars($str) . '</span>';
408 return $out;
409 }
410
411 /**
412 * Wraps input string in <h2>
413 *
414 * @param string Input string
415 * @return string Output string, wrapped in <h2>
416 */
417 function headerParentDir($str) {
418 $out = '<h2>' . htmlspecialchars($str) . '</h2>';
419 return $out;
420 }
421
422 /**
423 * Wraps input string in <h3>
424 *
425 * @param string Input string
426 * @return string Output string, wrapped in <h3>
427 */
428 function headerSiteDir($str) {
429 $out = '<h3>' . htmlspecialchars($str) . '</h3>';
430 return $out;
431 }
432
433
434 /********************************
435 *
436 * Collection information
437 *
438 *******************************/
439
440 /**
441 * Traverses the parent dirs, collecting the list of TYPO3 installations into $this->globalSiteInfo
442 *
443 * @return string HTML content (The default view seen when starting the superadmin.php script)
444 */
445 function initProcess() {
446 $content = '';
447
448 foreach ($this->parentDirs as $k => $v) {
449 $dir = rtrim($v['dir'], '/');
450 $baseUrl = rtrim($v['url'], '/');
451 $content .= '<br /><br /><br />';
452 $content .= $this->headerParentDir($dir);
453 if (@is_dir($dir)) {
454 $in_dirs = t3lib_div::get_dirs($dir);
455 asort($in_dirs);
456 $dirArr = array();
457 foreach ($in_dirs as $k => $v) {
458 if (substr($v, 0, 9) != 'typo3_src') {
459 $this->currentUrl = $baseUrl . '/' . $v;
460 $content .= $this->headerSiteDir($v);
461 $content .= $this->processSiteDir($dir . '/' . $v, $dir);
462 }
463 }
464 } else {
465 $content .= $this->error('"' . $dir . '" was not a directory!');
466 }
467 }
468
469 return $content;
470 }
471
472 /**
473 * Creating information array for a specific TYPO3 installation
474 * Information about site is stored in ->globalSiteInfo array
475 *
476 * @param string Absolute path to installation (PATH_site)
477 * @param string Directory of main directory (level under PATH_site)
478 * @return string HTML content with information about the site.
479 * @access private
480 * @see initProcess()
481 */
482 function processSiteDir($path, $dir) {
483 if (@is_dir($path)) {
484 $localconf = $path . '/typo3conf/localconf.php';
485 if (@is_file($localconf)) {
486 $key = md5($localconf);
487 $this->includeLocalconf($localconf);
488
489 $this->mapDBtoKey[$this->globalSiteInfo[$key]['siteInfo']['TYPO3_db']] = $key;
490 $this->globalSiteInfo[$key]['siteInfo']['MAIN_DIR'] = $dir;
491 $this->globalSiteInfo[$key]['siteInfo']['SA_PATH'] = $path;
492 $this->globalSiteInfo[$key]['siteInfo']['URL'] = $this->currentUrl . '/';
493 $this->globalSiteInfo[$key]['siteInfo']['ADMIN_URL'] = $this->currentUrl . '/' . TYPO3_mainDir;
494 $this->globalSiteInfo[$key]['siteInfo']['INSTALL_URL'] = $this->currentUrl . '/' . TYPO3_mainDir . 'install/';
495
496 // Connect to database:
497 $conMsg = $this->connectToDatabase($this->globalSiteInfo[$key]['siteInfo']);
498 if (!$conMsg) {
499 $this->getDBInfo($key);
500 $out .= '';
501 } else {
502 $out = $conMsg;
503 }
504
505 // Show details:
506 if ($this->full) {
507 $out .= t3lib_div::view_array($this->globalSiteInfo[$key]);
508 } else {
509 $out .= t3lib_div::view_array($this->globalSiteInfo[$key]['siteInfo']);
510 }
511 } else {
512 $out = $this->error($localconf . ' is not a file!');
513 }
514 } else {
515 $out = $this->error($path . ' is not a directory!');
516 }
517 return $out;
518 }
519
520 /**
521 * Includes "localconf" of a TYPO3 installation an loads $this->globalSiteInfo with this information.
522 *
523 * @param string Absolute path to localconf.php file to include.
524 * @return array Array with information about the site.
525 * @access private
526 * @see processSiteDir()
527 */
528 function includeLocalconf($localconf) {
529 $TYPO3_CONF_VARS = array();
530 $typo_db = '';
531 $typo_db_username = '';
532 $typo_db_password = '';
533 $typo_db_host = '';
534
535 include($localconf);
536
537 $siteInfo = array();
538 $siteInfo['sitename'] = $TYPO3_CONF_VARS['SYS']['sitename'];
539 $siteInfo['TYPO3_db'] = $typo_db;
540 $siteInfo['TYPO3_db_username'] = $typo_db_username;
541 $siteInfo['TYPO3_db_password'] = $typo_db_password;
542 $siteInfo['TYPO3_db_host'] = $typo_db_host;
543 $siteInfo['installToolPassword'] = $TYPO3_CONF_VARS['BE']['installToolPassword'];
544 $siteInfo['warningEmailAddress'] = $TYPO3_CONF_VARS['BE']['warning_email_addr'];
545 $siteInfo['warningMode'] = $TYPO3_CONF_VARS['BE']['warning_mode'];
546
547 $this->globalSiteInfo[md5($localconf)] = array('siteInfo' => $siteInfo, 'TYPO3_CONF_VARS' => $TYPO3_CONF_VARS);
548 return $siteInfo;
549 }
550
551 /**
552 * Connects to a MySQL database with the TYPO3 db host/username/password and database as found in the localconf.php file!
