[BUGFIX] Wrong icon in db_new tree
[Packages/TYPO3.CMS.git] / typo3 / sysext / backend / Classes / Controller / LoginController.php
1 <?php
2 namespace TYPO3\CMS\Backend\Controller;
3
4 /**
5 * Script Class for rendering the login form
6 *
7 * @author Kasper Skårhøj <kasperYYYY@typo3.com>
8 * @package TYPO3
9 * @subpackage core
10 */
11 class LoginController {
12
13 const SIGNAL_RenderLoginForm = 'renderLoginForm';
14 // Internal, GPvars:
15 // GPvar: redirect_url; The URL to redirect to after login.
16 /**
17 * @todo Define visibility
18 */
19 public $redirect_url;
20
21 // GPvar: Defines which interface to load (from interface selector)
22 /**
23 * @todo Define visibility
24 */
25 public $GPinterface;
26
27 // GPvar: preset username
28 /**
29 * @todo Define visibility
30 */
31 public $u;
32
33 // GPvar: preset password
34 /**
35 * @todo Define visibility
36 */
37 public $p;
38
39 // GPvar: If "L" is "OUT", then any logged in used is logged out. If redirect_url is given, we redirect to it
40 /**
41 * @todo Define visibility
42 */
43 public $L;
44
45 // Login-refresh boolean; The backend will call this script with this value set when the login is close to being expired and the form needs to be redrawn.
46 /**
47 * @todo Define visibility
48 */
49 public $loginRefresh;
50
51 // Value of forms submit button for login.
52 /**
53 * @todo Define visibility
54 */
55 public $commandLI;
56
57 // Internal, static:
58 // Set to the redirect URL of the form (may be redirect_url or "backend.php")
59 /**
60 * @todo Define visibility
61 */
62 public $redirectToURL;
63
64 // Internal, dynamic:
65 // Content accumulation
66 /**
67 * @todo Define visibility
68 */
69 public $content;
70
71 // A selector box for selecting value for "interface" may be rendered into this variable
72 /**
73 * @todo Define visibility
74 */
75 public $interfaceSelector;
76
77 // A selector box for selecting value for "interface" may be rendered into this variable
78 // this will have an onchange action which will redirect the user to the selected interface right away
79 /**
80 * @todo Define visibility
81 */
82 public $interfaceSelector_jump;
83
84 // A hidden field, if the interface is not set.
85 /**
86 * @todo Define visibility
87 */
88 public $interfaceSelector_hidden;
89
90 // Additional hidden fields to be placed at the login form
91 /**
92 * @todo Define visibility
93 */
94 public $addFields_hidden = '';
95
96 // sets the level of security. *'normal' = clear-text. 'challenged' = hashed
97 // password/username from form in $formfield_uident. 'superchallenged' = hashed password hashed again with username.
98 /**
99 * @todo Define visibility
100 */
101 public $loginSecurityLevel = 'superchallenged';
102
103 /**
104 * @var \TYPO3\CMS\Extbase\SignalSlot\Dispatcher
105 */
106 protected $signalSlotDispatcher;
107
108 /**
109 * Initialize the login box. Will also react on a &L=OUT flag and exit.
110 *
111 * @return void
112 * @todo Define visibility
113 */
114 public function init() {
115 // We need a PHP session session for most login levels
116 session_start();
117 $this->redirect_url = \TYPO3\CMS\Core\Utility\GeneralUtility::sanitizeLocalUrl(\TYPO3\CMS\Core\Utility\GeneralUtility::_GP('redirect_url'));
118 $this->GPinterface = \TYPO3\CMS\Core\Utility\GeneralUtility::_GP('interface');
119 // Grabbing preset username and password, for security reasons this feature only works if SSL is used
120 if (\TYPO3\CMS\Core\Utility\GeneralUtility::getIndpEnv('TYPO3_SSL')) {
121 $this->u = \TYPO3\CMS\Core\Utility\GeneralUtility::_GP('u');
122 $this->p = \TYPO3\CMS\Core\Utility\GeneralUtility::_GP('p');
123 }
124 // If "L" is "OUT", then any logged in is logged out. If redirect_url is given, we redirect to it
125 $this->L = \TYPO3\CMS\Core\Utility\GeneralUtility::_GP('L');
126 // Login
127 $this->loginRefresh = \TYPO3\CMS\Core\Utility\GeneralUtility::_GP('loginRefresh');
128 // Value of "Login" button. If set, the login button was pressed.
