69d12b374a2bc72370a04a29cc1a581eca0293f6
2 /***************************************************************
5 * (c) 2007-2008 Steffen Kamper <info@sk-typo3.de>
6 * Based on Newloginbox (c) 2002-2004 Kasper Skaarhoj <kasper@typo3.com>
10 * This script is part of the TYPO3 project. The TYPO3 project is
11 * free software; you can redistribute it and/or modify
12 * it under the terms of the GNU General Public License as published by
13 * the Free Software Foundation; either version 2 of the License, or
14 * (at your option) any later version.
16 * The GNU General Public License can be found at
17 * http://www.gnu.org/copyleft/gpl.html.
19 * This script is distributed in the hope that it will be useful,
20 * but WITHOUT ANY WARRANTY; without even the implied warranty of
21 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
22 * GNU General Public License for more details.
24 * This copyright notice MUST APPEAR in all copies of the script!
26 * The code was adapted from newloginbox, see manual for detailed description
27 ***************************************************************/
29 require_once(PATH_tslib
.'class.tslib_pibase.php');
33 * Plugin 'Website User Login' for the 'felogin' extension.
35 * @author Steffen Kamper <info@sk-typo3.de>
37 * @subpackage tx_felogin
39 class tx_felogin_pi1
extends tslib_pibase
{
40 var $prefixId = 'tx_felogin_pi1'; // Same as class name
41 var $scriptRelPath = 'pi1/class.tx_felogin_pi1.php'; // Path to this script relative to the extension dir.
42 var $extKey = 'felogin'; // The extension key.
43 var $pi_checkCHash = true;
44 var $userIsLoggedIn; // Is user logged in?
50 * The main method of the plugin
52 * @param string $content: The PlugIn content
53 * @param array $conf: The PlugIn configuration
55 * @return string The content that is displayed on the website
57 public function main($content,$conf) {
59 // Loading TypoScript array into object variable:
61 $this->uploadDir
= 'uploads/tx_felogin/';
63 // Loading language-labels
66 // Init FlexForm configuration for plugin:
67 $this->pi_initPIflexForm();
68 $this->mergeflexFormValuesIntoConf();
72 if ($this->conf
['storagePid']) {
73 $this->spid
= $this->conf
['storagePid'];
75 $pids = $GLOBALS['TSFE']->getStorageSiterootPids();
76 $this->spid
= $pids['_STORAGE_PID'];
80 $this->logintype
= t3lib_div
::_GP('logintype');
81 $this->redirectUrl
= t3lib_div
::_GP('redirect_url');
86 $templateFile = $this->conf
['templateFile'] ?
$this->conf
['templateFile'] : 'EXT:felogin/template.html';
87 $this->template
= $this->cObj
->fileResource($templateFile);
90 $this->userIsLoggedIn
= $GLOBALS['TSFE']->loginUser
;
93 if ($this->conf
['redirectMode'] && !$this->conf
['redirectDisable']) {
94 $this->redirectUrl
= $this->processRedirect();
100 if ($this->piVars
['forgot']) {
101 $content .= $this->showForgot();
103 if($this->userIsLoggedIn
&& !$this->logintype
) {
104 $content .= $this->showLogout();
106 $content .= $this->showLogin();
112 // Process the redirect
113 if (($this->logintype
=== 'login' ||
$this->logintype
=== 'logout') && $this->redirectUrl
) {
114 if (!$GLOBALS['TSFE']->fe_user
->cookieId
) {
115 $content .= '<p style="color:red; font-weight:bold;">' . $this->pi_getLL('cookie_warning', '', 1) . '</p>';
117 header('Location: '.t3lib_div
::locationHeaderUrl($this->redirectUrl
));
121 return $this->conf
['wrapContentInBaseClass'] ?