553 * This is NOT compatible with DBAL and connection will obviously just fail with an error message if it turns out that the _DEFAULT handler of a site is not in a MySQL database
554 *
555 * @param array $siteInfo array, containing username/password/host/database values.
556 * @return string Array message if any
557 */
558 function connectToDatabase($siteInfo) {
559 if (@mysql_pconnect($siteInfo['TYPO3_db_host'], $siteInfo['TYPO3_db_username'], $siteInfo['TYPO3_db_password'])) {
560 if (!$siteInfo['TYPO3_db']) {
561 return $this->error('No database selected');
562 } elseif (!mysql_select_db($siteInfo['TYPO3_db'])) {
563 return $this->error('Cannot connect to the current database, "' . $siteInfo['TYPO3_db'] . '"');
564 }
565 } else {
566 return $this->error('The current username, password or host was not accepted when the connection to the database was attempted to be established!');
567 }
568 }
569
570
571 /**
572 * Get database information, assuming standard tables like "be_users"
573 * Adding the information to ->globalSiteInfo
574 *
575 * @param string Key for site in ->globalSiteInfo
576 * @return void
577 * @access private
578 * @see processSiteDir()
579 */
580 function getDBInfo($key) {
581 $DB = $this->globalSiteInfo[$key]['siteInfo']['TYPO3_db'];
582
583 // Non-admin users
584 $query = $GLOBALS['TYPO3_DB']->SELECTquery('count(*)', 'be_users', 'admin=0 AND deleted=0');
585 $res = mysql($DB, $query);
586 $row = mysql_fetch_row($res);
587 $this->globalSiteInfo[$key]['siteInfo']['BE_USERS_NONADMIN'] = $row[0];
588
589 // Admin users
590 $query = $GLOBALS['TYPO3_DB']->SELECTquery('count(*)', 'be_users', 'admin!=0 AND deleted=0');
591 $res = mysql($DB, $query);
592 $row = mysql_fetch_row($res);
593 $this->globalSiteInfo[$key]['siteInfo']['BE_USERS_ADMIN'] = $row[0];
594
595 // Select Admin users
596 $query = $GLOBALS['TYPO3_DB']->SELECTquery('uid,username,password,email,realName,disable', 'be_users', 'admin!=0 AND deleted=0');
597 $res = mysql($DB, $query);
598 while ($row = mysql_fetch_assoc($res)) {
599 $this->globalSiteInfo[$key]['siteInfo']['ADMINS'][] = $row;
600 }
601 }
602
603
604 /******************************
605 *
606 * Content: Installation Overview
607 *
608 ******************************/
609
610 /**
611 * Creates big table with information about all installations in ->globalSiteInfo
612 *
613 * @return string HTML table
614 */
615 function makeTable() {
616
617 // Header row
618 $info = array();
619 $info[] = 'Site:';
620 $info[] = 'Path:';
621 $info[] = 'Database:';
622 $info[] = 'Username';
623 $info[] = 'Password';
624 $info[] = 'Host';
625 $info[] = 'Links (new win)';
626 $info[] = '#Users NA/A';
627 $info[] = 'Admin be_users Info';
628 $info[] = 'Install Tool Password';
629 $info[] = 'Warning email address';
630 $info[] = 'W.mode';
631 $mainArrRows[] = '
632 <tr bgcolor="#eeeeee">
633 <td nowrap="nowrap" valign="top">' . implode('</td>
634 <td nowrap="nowrap" valign="top">', $info) . '</td>
635 </tr>';
636
637 // Traverse globalSiteInfo for each site:
638 foreach ($this->globalSiteInfo as $k => $all) {
639 $info = array();
640
641 // Sitename and Database details:
642 $info[] = htmlspecialchars($all['siteInfo']['sitename']);
643 $info[] = '<span style="color:#666666;">' . htmlspecialchars($all['siteInfo']['MAIN_DIR']) . '</span>' . htmlspecialchars(substr($all['siteInfo']['SA_PATH'], strlen($all['siteInfo']['MAIN_DIR'])));
644 $info[] = htmlspecialchars($all['siteInfo']['TYPO3_db']);
645 $info[] = htmlspecialchars($all['siteInfo']['TYPO3_db_username']);
646 $info[] = htmlspecialchars($all['siteInfo']['TYPO3_db_password']);
647 $info[] = htmlspecialchars($all['siteInfo']['TYPO3_db_host']);
648
649 // URL
650 $info[] = '<a href="' . htmlspecialchars($all['siteInfo']['URL']) . '" target="' . $this->targetWindow . '">Site</a>' .
651 ' / <a href="' . htmlspecialchars($all['siteInfo']['ADMIN_URL']) . '" target="' . $this->targetWindowAdmin . '">Admin</a>' .