129 $this->commandLI = \TYPO3\CMS\Core\Utility\GeneralUtility::_GP('commandLI');
130 // Sets the level of security from conf vars
131 if ($GLOBALS['TYPO3_CONF_VARS']['BE']['loginSecurityLevel']) {
132 $this->loginSecurityLevel = $GLOBALS['TYPO3_CONF_VARS']['BE']['loginSecurityLevel'];
133 }
134 // Try to get the preferred browser language
135 $preferredBrowserLanguage = $GLOBALS['LANG']->csConvObj->getPreferredClientLanguage(\TYPO3\CMS\Core\Utility\GeneralUtility::getIndpEnv('HTTP_ACCEPT_LANGUAGE'));
136 // If we found a $preferredBrowserLanguage and it is not the default language and no be_user is logged in
137 // initialize $GLOBALS['LANG'] again with $preferredBrowserLanguage
138 if ($preferredBrowserLanguage != 'default' && !$GLOBALS['BE_USER']->user['uid']) {
139 $GLOBALS['LANG']->init($preferredBrowserLanguage);
140 }
141 $GLOBALS['LANG']->includeLLFile('EXT:lang/locallang_login.xml');
142 // Setting the redirect URL to "backend.php" if no alternative input is given
143 $this->redirectToURL = $this->redirect_url ? $this->redirect_url : 'backend.php';
144 // Do a logout if the command is set
145 if ($this->L == 'OUT' && is_object($GLOBALS['BE_USER'])) {
146 $GLOBALS['BE_USER']->logoff();
147 if ($this->redirect_url) {
148 \TYPO3\CMS\Core\Utility\HttpUtility::redirect($this->redirect_url);
149 }
150 die;
151 }
152 }
153
154 /**
155 * Main function - creating the login/logout form
156 *
157 * @return void
158 * @todo Define visibility
159 */
160 public function main() {
161 // Initialize template object:
162 $GLOBALS['TBE_TEMPLATE']->bodyTagAdditions = ' onload="startUp();"';
163 $GLOBALS['TBE_TEMPLATE']->moduleTemplate = $GLOBALS['TBE_TEMPLATE']->getHtmlTemplate('templates/login.html');
164 $GLOBALS['TBE_TEMPLATE']->getPageRenderer()->loadExtJS();
165 $GLOBALS['TBE_TEMPLATE']->getPageRenderer()->loadPrototype();
166 $GLOBALS['TBE_TEMPLATE']->getPageRenderer()->loadScriptaculous();
167 // Set JavaScript for creating a MD5 hash of the password:
168 $GLOBALS['TBE_TEMPLATE']->JScode .= $this->getJScode();
169 // Checking, if we should make a redirect.
170 // Might set JavaScript in the header to close window.
171 $this->checkRedirect();
172 // Initialize interface selectors:
173 $this->makeInterfaceSelectorBox();
174 // Creating form based on whether there is a login or not:
175 if (!$GLOBALS['BE_USER']->user['uid']) {
176 $GLOBALS['TBE_TEMPLATE']->form = $this->startForm();
177 $loginForm = $this->makeLoginForm();
178 } else {
179 $GLOBALS['TBE_TEMPLATE']->form = '
180 <form action="index.php" method="post" name="loginform">
181 <input type="hidden" name="login_status" value="logout" />
182 ';
183 $loginForm = $this->makeLogoutForm();
184 }
185 // Starting page:
186 $this->content .= $GLOBALS['TBE_TEMPLATE']->startPage('TYPO3 Login: ' . $GLOBALS['TYPO3_CONF_VARS']['SYS']['sitename'], FALSE);
187 // Add login form:
188 $this->content .= $this->wrapLoginForm($loginForm);
189 $this->content .= $GLOBALS['TBE_TEMPLATE']->endPage();
190 }
191
192 /**
193 * Outputting the accumulated content to screen
194 *
195 * @return void
196 * @todo Define visibility
197 */
198 public function printContent() {
199 echo $this->content;
200 }
201
202 /*****************************
203 *
204 * Various functions
205 *
206 ******************************/
207 /**
208 * Creates the login form
209 * This is drawn when NO login exists.
210 *
211 * @return string HTML output
212 * @todo Define visibility
213 */
214 public function makeLoginForm() {
215 $content = \TYPO3\CMS\Core\Html\HtmlParser::getSubpart($GLOBALS['TBE_TEMPLATE']->moduleTemplate, '###LOGIN_FORM###');
216 $markers = array(
217 'VALUE_USERNAME' => htmlspecialchars($this->u),
218 'VALUE_PASSWORD' => htmlspecialchars($this->p),
219 'VALUE_SUBMIT' => $GLOBALS['LANG']->getLL('labels.submitLogin', TRUE)
220 );
221 // Show an error message if the login command was successful already, otherwise remove the subpart
222 if (!$this->isLoginInProgress()) {
223 $content = \TYPO3\CMS\Core\Html\HtmlParser::substituteSubpart($content, '###LOGIN_ERROR###', '');
224 } else {
225 $markers['ERROR_MESSAGE'] = $GLOBALS['LANG']->getLL('error.login', TRUE);
226 $markers['ERROR_LOGIN_TITLE'] = $GLOBALS['LANG']->getLL('error.login.title', TRUE);
227 $markers['ERROR_LOGIN_DESCRIPTION'] = $GLOBALS['LANG']->getLL('error.login.description', TRUE);
228 }
229 // Remove the interface selector markers if it's not available
230 if (!($this->interfaceSelector && !$this->loginRefresh)) {
231 $content = \TYPO3\CMS\Core\Html\HtmlParser::substituteSubpart($content, '###INTERFACE_SELECTOR###', '');
232 } else {
233 $markers['LABEL_INTERFACE'] = $GLOBALS['LANG']->getLL('labels.interface', TRUE);
234 $markers['VALUE_INTERFACE'] = $this->interfaceSelector;
235 }
236 return \TYPO3\CMS\Core\Html\HtmlParser::substituteMarkerArray($content, $markers, '###|###');
237 }
238
239 /**
240 * Creates the logout form
241 * This is drawn if a user login already exists.