$this->pi_wrapInBaseClass($content) : $content;
126 * Shows the forgot password form
128 * @return string content
130 private function showForgot() {
131 $subpart = $this->cObj
->getSubpart($this->template
, '###TEMPLATE_FORGOT###');
132 if ($this->piVars
['forgot_email']) {
133 if (t3lib_div
::validEmail($this->piVars
['forgot_email'])) {
134 // look for user record and send the password
135 $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery(
136 'uid, username, password',
138 'email='.$GLOBALS['TYPO3_DB']->fullQuoteStr($this->piVars
['forgot_email'], 'fe_users').' AND pid IN ('.$GLOBALS['TYPO3_DB']->cleanIntList($this->spid
).') '.$this->cObj
->enableFields('fe_users')
141 if ($GLOBALS['TYPO3_DB']->sql_num_rows($res)) {
142 $row = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res);
143 $msg = sprintf($this->pi_getLL('ll_forgot_email_password', '', 0), $this->piVars
['forgot_email'], $row['username'], $row['password']);
145 $msg = sprintf($this->pi_getLL('ll_forgot_email_nopassword', '', 0), $this->piVars
['forgot_email']);
149 // Generate new password with md5 and save it in user record
150 if ($GLOBALS['TYPO3_DB']->sql_num_rows($res) && t3lib_extMgm
::isLoaded('kb_md5fepw')) {
151 $newPass = $this->generatePassword(8);
152 $res = $GLOBALS['TYPO3_DB']->exec_UPDATEquery(
154 'uid=' . $row['uid'],
155 array('password' => md5($newPass))
157 $msg = sprintf($this->pi_getLL('ll_forgot_email_password', '', 0),$this->piVars
['forgot_email'], $row['username'], $newPass);
160 $this->cObj
->sendNotifyEmail($msg, $this->piVars
['forgot_email'], '', $this->conf
['email_from'], $this->conf
['email_fromName'], $this->conf
['replyTo']);
161 $markerArray['###STATUS_MESSAGE###'] = sprintf($this->pi_getLL('ll_forgot_message_emailSent', '', 1),'<em>' . htmlspecialchars($this->piVars
['forgot_email']) .'</em>');
162 $subpartArray['###FORGOT_FORM###'] = '';
167 $markerArray['###STATUS_MESSAGE###'] = $this->getDisplayText('forgot_message',$this->conf
['forgotMessage_stdWrap.']);
168 $markerArray['###BACKLINK_LOGIN###'] = '';
171 $markerArray['###STATUS_MESSAGE###'] = $this->getDisplayText('forgot_message',$this->conf
['forgotMessage_stdWrap.']);
172 $markerArray['###BACKLINK_LOGIN###'] = '';
175 $markerArray['###BACKLINK_LOGIN###'] = $this->getPageLink($this->pi_getLL('ll_forgot_header_backToLogin', '', 1), array());
176 $markerArray['###STATUS_HEADER###'] = $this->getDisplayText('forgot_header',$this->conf
['forgotHeader_stdWrap.']);
178 $markerArray['###LEGEND###'] = $this->pi_getLL('send_password', '', 1);
179 $markerArray['###ACTION_URI###'] = $this->getPageLink('',array($this->prefixId
.'[forgot]'=>1),true);
180 $markerArray['###EMAIL_LABEL###'] = $this->pi_getLL('your_email', '', 1);
181 $markerArray['###FORGOT_PASSWORD_ENTEREMAIL###'] = $this->pi_getLL('forgot_password_enterEmail', '', 1);
182 $markerArray['###FORGOT_EMAIL###'] = $this->prefixId
.'[forgot_email]';
183 $markerArray['###SEND_PASSWORD###'] = $this->pi_getLL('send_password', '', 1);
185 return $this->cObj
->substituteMarkerArrayCached($subpart, $markerArray, $subpartArray, $linkpartArray);
191 * @return string The content.