652 ' / <a href="' . htmlspecialchars($all['siteInfo']['INSTALL_URL']) . '" target="' . $this->targetWindowInstall . '">Install</a>';
653 $info[] = htmlspecialchars($all['siteInfo']['BE_USERS_NONADMIN'] . '/' . $all['siteInfo']['BE_USERS_ADMIN']);
654
655 // Admin
656 if (is_array($all['siteInfo']['ADMINS'])) {
657 $lines = array();
658 foreach ($all['siteInfo']['ADMINS'] as $vArr) {
659 $lines[] = htmlspecialchars($vArr['password'] . ' - ' . $vArr['username'] . ' (' . $vArr['realName'] . ', ' . $vArr['email'] . ')');
660 $this->collectAdminPasswords[$vArr['password']][] = array(
661 'path' => $all['siteInfo']['SA_PATH'],
662 'site' => $all['siteInfo']['sitename'],
663 'database' => $all['siteInfo']['TYPO3_db'],
664 'user' => $vArr['username'],
665 'name_email' => $vArr['realName'] . ', ' . $vArr['email']
666 );
667 $this->changeAdminPasswords[$vArr['password']][] = $all['siteInfo']['TYPO3_db'] . ':' . $vArr['uid'] . ':' . $vArr['username'];
668 }
669 $info[] = implode('<br />', $lines);
670 } else {
671 $info[] = $this->error('No DB connection!');
672 }
673 // Install
674 $info[] = htmlspecialchars($all['siteInfo']['installToolPassword']);
675 $this->collectInstallPasswords[$all['siteInfo']['installToolPassword']][] = $all['siteInfo']['SA_PATH'] . ' - ' . $all['siteInfo']['sitename'] . ' - (' . $all['siteInfo']['TYPO3_db'] . ')';
676
677 $info[] = htmlspecialchars($all['siteInfo']['warningEmailAddress']);
678 $info[] = htmlspecialchars($all['siteInfo']['warningMode']);
679
680 // compile
681 $mainArrRows[] = '
682 <tr>
683 <td nowrap="nowrap" valign="top">' . implode('</td>
684 <td nowrap="nowrap" valign="top">', $info) . '</td>
685 </tr>';
686 }
687
688 // Compile / return table finally:
689 $table = '<table border="1" cellpadding="1" cellspacing="1">' . implode('', $mainArrRows) . '</table>';
690 return $table;
691 }
692
693
694 /******************************
695 *
696 * Content: Local extensions
697 *
698 ******************************/
699
700 /**
701 * Based on the globalSiteInfo array, this prints information about local extensions for each site.
702 * In particular version number and most recent mod-time is interesting!
703 *
704 * @return string HTML
705 */
706 function localExtensions() {
707 $this->extensionInfoArray = array();
708
709 // Traverse $this->globalSiteInfo for local extensions:
710 foreach ($this->globalSiteInfo as $k => $all) {
711 if ($all['siteInfo']['SA_PATH']) {
712 $extDir = $all['siteInfo']['SA_PATH'] . '/typo3conf/ext/';
713 if (@is_dir($extDir)) {
714 $this->extensionInfoArray['site'][$k] = array();
715
716 // Get extensions in local directory
717 $extensions = t3lib_div::get_dirs($extDir);
718 if (is_array($extensions)) {
719 foreach ($extensions as $extKey) {
720 // Getting and setting information for extension:
721 $eInfo = $this->getExtensionInfo($extDir, $extKey, $k);
722 $this->extensionInfoArray['site'][$k][$extKey] = $eInfo;
723 $this->extensionInfoArray['ext'][$extKey][$k] = $eInfo;
724 }
725 }
726 }
727 }
728 }
729
730 // Display results:
731 $out = '';
732 $headerRow = '
733 <tr bgcolor="#ccccee" style="font-weight:bold;">
734 <td>Extension key</td>
735 <td>Path</td>
736 <td>Title</td>
737 <td>Ver.</td>
738 <td>Files</td>
739 <td><span title="If M, then there is a manual.">M</span></td>
740 <td>Last mod. time</td>
741 <td>Hash off all file mod. times:</td>
742 <td>TYPO3 ver. req.</td>
743 <td>CGL compliance</td>
744 </tr>
745 ';
746
747 // PER EXTENSION:
748 if (is_array($this->extensionInfoArray['ext'])) {
749 $extensionKeysCollect = array();
750
751 ksort($this->extensionInfoArray['ext']);
752 reset($this->extensionInfoArray['ext']);
753 $rows = array(
754 'reg' => array(),
755 'user' => array()
756 );
757
758 foreach ($this->extensionInfoArray['ext'] as $extKey => $instances) {
759 $mtimes = array();
760
761 // Find most recent mtime of the options:
762 foreach ($instances as $k => $eInfo) {
763 $mtimes[] = $eInfo['mtime'];
764 }
765 // Max mtime:
766 $maxMtime = max($mtimes);
767 $c = 0;
768
769 // So, traverse all sites with the extension present:
770 foreach ($instances as $k => $eInfo) {
771 // Set background color if mtime matches
772 if ($maxMtime == $eInfo['mtime']) {
773 $this->extensionInfoArray['site'][$k][$extKey]['_highlight'] = 1;
774 $bgCol = $eInfo['dirtype'] == 'link' ? ' bgcolor="#ffcccc"' : ' bgcolor="#eeeeee"';
775 } else {
776 $bgCol = ' style="color: #999999; font-style: italic;"';
777 }
778
779 // Make row:
780 $type = substr($extKey, 0, 5) != 'user_' ? 'reg' : 'user';
781 if ($type == 'reg') {
782 $extensionKeysCollect[] = $extKey;
783 }
784
785 if (!is_array($eInfo)) {