242 *
243 * @return string HTML output
244 * @todo Define visibility
245 */
246 public function makeLogoutForm() {
247 $content = \TYPO3\CMS\Core\Html\HtmlParser::getSubpart($GLOBALS['TBE_TEMPLATE']->moduleTemplate, '###LOGOUT_FORM###');
248 $markers = array(
249 'LABEL_USERNAME' => $GLOBALS['LANG']->getLL('labels.username', TRUE),
250 'VALUE_USERNAME' => htmlspecialchars($GLOBALS['BE_USER']->user['username']),
251 'VALUE_SUBMIT' => $GLOBALS['LANG']->getLL('labels.submitLogout', TRUE)
252 );
253 // Remove the interface selector markers if it's not available
254 if (!$this->interfaceSelector_jump) {
255 $content = \TYPO3\CMS\Core\Html\HtmlParser::substituteSubpart($content, '###INTERFACE_SELECTOR###', '');
256 } else {
257 $markers['LABEL_INTERFACE'] = $GLOBALS['LANG']->getLL('labels.interface', TRUE);
258 $markers['VALUE_INTERFACE'] = $this->interfaceSelector_jump;
259 }
260 return \TYPO3\CMS\Core\Html\HtmlParser::substituteMarkerArray($content, $markers, '###|###');
261 }
262
263 /**
264 * Wrapping the login form table in another set of tables etc:
265 *
266 * @param string $content HTML content for the login form
267 * @return string The HTML for the page.
268 * @todo Define visibility
269 */
270 public function wrapLoginForm($content) {
271 $mainContent = \TYPO3\CMS\Core\Html\HtmlParser::getSubpart($GLOBALS['TBE_TEMPLATE']->moduleTemplate, '###PAGE###');
272 if ($GLOBALS['TBE_STYLES']['logo_login']) {
273 $logo = ('<img src="' . htmlspecialchars(($GLOBALS['BACK_PATH'] . $GLOBALS['TBE_STYLES']['logo_login']))) . '" alt="" />';
274 } else {
275 $logo = ('<img' . \TYPO3\CMS\Backend\Utility\IconUtility::skinImg($GLOBALS['BACK_PATH'], 'gfx/typo3logo.gif', 'width="123" height="34"')) . ' alt="" />';
276 }
277 /** @var $browserWarning \TYPO3\CMS\Core\Messaging\FlashMessage */
278 $browserWarning = \TYPO3\CMS\Core\Utility\GeneralUtility::makeInstance('TYPO3\\CMS\\Core\\Messaging\\FlashMessage', ($GLOBALS['LANG']->getLL('warning.incompatibleBrowser') . ' ') . $GLOBALS['LANG']->getLL('warning.incompatibleBrowserInternetExplorer'), $GLOBALS['LANG']->getLL('warning.incompatibleBrowserHeadline'), \TYPO3\CMS\Core\Messaging\FlashMessage::ERROR);
279 $browserWarning = $browserWarning->render();
280 $additionalCssClasses = array();
281 if ($this->isLoginInProgress()) {
282 $additionalCssClasses[] = 'error';
283 }
284 if ($this->loginRefresh) {
285 $additionalCssClasses[] = 'refresh';
286 }
287 $markers = array(
288 'LOGO' => $logo,
289 'LOGINBOX_IMAGE' => $this->makeLoginBoxImage(),
290 'FORM' => $content,
291 'NEWS' => $this->makeLoginNews(),
292 'COPYRIGHT' => $this->makeCopyrightNotice(),
293 'CSS_CLASSES' => !empty($additionalCssClasses) ? ('class="' . implode(' ', $additionalCssClasses)) . '"' : '',
294 'CSS_OPENIDCLASS' => 't3-login-openid-' . (\TYPO3\CMS\Core\Extension\ExtensionManager::isLoaded('openid') ? 'enabled' : 'disabled'),
295 // The labels will be replaced later on, thus the other parts above
296 // can use these markers as well and it will be replaced
297 'HEADLINE' => $GLOBALS['LANG']->getLL('headline', TRUE),
298 'INFO_ABOUT' => $GLOBALS['LANG']->getLL('info.about', TRUE),
299 'INFO_RELOAD' => $GLOBALS['LANG']->getLL('info.reset', TRUE),
300 'INFO' => $GLOBALS['LANG']->getLL('info.cookies_and_js', TRUE),
301 'WARNING_BROWSER_INCOMPATIBLE' => $browserWarning,
302 'ERROR_JAVASCRIPT' => $GLOBALS['LANG']->getLL('error.javascript', TRUE),
303 'ERROR_COOKIES' => $GLOBALS['LANG']->getLL('error.cookies', TRUE),
304 'ERROR_COOKIES_IGNORE' => $GLOBALS['LANG']->getLL('error.cookies_ignore', TRUE),