193 private function showLogout() {
194 $subpart = $this->cObj
->getSubpart($this->template
, '###TEMPLATE_LOGOUT###');
196 $markerArray['###STATUS_HEADER###'] = $this->getDisplayText('status_header',$this->conf
['logoutHeader_stdWrap.']);
197 $markerArray['###STATUS_MESSAGE###']=$this->getDisplayText('status_message',$this->conf
['logoutMessage_stdWrap.']);$this->cObj
->stdWrap($this->flexFormValue('message','s_status'),$this->conf
['logoutMessage_stdWrap.']);
199 $markerArray['###LEGEND###'] = $this->pi_getLL('logout', '', 1);
200 $markerArray['###ACTION_URI###'] = $this->getPageLink('',array(),true);
201 $markerArray['###LOGOUT_LABEL###'] = $this->pi_getLL('logout', '', 1);
202 $markerArray['###NAME###'] = htmlspecialchars($GLOBALS['TSFE']->fe_user
->user
['name']);
203 $markerArray['###STORAGE_PID###'] = $this->spid
;
204 $markerArray['###USERNAME###'] = htmlspecialchars($GLOBALS['TSFE']->fe_user
->user
['username']);
205 $markerArray['###USERNAME_LABEL###'] = $this->pi_getLL('username', '', 1);
207 return $this->cObj
->substituteMarkerArrayCached($subpart, $markerArray, $subpartArray, $linkpartArray);
213 * @return string content
215 private function showLogin() {
216 $subpart = $this->cObj
->getSubpart($this->template
, '###TEMPLATE_LOGIN###');
218 $markerArray['###LEGEND###'] = $this->pi_getLL('oLabel_header_welcome', '', 1);
220 if($this->logintype
=== 'login') {
221 if($this->userIsLoggedIn
) {
223 $markerArray['###STATUS_HEADER###'] = $this->getDisplayText('success_header',$this->conf
['successHeader_stdWrap.']);
224 $markerArray['###STATUS_MESSAGE###'] = str_replace('###USER###',htmlspecialchars($GLOBALS['TSFE']->fe_user
->user
['username']),$this->getDisplayText('success_message',$this->conf
['successMessage_stdWrap.']));
225 $subpartArray['###LOGIN_FORM###'] = '';
227 // Hook for general actions after after login has been confirmed (by Thomas Danzl <thomas@danzl.org>)
228 if ($GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['felogin']['login_confirmed']) {
230 foreach($GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['felogin']['login_confirmed'] as $_funcRef) {
232 t3lib_div
::callUserFunction($_funcRef, $_params, $this);
239 $markerArray['###STATUS_HEADER###'] = $this->getDisplayText('error_header',$this->conf
['errorHeader_stdWrap.']);
240 $markerArray['###STATUS_MESSAGE###'] = $this->getDisplayText('error_message',$this->conf
['errorMesssage_stdWrap.']);
243 if($this->logintype
=== 'logout') {
244 // login form after logout
245 $markerArray['###STATUS_HEADER###'] = $this->getDisplayText('logout_header',$this->conf
['welcomeHeader_stdWrap.']);
246 $markerArray['###STATUS_MESSAGE###'] = $this->getDisplayText('logout_message',$this->conf
['welcomeMessage_stdWrap.']);
249 $markerArray['###STATUS_HEADER###'] = $this->getDisplayText('welcome_header',$this->conf
['welcomeHeader_stdWrap.']);
250 $markerArray['###STATUS_MESSAGE###'] = $this->getDisplayText('welcome_message',$this->conf
['welcomeMessage_stdWrap.']);
255 // Hook (used by kb_md5fepw extension by Kraft Bernhard <kraftb@gmx.net>)
256 // This hook allows to call User JS functions.
257 // The methods should also set the required JS functions to get included
260 if (is_array($GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['felogin']['loginFormOnSubmitFuncs'])) {
262 $onSubmitAr = array();
263 $extraHiddenAr = array();
264 foreach($GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['felogin']['loginFormOnSubmitFuncs'] as $funcRef) {
265 list($onSub, $hid) = t3lib_div
::callUserFunction($funcRef, $_params, $this);
266 $onSubmitAr[] = $onSub;
267 $extraHiddenAr[] = $hid;
270 if (count($onSubmitAr)) {
271 $onSubmit = implode('; ', $onSubmitAr).'; return true;';
272 $extraHidden = implode(chr(10), $extraHiddenAr);
276 $markerArray['###ACTION_URI###'] = $this->getPageLink('',array(),true);
277 $markerArray['###EXTRA_HIDDEN###'] = $extraHidden; // used by kb_md5fepw extension...