786 // Standard listing:
787 $rows[$type][] = '
788 <tr>
789 ' . (!$c ? '<td rowspan="' . count($instances) . '">' . htmlspecialchars($extKey) . '</td>' : '') . '
790 <td nowrap="nowrap" bgcolor="#ccddcc">' . htmlspecialchars($this->globalSiteInfo[$k]['siteInfo']['SA_PATH']) . '</td>
791 <td nowrap="nowrap" bgcolor="#ccddcc" colspan="8"><em>' . htmlspecialchars($eInfo) . '</em></td>
792 </tr>
793 ';
794 } else {
795 // Standard listing:
796 $rows[$type][] = '
797 <tr>
798 ' . (!$c ? '<td rowspan="' . count($instances) . '">' . htmlspecialchars($extKey) . '</td>' : '') . '
799 <td nowrap="nowrap"' . $bgCol . '>' . htmlspecialchars($this->globalSiteInfo[$k]['siteInfo']['SA_PATH']) . '</td>
800 <td nowrap="nowrap"' . $bgCol . '>' . htmlspecialchars($eInfo['title']) . '</td>
801 <td nowrap="nowrap"' . $bgCol . '>' . htmlspecialchars($eInfo['version']) . '</td>
802 <td nowrap="nowrap"' . $bgCol . '>' . htmlspecialchars($eInfo['numberfiles']) . '</td>
803 <td nowrap="nowrap"' . $bgCol . '>' . htmlspecialchars($eInfo['manual'] ? 'M' : '-') . '</td>
804 <td nowrap="nowrap"' . $bgCol . '>' . htmlspecialchars($eInfo['mtime'] ? date('d-m-y H:i:s', $eInfo['mtime']) : '') . '</td>
805 <td nowrap="nowrap"' . $bgCol . '>' . htmlspecialchars($eInfo['mtime_hash']) . '</td>
806
807 <td' . $bgCol . '>' . htmlspecialchars($eInfo['TYPO3_version']) . '</td>
808 <td' . $bgCol . '><img src="clear.gif" width="150" height="1" alt="" /><br />' . htmlspecialchars($eInfo['CGLcompliance'] . ($eInfo['CGLcompliance_note'] ? ' - ' . $eInfo['CGLcompliance_note'] : '')) . '</td>
809 </tr>
810 ';
811 }
812 $c++;
813 }
814 }
815
816 // Extensions with registered extension keys:
817 $out .= '
818 <h3>Registered extensions:</h3>
819 <table border="1">' . $headerRow . implode('', $rows['reg']) . '</table>';
820
821 // List of those extension keys in a form field:
822 $extensionKeysCollect = array_unique($extensionKeysCollect);
823 asort($extensionKeysCollect);
824 $out .= '<form action=""><textarea cols="80" rows="10">' . implode(LF, $extensionKeysCollect) . '</textarea></form>';
825
826 // USER extension (prefixed "user_")
827 $out .= '<br />
828 <h3>User extensions:</h3>
829 <table border="1">' . $headerRow . implode('', $rows['user']) . '</table>';
830 }
831
832 // PER SITE:
833 if (is_array($this->extensionInfoArray['site'])) {
834 $rows = array();
835 foreach ($this->extensionInfoArray['site'] as $k => $extensions) {
836
837 // So, traverse all sites with the extension present:
838 $c = 0;
839 foreach ($extensions as $extKey => $eInfo) {
840
841 // Set background color if mtime matches
842 if ($eInfo['_highlight']) {
843 $bgCol = $eInfo['dirtype'] == 'link' ? ' bgcolor="#ffcccc"' : ' bgcolor="#eeeeee"';
844 } else {
845 $bgCol = ' style="color: #999999; font-style: italic;"';
846 }
847
848 // Make row:
849 $rows[] = '
850 <tr>
851 ' . (!$c ? '<td rowspan="' . count($extensions) . '">' . htmlspecialchars($this->globalSiteInfo[$k]['siteInfo']['SA_PATH']) . '</td>' : '') . '
852 <td nowrap="nowrap"' . $bgCol . '>' . htmlspecialchars($extKey) . '</td>
853 <td nowrap="nowrap"' . $bgCol . '>' . htmlspecialchars($eInfo['title']) . '</td>
854 <td nowrap="nowrap"' . $bgCol . '>' . htmlspecialchars($eInfo['version']) . '</td>
855 <td nowrap="nowrap"' . $bgCol . '>' . htmlspecialchars($eInfo['numberfiles']) . '</td>
856 <td nowrap="nowrap"' . $bgCol . '>' . htmlspecialchars($eInfo['mtime'] ? date('d-m-y H:i:s', $eInfo['mtime']) : '') . '</td>
857 <td nowrap="nowrap"' . $bgCol . '>' . htmlspecialchars($eInfo['mtime_hash']) . '</td>
858 </tr>
859 ';
860 $c++;
861 }
862 }
863 $out .= '<br />
864 <h3>Sites:</h3>
865 <table border="1">' . implode('', $rows) . '</table>';
866 }
867
868 // Return content
869 return $out;
870 }
871
872 /**
873 * Gets information for an extension, eg. version and most-recently-edited-script
874 *
875 * @param string Path to local extension folder
876 * @param string Extension key
877 * @param string Key to globalSiteInformation array
878 * @return array Information array (unless an error occured)
879 */
880 function getExtensionInfo($path, $extKey, $k) {
881 $file = $path . $extKey . '/ext_emconf.php';
882 if (@is_file($file)) {
883 $_EXTKEY = $extKey;
884 $EM_CONF = array();
885 include($file);
886
887 $eInfo = array();
888 // Info from emconf:
889 $eInfo['title'] = $EM_CONF[$extKey]['title'];
890 $eInfo['version'] = $EM_CONF[$extKey]['version'];
891 $eInfo['CGLcompliance'] = $EM_CONF[$extKey]['CGLcompliance'];
892 $eInfo['CGLcompliance_note'] = $EM_CONF[$extKey]['CGLcompliance_note'];
893 $eInfo['TYPO3_version'] = $EM_CONF[$extKey]['TYPO3_version'];