305 'ERROR_CAPSLOCK' => $GLOBALS['LANG']->getLL('error.capslock', TRUE),
306 'ERROR_FURTHERHELP' => $GLOBALS['LANG']->getLL('error.furtherInformation', TRUE),
307 'LABEL_DONATELINK' => $GLOBALS['LANG']->getLL('labels.donate', TRUE),
308 'LABEL_USERNAME' => $GLOBALS['LANG']->getLL('labels.username', TRUE),
309 'LABEL_OPENID' => $GLOBALS['LANG']->getLL('labels.openId', TRUE),
310 'LABEL_PASSWORD' => $GLOBALS['LANG']->getLL('labels.password', TRUE),
311 'LABEL_WHATISOPENID' => $GLOBALS['LANG']->getLL('labels.whatIsOpenId', TRUE),
312 'LABEL_SWITCHOPENID' => $GLOBALS['LANG']->getLL('labels.switchToOpenId', TRUE),
313 'LABEL_SWITCHDEFAULT' => $GLOBALS['LANG']->getLL('labels.switchToDefault', TRUE),
314 'CLEAR' => $GLOBALS['LANG']->getLL('clear', TRUE),
315 'LOGIN_PROCESS' => $GLOBALS['LANG']->getLL('login_process', TRUE),
316 'SITELINK' => '<a href="/">###SITENAME###</a>',
317 // Global variables will now be replaced (at last)
318 'SITENAME' => htmlspecialchars($GLOBALS['TYPO3_CONF_VARS']['SYS']['sitename'])
319 );
320 $this->emitRenderLoginFormSignal($markers);
321 return \TYPO3\CMS\Core\Html\HtmlParser::substituteMarkerArray($mainContent, $markers, '###|###');
322 }
323
324 /**
325 * Checking, if we should perform some sort of redirection OR closing of windows.
326 *
327 * @return void
328 * @todo Define visibility
329 */
330 public function checkRedirect() {
331 // Do redirect:
332 // If a user is logged in AND a) if either the login is just done (isLoginInProgress) or b) a loginRefresh is done or c) the interface-selector is NOT enabled (If it is on the other hand, it should not just load an interface, because people has to choose then...)
333 if ($GLOBALS['BE_USER']->user['uid'] && (($this->isLoginInProgress() || $this->loginRefresh) || !$this->interfaceSelector)) {
334 // If no cookie has been set previously we tell people that this is a problem. This assumes that a cookie-setting script (like this one) has been hit at least once prior to this instance.
335 if (!$_COOKIE[\TYPO3\CMS\Core\Authentication\BackendUserAuthentication::getCookieName()]) {
336 if ($this->commandLI == 'setCookie') {
337 // we tried it a second time but still no cookie
338 // 26/4 2005: This does not work anymore, because the saving of challenge values in $_SESSION means the system will act as if the password was wrong.
339 throw new \RuntimeException('Login-error: Yeah, that\'s a classic. No cookies, no TYPO3.<br /><br />Please accept cookies from TYPO3 - otherwise you\'ll not be able to use the system.', 1294586846);
340 } else {
341 // try it once again - that might be needed for auto login
342 $this->redirectToURL = 'index.php?commandLI=setCookie';
343 }
344 }
345 if ($redirectToURL = (string) $GLOBALS['BE_USER']->getTSConfigVal('auth.BE.redirectToURL')) {
346 $this->redirectToURL = $redirectToURL;
347 $this->GPinterface = '';
348 }
349 // store interface
350 $GLOBALS['BE_USER']->uc['interfaceSetup'] = $this->GPinterface;
351 $GLOBALS['BE_USER']->writeUC();
352 // Based on specific setting of interface we set the redirect script:
353 switch ($this->GPinterface) {
354 case 'backend':
355
356 case 'backend_old':
357 $this->redirectToURL = 'backend.php';
358 break;
359 case 'frontend':
360 $this->redirectToURL = '../';
361 break;
362 }
363 /** @var $formProtection \TYPO3\CMS\Core\FormProtection\BackendFormProtection */
364 $formProtection = \TYPO3\CMS\Core\FormProtection\FormProtectionFactory::get();
365 // If there is a redirect URL AND if loginRefresh is not set...
