[FEATURE] Create BE-user in installation wizard with a salted password
[Packages/TYPO3.CMS.git] / typo3 / sysext / install / Classes / Controller / Action / Step / DatabaseData.php
1 <?php
2 namespace TYPO3\CMS\Install\Controller\Action\Step;
3
4 /***************************************************************
5 * Copyright notice
6 *
7 * (c) 2013 Christian Kuhn <lolli@schwarzbu.ch>
8 * All rights reserved
9 *
10 * This script is part of the TYPO3 project. The TYPO3 project is
11 * free software; you can redistribute it and/or modify
12 * it under the terms of the GNU General Public License as published by
13 * the Free Software Foundation; either version 2 of the License, or
14 * (at your option) any later version.
15 *
16 * The GNU General Public License can be found at
17 * http://www.gnu.org/copyleft/gpl.html.
18 *
19 * This script is distributed in the hope that it will be useful,
20 * but WITHOUT ANY WARRANTY; without even the implied warranty of
21 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
22 * GNU General Public License for more details.
23 *
24 * This copyright notice MUST APPEAR in all copies of the script!
25 ***************************************************************/
26
27 use TYPO3\CMS\Install\Controller\Action;
28
29 /**
30 * Populate base tables, insert admin user, set install tool password
31 */
32 class DatabaseData extends Action\AbstractAction implements StepInterface {
33
34 /**
35 * Import tables and data, create admin user, create install tool password
36 *
37 * @return array<\TYPO3\CMS\Install\Status\StatusInterface>
38 */
39 public function execute() {
40 $result = array();
41
42 /** @var \TYPO3\CMS\Core\Configuration\ConfigurationManager $configurationManager */
43 $configurationManager = $this->objectManager->get('TYPO3\\CMS\\Core\\Configuration\\ConfigurationManager');
44
45 $postValues = $this->postValues['values'];
46
47 $username = strlen($postValues['username']) ? $postValues['username'] : 'admin';
48
49 // Check password and return early if not good enough
50 $password = $postValues['password'];
51 if (strlen($password) < 8) {
52 $errorStatus = $this->objectManager->get('TYPO3\\CMS\\Install\\Status\\ErrorStatus');
53 $errorStatus->setTitle('Administrator password not good enough!');
54 $errorStatus->setMessage(
55 'You are setting an important password here! It gives an attacker full control over your instance if cracked.' .
56 ' It should be strong (include lower and upper case characters, special characters and numbers) and must be at least eight characters long.'
57 );
58 $result[] = $errorStatus;
59 return $result;
60 }
61
62 // Set site name
63 if (!empty($postValues['sitename'])) {
64 $configurationManager->setLocalConfigurationValueByPath('SYS/sitename', $postValues['sitename']);
65 }
66
67 $this->importDatabaseData();
68
69 // Insert admin user
70 $hashedPassword = $this->getHashedPassword($password);
71 $adminUserFields = array(
72 'username' => $username,
73 'password' => $hashedPassword,
74 'admin' => 1,
75 'tstamp' => $GLOBALS['EXEC_TIME'],
76 'crdate' => $GLOBALS['EXEC_TIME']
77 );
78 $this->getDatabase()->exec_INSERTquery('be_users', $adminUserFields);
79
80 // Set password as install tool password
81 $configurationManager->setLocalConfigurationValueByPath('BE/installToolPassword', md5($password));
82
83 return $result;
84 }
85
86 /**
87 * Step needs to be executed if there are no tables in database
88 *
89 * @return boolean
90 */
91 public function needsExecution() {
92 $result = FALSE;
93 $existingTables = $this->getDatabase()->admin_get_tables();
94 if (count($existingTables) === 0) {
95 $result = TRUE;
96 }
97 return $result;
98 }
99
100 /**
101 * Render this step
102 *
103 * @return string
104 */
105 public function handle() {
106 $this->initializeHandle();
107 return $this->view->render();
108 }
109
110 /**
111 * Create tables and import static rows
112 *
113 * @return void
114 */
115 protected function importDatabaseData() {
116 // Will load ext_localconf and ext_tables. This is pretty safe here since we are
117 // in first install (database empty), so it is very likely that no extension is loaded
118 // that could trigger a fatal at this point.
119 $this->loadExtLocalconfDatabaseAndExtTables();
120
121 // Import database data
122 $database = $this->getDatabase();
123 /** @var \TYPO3\CMS\Install\Service\SqlSchemaMigrationService $schemaMigrationService */
124 $schemaMigrationService = $this->objectManager->get('TYPO3\\CMS\\Install\\Service\\SqlSchemaMigrationService');
125 /** @var \TYPO3\CMS\Install\Service\SqlExpectedSchemaService $expectedSchemaService */
126 $expectedSchemaService = $this->objectManager->get('TYPO3\\CMS\\Install\\Service\\SqlExpectedSchemaService');
127
128 // Raw concatenated ext_tables.sql and friends string
129 $expectedSchemaString = $expectedSchemaService->getTablesDefinitionString(TRUE);
130 $statements = $schemaMigrationService->getStatementArray($expectedSchemaString, TRUE);
131 list($_, $insertCount) = $schemaMigrationService->getCreateTables($statements, TRUE);
132
133 $fieldDefinitionsFile = $schemaMigrationService->getFieldDefinitions_fileContent($expectedSchemaString);
134 $fieldDefinitionsDatabase = $schemaMigrationService->getFieldDefinitions_database();
135 $difference = $schemaMigrationService->getDatabaseExtra($fieldDefinitionsFile, $fieldDefinitionsDatabase);
136 $updateStatements = $schemaMigrationService->getUpdateSuggestions($difference);
137
138 $schemaMigrationService->performUpdateQueries($updateStatements['add'], $updateStatements['add']);
139 $schemaMigrationService->performUpdateQueries($updateStatements['change'], $updateStatements['change']);
140 $schemaMigrationService->performUpdateQueries($updateStatements['create_table'], $updateStatements['create_table']);
141
142 foreach ($insertCount as $table => $count) {
143 $insertStatements = $schemaMigrationService->getTableInsertStatements($statements, $table);
144 foreach ($insertStatements as $insertQuery) {
145 $insertQuery = rtrim($insertQuery, ';');
146 $database->admin_query($insertQuery);
147 }
148 }
149 }
150 }
151 ?>