278 $markerArray['###LEGEND###'] = $this->pi_getLL('login', '', 1);
279 $markerArray['###LOGIN_LABEL###'] = $this->pi_getLL('login', '', 1);
280 $markerArray['###ON_SUBMIT###'] = $onSubmit; // used by kb_md5fepw extension...
281 $markerArray['###PASSWORD_LABEL###'] = $this->pi_getLL('password', '', 1);
282 $markerArray['###STORAGE_PID###'] = $this->spid
;
283 $markerArray['###USERNAME_LABEL###'] = $this->pi_getLL('username', '', 1);
284 $markerArray['###REDIRECT_URL###'] = $this->redirectUrl
;
286 if ($this->flexFormValue('showForgotPassword','sDEF')) {
287 $linkpartArray['###FORGOT_PASSWORD_LINK###'] = explode('|',$this->getPageLink('|',array($this->prefixId
.'[forgot]'=>1)));
288 $markerArray['###FORGOT_PASSWORD###'] = $this->pi_getLL('ll_forgot_header', '', 1);
290 $subpartArray['###FORGOTP_VALID###'] = '';
295 if (($this->conf
['showPermaLogin']) && ($GLOBALS['TYPO3_CONF_VARS']['FE']['permalogin'] == 0 ||
$GLOBALS['TYPO3_CONF_VARS']['FE']['permalogin'] == 1) && $GLOBALS['TYPO3_CONF_VARS']['FE']['lifetime'] > 0) {
296 $markerArray['###PERMALOGIN###'] = $this->pi_getLL('permalogin', '', 1);
297 if($GLOBALS['TYPO3_CONF_VARS']['FE']['permalogin'] == 1) {
298 $markerArray['###PERMALOGIN_HIDDENFIELD_ATTRIBUTES###'] = 'disabled="disabled"';
299 $markerArray['###PERMALOGIN_CHECKBOX_ATTRIBUTES###'] = 'checked="checked"';
301 $markerArray['###PERMALOGIN_HIDDENFIELD_ATTRIBUTES###'] = '';
302 $markerArray['###PERMALOGIN_CHECKBOX_ATTRIBUTES###'] = '';
305 $subpartArray['###PERMALOGIN_VALID###'] = '';
307 return $this->cObj
->substituteMarkerArrayCached($subpart, $markerArray, $subpartArray, $linkpartArray);
311 * Process redirect methods. The function searches for a redirect url using all configured methods.
313 * @return string redirect url
315 private function processRedirect() {
316 if ($this->conf
['redirectMode']) {
317 foreach (explode(',',$this->conf
['redirectMode']) as $redirMethod) {
318 if ($GLOBALS['TSFE']->loginUser
&& $this->logintype
=== 'login') {
319 // logintype is needed because the login-page wouldn't be accessible anymore after a login (would always redirect)
320 switch ($redirMethod) {
321 case 'groupLogin': // taken from dkd_redirect_at_login written by Ingmar Schlecht; database-field changed
322 $groupData = $GLOBALS['TSFE']->fe_user
->groupData
;
323 $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery(
324 'felogin_redirectPid',
325 $GLOBALS['TSFE']->fe_user
->usergroup_table
,
326 'felogin_redirectPid!="" AND uid IN ('.implode(',',$groupData['uid']).')'
328 if ($row = $GLOBALS['TYPO3_DB']->sql_fetch_row($res)) {
329 $redirect_url = $this->pi_getPageLink($row[0],array(),true); // take the first group with a redirect page
333 $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery(
334 'felogin_redirectPid',
335 $GLOBALS['TSFE']->fe_user
->user_table
,
336 $GLOBALS['TSFE']->fe_user
->userid_column
. '=' . $GLOBALS['TSFE']->fe_user
->user
['uid'] . ' AND felogin_redirectPid!=""'
338 if ($row = $GLOBALS['TYPO3_DB']->sql_fetch_row($res)) {
339 $redirect_url = $this->pi_getPageLink($row[0],array(),true);
343 if ($this->conf
['redirectPageLogin']) {
344 $redirect_url = $this->pi_getPageLink(intval($this->conf
['redirectPageLogin']),array(),true);
348 $redirect_url = $this->redirectUrl
;
351 $redirect_url = t3lib_div
::getIndpEnv('HTTP_REFERER');
352 // avoid forced logout, when trying to login immediatly after a logout
353 $redirect_url = ereg_replace("[&?]logintype=[a-z]+", '', $redirect_url);
355 case 'refererDomains':
357 // Feature to redirect to the page where the user came from (HTTP_REFERER).