366 if (!$this->loginRefresh) {
367 $formProtection->storeSessionTokenInRegistry();
368 \TYPO3\CMS\Core\Utility\HttpUtility::redirect($this->redirectToURL);
369 } else {
370 $formProtection->setSessionTokenFromRegistry();
371 $formProtection->persistSessionToken();
372 $GLOBALS['TBE_TEMPLATE']->JScode .= $GLOBALS['TBE_TEMPLATE']->wrapScriptTags('
373 if (parent.opener && (parent.opener.busy || parent.opener.TYPO3.loginRefresh)) {
374 if (parent.opener.TYPO3.loginRefresh) {
375 parent.opener.TYPO3.loginRefresh.startTimer();
376 } else {
377 parent.opener.busy.loginRefreshed();
378 }
379 parent.close();
380 }
381 ');
382 }
383 } elseif (!$GLOBALS['BE_USER']->user['uid'] && $this->isLoginInProgress()) {
384 // Wrong password, wait for 5 seconds
385 sleep(5);
386 }
387 }
388
389 /**
390 * Making interface selector:
391 *
392 * @return void
393 * @todo Define visibility
394 */
395 public function makeInterfaceSelectorBox() {
396 // Reset variables:
397 $this->interfaceSelector = '';
398 $this->interfaceSelector_hidden = '';
399 $this->interfaceSelector_jump = '';
400 // If interfaces are defined AND no input redirect URL in GET vars:
401 if ($GLOBALS['TYPO3_CONF_VARS']['BE']['interfaces'] && ($this->isLoginInProgress() || !$this->redirect_url)) {
402 $parts = \TYPO3\CMS\Core\Utility\GeneralUtility::trimExplode(',', $GLOBALS['TYPO3_CONF_VARS']['BE']['interfaces']);
403 // Only if more than one interface is defined will we show the selector:
404 if (count($parts) > 1) {
405 // Initialize:
406 $labels = array();
407 $labels['backend'] = $GLOBALS['LANG']->getLL('interface.backend');
408 $labels['backend_old'] = $GLOBALS['LANG']->getLL('interface.backend_old');
409 $labels['frontend'] = $GLOBALS['LANG']->getLL('interface.frontend');
410 $jumpScript = array();
411 $jumpScript['backend'] = 'backend.php';
412 $jumpScript['backend_old'] = 'backend.php';
413 $jumpScript['frontend'] = '../';
414 // Traverse the interface keys:
415 foreach ($parts as $valueStr) {
416 $this->interfaceSelector .= ((((('
417 <option value="' . htmlspecialchars($valueStr)) . '"') . (\TYPO3\CMS\Core\Utility\GeneralUtility::_GP('interface') == htmlspecialchars($valueStr) ? ' selected="selected"' : '')) . '>') . htmlspecialchars($labels[$valueStr])) . '</option>';
418 $this->interfaceSelector_jump .= ((('
419 <option value="' . htmlspecialchars($jumpScript[$valueStr])) . '">') . htmlspecialchars($labels[$valueStr])) . '</option>';
420 }
421 $this->interfaceSelector = ('
422 <select id="t3-interfaceselector" name="interface" class="c-interfaceselector" tabindex="3">' . $this->interfaceSelector) . '
423 </select>';
424 $this->interfaceSelector_jump = ('
425 <select id="t3-interfaceselector" name="interface" class="c-interfaceselector" tabindex="3" onchange="window.location.href=this.options[this.selectedIndex].value;">' . $this->interfaceSelector_jump) . '
426 </select>';
427 } elseif (!$this->redirect_url) {
428 // If there is only ONE interface value set and no redirect_url is present:
429 $this->interfaceSelector_hidden = ('<input type="hidden" name="interface" value="' . trim($GLOBALS['TYPO3_CONF_VARS']['BE']['interfaces'])) . '" />';
430 }
431 }
432 }
433
434 /**
435 * COPYRIGHT notice
436 *
437 * Warning:
438 * DO NOT prevent this notice from being shown in ANY WAY.
439 * According to the GPL license an interactive application must show such a notice on start-up ('If the program is interactive, make it output a short notice... ' - see GPL.txt)
440 * Therefore preventing this notice from being properly shown is a violation of the license, regardless of whether you remove it or use a stylesheet to obstruct the display.
441 *
442 * @return string Text/Image (HTML) for copyright notice.