894 $filesHash = unserialize($EM_CONF[$extKey]['_md5_values_when_last_written']);
895
896 if (!is_array($filesHash) || count($filesHash) < 500) {
897
898 // Get all files list (may take LOONG time):
899 $extPath = $path . $extKey . '/';
900 $fileArr = array();
901 $fileArr = $this->removePrefixPathFromList($this->getAllFilesAndFoldersInPath($fileArr, $extPath), $extPath);
902
903 if (!is_array($fileArr)) {
904 debug(array($fileArr, $extKey, $extPath, $this->getAllFilesAndFoldersInPath(array(), $extPath)), 'ERROR');
905 }
906
907 // Number of files:
908 $eInfo['numberfiles'] = count($fileArr);
909 $eInfo['dirtype'] = filetype($path . $extKey);
910
911 // Most recent modification:
912 $eInfo['mtime_files'] = $this->findMostRecent($fileArr, $extPath);
913 if (count($eInfo['mtime_files'])) {
914 $eInfo['mtime'] = max($eInfo['mtime_files']);
915 }
916 $eInfo['mtime_hash'] = md5(implode(',', $eInfo['mtime_files']));
917 } else {
918 $eInfo['mtime_hash'] = 'No calculation done, too many files in extension: ' . count($filesHash);
919 }
920
921 $eInfo['manual'] = @is_file($path . $extKey . '/doc/manual.sxw');
922
923 return $eInfo;
924 } else {
925 return 'ERROR: No emconf.php file: ' . $file;
926 }
927 }
928
929 /**
930 * Recursively gather all files and folders of extension path.
931 *
932 * @param array Array of files to which new files are added
933 * @param string Path to look up files in
934 * @param string List of file extensions to include. Blank = all
935 * @param boolean If set, directories are included as well.
936 * @return array $fileArr with new entries added.
937 */
938 function getAllFilesAndFoldersInPath($fileArr, $extPath, $extList = '', $regDirs = 0) {
939 if ($regDirs) {
940 $fileArr[] = $extPath;
941 }
942 $fileArr = array_merge($fileArr, t3lib_div::getFilesInDir($extPath, $extList, 1, 1));
943
944 $dirs = t3lib_div::get_dirs($extPath);
945 if (is_array($dirs)) {
946 foreach ($dirs as $subdirs) {
947 if ($subdirs && (strcmp($subdirs, 'CVS') || !$this->noCVS)) {
948 $fileArr = $this->getAllFilesAndFoldersInPath($fileArr, $extPath . $subdirs . '/', $extList, $regDirs);
949 }
950 }
951 }
952 return $fileArr;
953 }
954
955 /**
956 * Creates an array with modification times of all files in $fileArr
957 *
958 * @param array Files in extension (rel path)
959 * @param string Abs path prefix for files.
960 * @return array Array with modification times of files (filenames are keys)
961 */
962 function findMostRecent($fileArr, $extPath) {
963 $mtimeArray = array();
964 foreach ($fileArr as $fN) {
965 if ($fN != 'ext_emconf.php') {
966 $mtime = filemtime($extPath . $fN);
967 $mtimeArray[$fN] = $mtime;
968 }
969 }
970 return $mtimeArray;
971 }
972
973 /**
974 * Removes the absolute part of all files/folders in fileArr
975 *
976 * @param array File array
977 * @param string Prefix to remove
978 * @return array Modified file array (or error string)
979 */
980 function removePrefixPathFromList($fileArr, $extPath) {
981 foreach ($fileArr as $k => $absFileRef) {
982 if (t3lib_div::isFirstPartOfStr($absFileRef, $extPath)) {
983 $fileArr[$k] = substr($absFileRef, strlen($extPath));
984 } else {
985 return 'ERROR: One or more of the files was NOT prefixed with the prefix-path!';
986 }
987 }
988 return $fileArr;
989 }
990
991
992 /******************************
993 *
994 * Content: Other
995 *
996 ******************************/
997
998 /**
999 * Shows detailed information for a single installation of TYPO3
1000 *
1001 * @param string KEY pointing to installation
1002 * @return string HTML content
1003 */
1004 function singleSite($exp) {
1005 $all = $this->globalSiteInfo[$exp];
1006
1007 // General information:
1008 $content = '
1009 <h2>' . htmlspecialchars($all['siteInfo']['sitename'] . ' (DB: ' . $all['siteInfo']['TYPO3_db']) . ')</h2>
1010 <hr />
1011
1012 <h3>Main details:</h3>
1013
1014 LINKS: <a href="' . htmlspecialchars($all['siteInfo']['URL']) . '" target="' . $this->targetWindow . '">Site</a> / <a href="' . htmlspecialchars($all['siteInfo']['ADMIN_URL']) . '" target="' . $this->targetWindowAdmin . '">Admin</a> / <a href="' . htmlspecialchars($all['siteInfo']['INSTALL_URL']) . '" target="' . $this->targetWindowInstall . '">Install</a>
1015 <br /><br />';
1016
1017 // Add all information in globalSiteInfo array:
1018 $content .= t3lib_div::view_array($all);
1019
1020 // Last-login:
1021 $content .= '
1022 <h3>Login-Log for last month:</h3>';
1023 $content .= $this->loginLog($all['siteInfo']['TYPO3_db']);
1024
1025 // Return content
1026 return $content;
1027 }
1028
1029 /**
1030 * Get last-login log for database.