358 // Allowed domains to redirect to, can be configured with plugin.tx_felogin_pi1.domains
359 // Thanks to plan2.net / Martin Kutschker for implementing this feature.
360 if (!$redirect_url && $this->conf
['domains']) {
361 $redirect_url = t3lib_div
::getIndpEnv('HTTP_REFERER');
362 // is referring url allowed to redirect?
364 if (ereg('^http://([[:alnum:]._-]+)/', $redirect_url, $match)) {
365 $redirect_domain = $match[1];
367 foreach(split(',', $this->conf
['domains']) as $d) {
368 if (ereg('(^|\.)'.$d.'$', $redirect_domain)) {
378 // Avoid forced logout, when trying to login immediatly after a logout
379 $redirect_url = ereg_replace("[&?]logintype=[a-z]+", "", $redirect_url);
383 } else if ($this->logintype
=== 'login') { // after login-error
384 switch ($redirMethod) {
386 if ($this->conf
['redirectPageLoginError']) {
387 $redirect_url = $this->pi_getPageLink(intval($this->conf
['redirectPageLoginError']), array(), true);
391 } elseif ($this->logintype
=== 'logout') { // after logout
393 // Hook for general actions after after logout has been confirmed
394 if ($GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['felogin']['logout_confirmed']) {
396 foreach($GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['felogin']['logout_confirmed'] as $_funcRef) {
398 t3lib_div
::callUserFunction($_funcRef, $_params, $this);
403 switch ($redirMethod) {
405 if ($this->conf
['redirectPageLogout']) {
406 $redirect_url = $this->pi_getPageLink(intval($this->conf
['redirectPageLogout']), array(), true);
410 } else { // not logged in
411 // Placeholder for maybe future options
412 switch ($redirMethod) {
416 if ($redirect_url && $this->conf
['redirectFirstMethod']) {
421 return $redirect_url;
425 * Reads flexform configuration and merge it with $this->conf
429 private function mergeflexFormValuesIntoConf() {
431 if ($this->flexFormValue('showForgotPassword', 'sDEF'))
432 $flex['showForgotPassword'] = $this->flexFormValue('showForgotPassword','sDEF');
434 if ($this->flexFormValue('showPermaLogin', 'sDEF'))
435 $flex['showPermaLogin'] = $this->flexFormValue('showPermaLogin', 'sDEF');
437 if ($this->flexFormValue('pages', 'sDEF'))
438 $flex['pages'] = $this->flexFormValue('pages', 'sDEF');
440 if ($this->flexFormValue('recursive', 'sDEF'))
441 $flex['recursive'] = $this->flexFormValue('recursive', 'sDEF');
443 if ($this->flexFormValue('templateFile', 'sDEF'))
444 $flex['templateFile'] = $this->uploadDir
. $this->flexFormValue('templateFile', 'sDEF');
446 if ($this->flexFormValue('redirectMode', 's_redirect'))
447 $flex['redirectMode'] = $this->flexFormValue('redirectMode', 's_redirect');
449 if ($this->flexFormValue('redirectFirstMethod', 's_redirect'))
450 $flex['redirectFirstMethod'] = $this->flexFormValue('redirectFirstMethod', 's_redirect');
452 if ($this->flexFormValue('redirectDisable', 's_redirect'))
453 $flex['redirectDisable'] = $this->flexFormValue('redirectDisable', 's_redirect');
455 if ($this->flexFormValue('redirectPageLogin', 's_redirect'))
456 $flex['redirectPageLogin'] = $this->flexFormValue('redirectPageLogin', 's_redirect');
458 if ($this->flexFormValue('redirectPageLoginError', 's_redirect'))
459 $flex['redirectPageLoginError'] = $this->flexFormValue('redirectPageLoginError','s_redirect');
461 if ($this->flexFormValue('redirectPageLogout', 's_redirect'))
462 $flex['redirectPageLogout'] = $this->flexFormValue('redirectPageLogout', 's_redirect');
464 $pid = $flex['pages'] ?