443 * @todo Define visibility
444 */
445 public function makeCopyrightNotice() {
446 // Get values from TYPO3_CONF_VARS:
447 $loginCopyrightWarrantyProvider = strip_tags(trim($GLOBALS['TYPO3_CONF_VARS']['SYS']['loginCopyrightWarrantyProvider']));
448 $loginCopyrightWarrantyURL = strip_tags(trim($GLOBALS['TYPO3_CONF_VARS']['SYS']['loginCopyrightWarrantyURL']));
449 $loginImageSmall = trim($GLOBALS['TBE_STYLES']['loginBoxImageSmall']) ? trim($GLOBALS['TBE_STYLES']['loginBoxImageSmall']) : 'gfx/loginlogo_transp.gif';
450 // Make warranty note:
451 if (strlen($loginCopyrightWarrantyProvider) >= 2 && strlen($loginCopyrightWarrantyURL) >= 10) {
452 $warrantyNote = sprintf($GLOBALS['LANG']->getLL('warranty.by'), htmlspecialchars($loginCopyrightWarrantyProvider), ('<a href="' . htmlspecialchars($loginCopyrightWarrantyURL)) . '" target="_blank">', '</a>');
453 } else {
454 $warrantyNote = sprintf($GLOBALS['LANG']->getLL('no.warranty'), ('<a href="' . TYPO3_URL_LICENSE) . '" target="_blank">', '</a>');
455 }
456 // Compile full copyright notice:
457 $copyrightNotice = ((((((((((((((((((((('<a href="' . TYPO3_URL_GENERAL) . '" target="_blank">') . '<img src="') . $loginImageSmall) . '" alt="') . $GLOBALS['LANG']->getLL('typo3.logo')) . '" align="left" />') . $GLOBALS['LANG']->getLL('typo3.cms')) . ($GLOBALS['TYPO3_CONF_VARS']['SYS']['loginCopyrightShowVersion'] ? ((' ' . $GLOBALS['LANG']->getLL('version.short')) . ' ') . htmlspecialchars(TYPO3_version) : '')) . '</a>. ') . $GLOBALS['LANG']->getLL('copyright')) . ' &copy; ') . TYPO3_copyright_year) . ' Kasper Sk&#229;rh&#248;j. ') . $GLOBALS['LANG']->getLL('extension.copyright')) . ' ') . sprintf($GLOBALS['LANG']->getLL('details.link'), (((('<a href="' . TYPO3_URL_GENERAL) . '" target="_blank">') . TYPO3_URL_GENERAL) . '</a>'))) . '<br /> ') . $warrantyNote) . ' ') . sprintf($GLOBALS['LANG']->getLL('free.software'), (('<a href="' . TYPO3_URL_LICENSE) . '" target="_blank">'), '</a> ')) . $GLOBALS['LANG']->getLL('keep.notice');
458 // Return notice:
459 return $copyrightNotice;
460 }
461
462 /**
463 * Returns the login box image, whether the default or an image from the rotation folder.
464 *
465 * @return string HTML image tag.
466 * @todo Define visibility
467 */
468 public function makeLoginBoxImage() {
469 $loginboxImage = '';
470 // Look for rotation image folder:
471 if ($GLOBALS['TBE_STYLES']['loginBoxImage_rotationFolder']) {
472 $absPath = \TYPO3\CMS\Core\Utility\GeneralUtility::resolveBackPath(PATH_typo3 . $GLOBALS['TBE_STYLES']['loginBoxImage_rotationFolder']);
473 // Get rotation folder:
474 $dir = \TYPO3\CMS\Core\Utility\GeneralUtility::getFileAbsFileName($absPath);
475 if ($dir && @is_dir($dir)) {
476 // Get files for rotation into array:
477 $files = \TYPO3\CMS\Core\Utility\GeneralUtility::getFilesInDir($dir, 'png,jpg,gif');
478 // Pick random file:
479 $randImg = array_rand($files, 1);
480 // Get size of random file:
481 $imgSize = @getimagesize(($dir . $files[$randImg]));
482 $imgAuthor = is_array($GLOBALS['TBE_STYLES']['loginBoxImage_author']) && $GLOBALS['TBE_STYLES']['loginBoxImage_author'][$files[$randImg]] ? htmlspecialchars($GLOBALS['TBE_STYLES']['loginBoxImage_author'][$files[$randImg]]) : '';
483 // Create image tag:
484 if (is_array($imgSize)) {
485 $loginboxImage = ((((((('<img src="' . htmlspecialchars(($GLOBALS['TBE_STYLES']['loginBoxImage_rotationFolder'] . $files[$randImg]))) . '" ') . $imgSize[3]) . ' id="loginbox-image" alt="') . $imgAuthor) . '" title="') . $imgAuthor) . '" />';
486 }
487 }
488 } else {
489 // If no rotation folder configured, print default image:
490 // Development version
491 if (strstr(TYPO3_version, '-dev')) {
492 $loginImage = 'loginbox_image_dev.png';
493 $imagecopy = 'You are running a development version of TYPO3 ' . TYPO3_branch;
494 } else {
495 $loginImage = 'loginbox_image.jpg';