1031 *
1032 * @param string Database
1033 * @return string HTML
1034 */
1035 function loginLog($DB) {
1036 // Non-admin users
1037 //1=login, 2=logout, 3=failed login (+ errorcode 3), 4=failure_warning_email sent
1038 $query = $GLOBALS['TYPO3_DB']->SELECTquery(
1039 'sys_log.*, be_users.username AS username, be_users.admin AS admin',
1040 'sys_log,be_users',
1041 'be_users.uid=sys_log.userid AND sys_log.type=255 AND sys_log.tstamp > ' . ($GLOBALS['EXEC_TIME'] - (60 * 60 * 24 * 30)),
1042 '',
1043 'sys_log.tstamp DESC'
1044 );
1045 $res = mysql($DB, $query);
1046
1047 $dayRef = '';
1048 $lines = array();
1049
1050 while ($row = mysql_fetch_assoc($res)) {
1051 $day = date('d-m-Y', $row['tstamp']);
1052 if ($dayRef != $day) {
1053 $lines[] = '
1054 <h4>' . $day . ':</h4>';
1055 $dayRef = $day;
1056 }
1057 $theLine = date('H:i', $row['tstamp']) . ': ' . str_pad(substr($row['username'], 0, 10), 10) . ' ' . $this->log_getDetails($row['details'], unserialize($row['log_data']));
1058 $theLine = htmlspecialchars($theLine);
1059 $lines[] = $row['admin'] ? '<span class="redclass">' . $theLine . '</span>' : $theLine;
1060 }
1061 return '<pre>' . implode(LF, $lines) . '</pre>';
1062 }
1063
1064 /**
1065 * Compile log details into template string
1066 *
1067 * @param string Log message (template)
1068 * @param array Data array to insert in log message
1069 * @return string Log details.
1070 */
1071 function log_getDetails($text, $data) {
1072 // $code is used later on to substitute errormessages with language-corrected values...
1073 if (is_array($data)) {
1074 return sprintf($text, $data[0], $data[1], $data[2], $data[3], $data[4]);
1075 } else {
1076 return $text;
1077 }
1078 }
1079
1080
1081 /**
1082 * Removing temp_CACHED files for installation
1083 *
1084 * @param string KEY pointing to installation
1085 * @return string HTML content
1086 */
1087 function rmCachedFiles($exp) {
1088 $all = $this->globalSiteInfo[$exp];
1089 $content = '
1090 <h2>' . htmlspecialchars($all['siteInfo']['sitename'] . ' (DB: ' . $all['siteInfo']['TYPO3_db']) . ')</h2>
1091 <hr />
1092 <h3>typo3conf/temp_CACHED_* files:</h3>';
1093
1094 $path = $all['siteInfo']['SA_PATH'] . '/typo3conf/';
1095 if (@is_dir($path)) {
1096 $filesInDir = t3lib_div::getFilesInDir($path, 'php', 1);
1097
1098 foreach ($filesInDir as $kk => $vv) {
1099 if (t3lib_div::isFirstPartOfStr(basename($vv), 'temp_CACHED_')) {
1100 if (strstr(basename($vv), 'ext_localconf.php') || strstr(basename($vv), 'ext_tables.php')) {
1101 $content .= 'REMOVED: ' . $vv . '<br />';
1102 unlink($vv);
1103 if (file_exists($vv)) {
1104 $content .= $this->error('ERROR: File still exists, so could not be removed anyways!') . '<br />';
1105 }
1106 }
1107 }
1108 }
1109 } else {
1110 $content .= $this->error('ERROR: ' . $path . ' was not a directory!');
1111 }
1112
1113 return $content;
1114 }
1115
1116 /**
1117 * Menu for either update/information, showing links for each installation found
1118 *
1119 * @param string Action key "update" or "info"
1120 * @return string HTML output.
1121 */
1122 function menuContent($exp) {
1123 if ($exp) {
1124
1125 // Initialize:
1126 $lines = array();
1127 $head = '';
1128
1129 foreach ($this->globalSiteInfo as $k => $all) {
1130
1131 // Setting section header, if needed.