$this->pi_getPidList($flex['pages'], $flex['recursive']) : 0;
466 $flex['storagePid'] = $pid;
469 $this->conf
= array_merge($this->conf
, $flex);
473 * Loads a variable from the flexform
475 * @param string name of variable
476 * @param string name of sheet
477 * @return string value of var
479 private function flexFormValue($var, $sheet) {
480 return $this->pi_getFFvalue($this->cObj
->data
['pi_flexform'], $var,$sheet);
484 * Generate link with typolink function
486 * @param string linktext
487 * @param array link vars
488 * @param boolean true: returns only url false (default) returns the link)
490 * @return string link or url
492 private function getPageLink($label, $piVars,$returnUrl = false) {
493 $additionalParams = '';
495 if (count($piVars)) {
496 foreach($piVars as $key=>$val) {
497 $additionalParams .= '&' . $key . '=' . $val;
500 // should GETvars be preserved?
501 if ($this->conf
['preserveGETvars']) {
502 $additionalParams .= $this->getPreserveGetVars();
505 $this->conf
['linkConfig.']['parameter'] = $GLOBALS['TSFE']->id
;
506 if ($additionalParams) {
507 $this->conf
['linkConfig.']['additionalParams'] = $additionalParams;
511 return $this->cObj
->typolink_url($this->conf
['linkConfig.']);
513 return $this->cObj
->typolink($label,$this->conf
['linkConfig.']);
518 * Is used by TS-setting preserveGETvars
519 * possible values are "all" or a commaseperated list of GET-vars
520 * they are used as additionalParams for link generation
522 * @return string additionalParams-string
524 private function getPreserveGetVars() {
527 $preserveVars =! ($this->conf
['preserveGETvars'] ||
$this->conf
['preserveGETvars']=='all' ?
array() : implode(',', (array)$this->conf
['preserveGETvars']));
528 $getVars = t3lib_div
::_GET();
530 foreach ($getVars as $key=>$val) {
531 if (stristr($key,$this->prefixId
) === false) {
532 if (is_array($val)) {
533 foreach ($val as $key1=>$val1) {
534 if ($this->conf
['preserveGETvars']=='all' ||
in_array($key.'['.$key1.']',$preserveVars)) {
535 $params.='&'.$key.'['.$key1.']='.$val1;
539 if (!in_array($key,array('id','no_cache','logintype','redirect_url','cHash'))) {
540 $params.='&'.$key.'='.$val;
549 * Is used by forgot password - function with md5 option.
551 * @author Bernhard Kraft
553 * @param int length of new password
554 * @return string new password
556 private function generatePassword($len) {
563 $pass .= chr($char-10+
97);
570 * Returns the header / message value from flexform if present, else from locallang.xml
572 * @param string label name
573 * @param string TS stdWrap array
574 * @return string label text
576 private function getDisplayText($label, $stdWrapArray=array()) {
577 return $this->flexFormValue($label,'s_messages') ?
$this->cObj
->stdWrap($this->flexFormValue($label,'s_messages'),$stdWrapArray) : $this->cObj
->stdWrap($this->pi_getLL('ll_'.$label, '', 1), $stdWrapArray);
583 if (defined('TYPO3_MODE') && $TYPO3_CONF_VARS[TYPO3_MODE
]['XCLASS']['ext/felogin/pi1/class.tx_felogin_pi1.php']) {
584 include_once($TYPO3_CONF_VARS[TYPO3_MODE
]['XCLASS']['ext/felogin/pi1/class.tx_felogin_pi1.php']);