496 $imagecopy = 'Photo by J.C. Franca (www.digitalphoto.com.br)';
497 }
498 $loginboxImage = ((((('<img' . \TYPO3\CMS\Backend\Utility\IconUtility::skinImg($GLOBALS['BACK_PATH'], ('gfx/' . $loginImage), 'width="200" height="133"')) . ' id="loginbox-image" alt="') . $imagecopy) . '" title="') . $imagecopy) . '" />';
499 }
500 // Return image tag:
501 return $loginboxImage;
502 }
503
504 /**
505 * Make login news - renders the HTML content for a list of news shown under
506 * the login form. News data is added through $GLOBALS['TYPO3_CONF_VARS']
507 *
508 * @return string HTML content
509 * @credits Idea by Jan-Hendrik Heuing
510 * @todo Define visibility
511 */
512 public function makeLoginNews() {
513 $newsContent = '';
514 $systemNews = $this->getSystemNews();
515 // Traverse news array IF there are records in it:
516 if ((is_array($systemNews) && count($systemNews)) && !\TYPO3\CMS\Core\Utility\GeneralUtility::_GP('loginRefresh')) {
517 /** @var $htmlParser \TYPO3\CMS\Core\Html\RteHtmlParser */
518 $htmlParser = \TYPO3\CMS\Core\Utility\GeneralUtility::makeInstance('TYPO3\\CMS\\Core\\Html\\RteHtmlParser');
519 // Get the main news template, and replace the subpart after looped through
520 $newsContent = \TYPO3\CMS\Core\Html\HtmlParser::getSubpart($GLOBALS['TBE_TEMPLATE']->moduleTemplate, '###LOGIN_NEWS###');
521 $newsItemTemplate = \TYPO3\CMS\Core\Html\HtmlParser::getSubpart($newsContent, '###NEWS_ITEM###');
522 $newsItem = '';
523 $count = 1;
524 foreach ($systemNews as $newsItemData) {
525 $additionalClass = '';
526 if ($count == 1) {
527 $additionalClass = ' first-item';
528 } elseif ($count == count($systemNews)) {
529 $additionalClass = ' last-item';
530 }
531 $newsItemContent = $htmlParser->TS_transform_rte($htmlParser->TS_links_rte($newsItemData['content']));
532 $newsItemMarker = array(
533 '###HEADER###' => htmlspecialchars($newsItemData['header']),
534 '###DATE###' => htmlspecialchars($newsItemData['date']),
535 '###CONTENT###' => $newsItemContent,
536 '###CLASS###' => $additionalClass
537 );
538 $count++;
539 $newsItem .= \TYPO3\CMS\Core\Html\HtmlParser::substituteMarkerArray($newsItemTemplate, $newsItemMarker);
540 }
541 $title = $GLOBALS['TYPO3_CONF_VARS']['BE']['loginNewsTitle'] ? $GLOBALS['TYPO3_CONF_VARS']['BE']['loginNewsTitle'] : $GLOBALS['LANG']->getLL('newsheadline');
542 $newsContent = \TYPO3\CMS\Core\Html\HtmlParser::substituteMarker($newsContent, '###NEWS_HEADLINE###', htmlspecialchars($title));
543 $newsContent = \TYPO3\CMS\Core\Html\HtmlParser::substituteSubpart($newsContent, '###NEWS_ITEM###', $newsItem);
544 }
545 return $newsContent;
546 }
547
548 /**
549 * Gets news from sys_news and converts them into a format suitable for
550 * showing them at the login screen.
551 *
552 * @return array An array of login news.
553 */
554 protected function getSystemNews() {
555 $systemNewsTable = 'sys_news';
556 $systemNews = array();
557 $systemNewsRecords = $GLOBALS['TYPO3_DB']->exec_SELECTgetRows('title, content, crdate', $systemNewsTable, ('1=1' . \TYPO3\CMS\Backend\Utility\BackendUtility::BEenableFields($systemNewsTable)) . \TYPO3\CMS\Backend\Utility\BackendUtility::deleteClause($systemNewsTable), '', 'crdate DESC');
558 foreach ($systemNewsRecords as $systemNewsRecord) {
559 $systemNews[] = array(
560 'date' => date($GLOBALS['TYPO3_CONF_VARS']['SYS']['ddmmyy'], $systemNewsRecord['crdate']),
561 'header' => $systemNewsRecord['title'],
562 'content' => $systemNewsRecord['content']
563 );
564 }
565 return $systemNews;
566 }
567
568 /**
569 * Returns the form tag
570 *
571 * @return string Opening form tag string
572 * @todo Define visibility
573 */
574 public function startForm() {
575 $output = '';
576 // The form defaults to 'no login'. This prevents plain
577 // text logins to the Backend. The 'sv' extension changes the form to
578 // use superchallenged method and rsaauth extension makes rsa authetication.