1132 if ($head != $all['siteInfo']['MAIN_DIR']) {
1133 $lines[] = '
1134 <h4 style="white-space: nowrap;">' . htmlspecialchars(t3lib_div::fixed_lgd_cs($all['siteInfo']['MAIN_DIR'], -18)) . '</h4>';
1135 $head = $all['siteInfo']['MAIN_DIR']; // Set new head...
1136 }
1137
1138 // Display mode:
1139 switch ($exp) {
1140 case 'update':
1141
1142 // Label:
1143 $label = $all['siteInfo']['sitename'] ? $all['siteInfo']['sitename'] : '(DB: ' . $all['siteInfo']['TYPO3_db'] . ')';
1144 $lines[] = '
1145 <hr />
1146 <strong>' . htmlspecialchars($label) . '</strong> (' . htmlspecialchars(substr($all['siteInfo']['SA_PATH'], strlen($all['siteInfo']['MAIN_DIR']) + 1)) . ')<br />';
1147
1148 // To avoid "visited links" display on next hit:
1149 $tempVal = '&_someUniqueValue=' . $GLOBALS['EXEC_TIME'];
1150
1151 // Add links for update:
1152 $url = $this->scriptName . '?type=page&show=rmTempCached&exp=' . $k . $tempVal;
1153 $lines[] = '<span style="white-space: nowrap;"><a href="' . htmlspecialchars($url) . '" target="TSApage">Remove temp_CACHED files</a></span>';
1154
1155 $url = $all['siteInfo']['INSTALL_URL'] . 'index.php?TYPO3_INSTALL[type]=database&TYPO3_INSTALL[database_type]=import|CURRENT_STATIC' . "&presetWholeTable=1" . $tempVal . '#bottom';
1156 $lines[] = '<span style="white-space: nowrap;"><a href="' . htmlspecialchars($url) . '" target="TSApage">CURRENT_STATIC</a></span>';
1157
1158 $url = $all['siteInfo']['INSTALL_URL'] . 'index.php?TYPO3_INSTALL[type]=database&TYPO3_INSTALL[database_type]=cmpFile|CURRENT_TABLES' . $tempVal . '#bottom';
1159 $lines[] = '<span style="white-space: nowrap;"><a href="' . htmlspecialchars($url) . '" target="TSApage">CURRENT_TABLES</a></span>';
1160
1161 // Cache
1162 $url = $all['siteInfo']['INSTALL_URL'] . 'index.php?TYPO3_INSTALL[type]=database&TYPO3_INSTALL[database_type]=cache|' .
1163 "&PRESET[database_clearcache][cache_pages]=1" .
1164 '&PRESET[database_clearcache][cache_pagesection]=1' .
1165 "&PRESET[database_clearcache][cache_hash]=1" .
1166 $tempVal .
1167 '#bottom';
1168 $lines[] = '<span style="white-space: nowrap;"><a href="' . htmlspecialchars($url) . '" target="TSApage">Clear cache</a></span>';
1169
1170 // Admin link
1171 $url = $all['siteInfo']['ADMIN_URL'] . 'index.php';
1172 $lines[] = '<span style="white-space: nowrap;"><a href="' . htmlspecialchars($url) . '" target="' . $this->targetWindowAdmin . '">Admin -></a></span>';
1173 break;
1174 case 'info':
1175 // item
1176 $label = $all['siteInfo']['sitename'] ? $all['siteInfo']['sitename'] : '(DB: ' . $all['siteInfo']['TYPO3_db'] . ')';
1177
1178 $url = $this->scriptName . '?type=page&show=info&exp=' . $k;
1179 $lines[] = '<span style="white-space: nowrap;"><a href="' . htmlspecialchars($url) . '" target="TSApage">' . htmlspecialchars($label) . '</a> (' . htmlspecialchars(substr($all['siteInfo']['SA_PATH'], strlen($all['siteInfo']['MAIN_DIR']) + 1)) . '/)</span>';
1180 break;
1181 }
1182 }
1183
1184 // Return result.
1185 return implode('<br />', $lines) . '<br />';
1186 }
1187 }
1188
1189 /**
1190 * Create list of admin logins.
1191 *
1192 * @return string HTML table
1193 */
1194 function makeAdminLogin() {
1195
1196 // Initialize:
1197 $lines = array();
1198 $head = '';
1199
1200 // Traverse installations found:
1201 foreach ($this->globalSiteInfo as $k => $all) {
1202
1203 // Setting section header, if needed.
1204 if ($head != $all['siteInfo']['MAIN_DIR']) {
1205 $lines[] = '
1206 <tr>
1207 <td colspan="2"><br />
1208 <h4>' . htmlspecialchars($all['siteInfo']['MAIN_DIR']) . '</h4>
1209 </td>
1210 </tr>';
1211 $head = $all['siteInfo']['MAIN_DIR'];
1212 }
1213
1214 // item
1215 $label = $all['siteInfo']['sitename'] ? $all['siteInfo']['sitename'] : '(DB: ' . $all['siteInfo']['TYPO3_db'] . ')';
1216 $unique = md5(microtime());
1217
1218 $opts = array();
1219 $defUName = '';
1220
1221 if (is_array($all['siteInfo']['ADMINS'])) {
1222
1223 foreach ($all['siteInfo']['ADMINS'] as $vArr) {
1224 $chalVal = md5($vArr['username'] . ':' . $vArr['password'] . ':' . $unique);
1225 $opts[] = '<option value="' . $chalVal . '">' . htmlspecialchars($vArr['username'] . ($vArr['disable'] ? ' [DISABLED]' : '')) . '</option>';
1226 if (!$defUName) {
1227 $defUName = $vArr['username'];
1228 }
1229 }
1230 }
1231 if (count($opts) > 1) {
1232 $userident = '
1233 <select name="userident" onchange="document[\'' . $k . '\'].username.value=this.options[this.selectedIndex].text;">
1234 ' . implode('
1235 ', $opts) . '
1236 </select>
1237 ';
1238 } else {
1239 $userident = '
1240 (' . $defUName . ')<br />
1241 <input type="hidden" name="userident" value="' . $chalVal . '" />';
1242 }
1243
1244 $form = '
1245 <form name="' . $k . '" action="' . $all['siteInfo']['ADMIN_URL'] . 'index.php" target="EXTERnalWindow" method="post">
1246 <input type="submit" name="submit" value="Login" />
1247 <input type="hidden" name="username" value="' . $defUName . '" />
1248 <input type="hidden" name="challenge" value="' . $unique . '" />
1249 <input type="hidden" name="redirect_url" value="" />
1250 <input type="hidden" name="login_status" value="login" />
1251 ' . trim($userident) . '
1252 </form>';
1253
1254 $lines[] = '
1255 <tr>
1256 <td><strong>' . htmlspecialchars($label) . '</strong></td>
1257 <td nowrap="nowrap">' . trim($form) . '</td>
1258 </tr>';
1259 }
1260
1261 // Return login table:
1262 return '<table border="1" cellpadding="5" cellspacing="1">' . implode('', $lines) . '</table>';
1263 }
1264
1265 /**
1266 * For for changing admin passwords
1267 *
1268 * @return string Form content.
1269 */
1270 function changeAdminPasswordsForm() {
1271 $content = '';
1272
1273 foreach ($this->changeAdminPasswords as $k => $p) {
1274 $content .= '
1275 <h3>' . $k . '</h3>';
1276
1277 foreach ($p as $kk => $pp) {
1278 $content .= '<span style="white-space: nowrap;">';
1279 $content .= '<input type="checkbox" name="SETFIELDS[]" value="' . $pp . '" /> ' . $pp . ' - ';
1280 $content .= htmlspecialchars(implode(' - ', $this->collectAdminPasswords[$k][$kk]));
1281 $content .= '</span><br />';
1282 }
1283 }
1284
1285 $content .= 'New password: <input type="text" name="NEWPASS" /><br />';
1286 $content .= 'New password (md5): <input type="text" name="NEWPASS_md5" /><br />
1287 (This overrules any plain password above!)
1288 <br />';
1289 $content = '
1290 <form action="' . htmlspecialchars($this->scriptName . '?type=page&show=admin') . '" method="post">
1291 ' . $content . '
1292 <input type="submit" name="Set" />
1293 </form>
1294 ';
1295
1296 return $content;
1297 }
1298
1299 /**
1300 * Setting new passwords
1301 *
1302 * @return string Status
1303 * @see changeAdminPasswordsForm()
1304 */
1305 function setNewPasswords() {
1306 $whichFields = t3lib_div::_POST('SETFIELDS');
1307 $pass = trim(t3lib_div::_POST('NEWPASS'));
1308 $passMD5 = t3lib_div::_POST('NEWPASS_md5');
1309
1310 $updatedFlag = 0;
1311 if (($pass || $passMD5) && is_array($whichFields)) {
1312 $pass = $passMD5 ? $passMD5 : md5($pass);
1313
1314 foreach ($whichFields as $values) {
1315 $parts = explode(':', $values);
1316 if (count($parts) > 2) {
1317 $key = $this->mapDBtoKey[$parts[0]];
1318 if ($key && isset($this->globalSiteInfo[$key]['siteInfo'])) {
1319 $error = $this->connectToDatabase($this->globalSiteInfo[$key]['siteInfo']);
1320 if (!$error) {
1321 $DB = $this->globalSiteInfo[$key]['siteInfo']['TYPO3_db'];
1322 $content .= '<h3>Updating ' . $DB . ':</h3>';
1323
1324 $query = $GLOBALS['TYPO3_DB']->UPDATEquery(
1325 'be_users',
1326 'uid=' . intval($parts[1]) . ' AND username="' . addslashes($parts[2]) . '" AND admin!=0',
1327 array('password' => $pass)
1328 ); // username/admin are added to security. But they are certainly redundant!!
1329 mysql($DB, $query);
1330
1331 $content .= 'Affected rows: ' . mysql_affected_rows() . '<br /><hr />';
1332 $updatedFlag = '1';
1333 }
1334 }
1335 }
1336 }
1337 }
1338
1339 $this->initProcess();
1340 return $content;
1341 }
1342 }
1343
1344 if (defined('TYPO3_MODE') && isset($GLOBALS['TYPO3_CONF_VARS'][TYPO3_MODE]['XCLASS']['t3lib/class.t3lib_superadmin.php'])) {
1345 include_once($GLOBALS['TYPO3_CONF_VARS'][TYPO3_MODE]['XCLASS']['t3lib/class.t3lib_superadmin.php']);
1346 }
1347
1348 ?>