579 $form = ('<form action="index.php" method="post" name="loginform" ' . 'onsubmit="alert(\'No authentication methods available. Please, ') . 'contact your TYPO3 administrator.\');return false">';
580 // Call hooks. If they do not return anything, we fail to login
581 if (is_array($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['typo3/index.php']['loginFormHook'])) {
582 foreach ($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['typo3/index.php']['loginFormHook'] as $function) {
583 $params = array();
584 $formCode = \TYPO3\CMS\Core\Utility\GeneralUtility::callUserFunction($function, $params, $this);
585 if ($formCode) {
586 $form = $formCode;
587 break;
588 }
589 }
590 }
591 $output .= ((((((((($form . '<input type="hidden" name="login_status" value="login" />') . '<input type="hidden" name="userident" value="" />') . '<input type="hidden" name="redirect_url" value="') . htmlspecialchars($this->redirectToURL)) . '" />') . '<input type="hidden" name="loginRefresh" value="') . htmlspecialchars($this->loginRefresh)) . '" />') . $this->interfaceSelector_hidden) . $this->addFields_hidden;
592 return $output;
593 }
594
595 /**
596 * Creates JavaScript for the login form
597 *
598 * @return string JavaScript code
599 * @todo Define visibility
600 */
601 public function getJScode() {
602 $JSCode = '';
603 if (is_array($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['typo3/index.php']['loginScriptHook'])) {
604 foreach ($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['typo3/index.php']['loginScriptHook'] as $function) {
605 $params = array();
606 $JSCode = \TYPO3\CMS\Core\Utility\GeneralUtility::callUserFunction($function, $params, $this);
607 if ($JSCode) {
608 break;
609 }
610 }
611 }
612 $JSCode .= $GLOBALS['TBE_TEMPLATE']->wrapScriptTags('
613 function startUp() {
614 // If the login screen is shown in the login_frameset window for re-login, then try to get the username of the current/former login from opening windows main frame:
615 try {
616 if (parent.opener && parent.opener.TS && parent.opener.TS.username && document.loginform && document.loginform.username) {
617 document.loginform.username.value = parent.opener.TS.username;
618 }
619 }
620 catch(error) {
621 //continue
622 }
623
624 // Wait a few millisecons before calling checkFocus(). This might be necessary because some browsers need some time to auto-fill in the form fields
625 window.setTimeout("checkFocus()", 50);
626 }
627
628 // This moves focus to the right input field:
629 function checkFocus() {
630 // If for some reason there already is a username in the username form field, move focus to the password field:
631 if (document.loginform.username && document.loginform.username.value == "") {
632 document.loginform.username.focus();
633 } else if (document.loginform.p_field && document.loginform.p_field.type!="hidden") {
634 document.loginform.p_field.focus();
635 }
636 }
637
638 // This function shows a warning, if user has capslock enabled
639 // parameter showWarning: shows warning if TRUE and capslock active, otherwise only hides warning, if capslock gets inactive
640 function checkCapslock(e, showWarning) {
641 if (!isCapslock(e)) {
642 document.getElementById(\'t3-capslock\').style.display = \'none\';
643 } else if (showWarning) {
644 document.getElementById(\'t3-capslock\').style.display = \'block\';
645 }
646 }
647
648 // Checks weather capslock is enabled (returns TRUE if enabled, false otherwise)
649 // thanks to http://24ways.org/2007/capturing-caps-lock
650
651 function isCapslock(e) {
652 var ev = e ? e : window.event;
653 if (!ev) {
654 return;
655 }
656 var targ = ev.target ? ev.target : ev.srcElement;
657 // get key pressed
658 var which = -1;
659 if (ev.which) {
660 which = ev.which;
661 } else if (ev.keyCode) {
662 which = ev.keyCode;
663 }
664 // get shift status
665 var shift_status = false;
666 if (ev.shiftKey) {
667 shift_status = ev.shiftKey;
668 } else if (ev.modifiers) {
669 shift_status = !!(ev.modifiers & 4);
670 }
671 return (((which >= 65 && which <= 90) && !shift_status) ||
672 ((which >= 97 && which <= 122) && shift_status));
673 }
674
675 // prevent opening the login form in the backend frameset
676 if (top.location.href != self.location.href) {
677 top.location.href = self.location.href;
678 }
679
680 ');
681 return $JSCode;
682 }
683
684 /**
685 * Checks if login credentials are currently submitted
686 *
687 * @return boolean
688 */
689 protected function isLoginInProgress() {
690 $username = \TYPO3\CMS\Core\Utility\GeneralUtility::_GP('username');
691 return !(empty($username) && empty($this->commandLI));
692 }
693
694 /**
695 * Emits the render login form signal
696 *
697 * @param array $markers Array with markers for the login form
698 * @return void
699 */
700 protected function emitRenderLoginFormSignal(array &$markers) {
701 $this->getSignalSlotDispatcher()->dispatch('TYPO3\\CMS\\Backend\\Controller\\LoginController', self::SIGNAL_RenderLoginForm, array($this, $markers));
702 }
703
704 /**
705 * Get the SignalSlot dispatcher
706 *
707 * @return \TYPO3\CMS\Extbase\SignalSlot\Dispatcher
708 */
709 protected function getSignalSlotDispatcher() {
710 if (!isset($this->signalSlotDispatcher)) {
711 $this->signalSlotDispatcher = $this->getObjectManager()->get('TYPO3\\CMS\\Extbase\\SignalSlot\\Dispatcher');
712 }
713 return $this->signalSlotDispatcher;
714 }
715
716 /**
717 * Get the ObjectManager
718 *
719 * @return \TYPO3\CMS\Extbase\Object\ObjectManager
720 */
721 protected function getObjectManager() {
722 return \TYPO3\CMS\Core\Utility\GeneralUtility::makeInstance('TYPO3\\CMS\\Extbase\\Object\\ObjectManager');
723 }
724
725 }
726
727
728 ?>