[TASK] Remove function index
[Packages/TYPO3.CMS.git] / typo3 / sysext / sv / class.tx_sv_loginformhook.php
1 <?php
2 /***************************************************************
3 * Copyright notice
4 *
5 * (c) 2009-2011 Dmitry Dulepov <dmitry@typo3.org>
6 * All rights reserved
7 *
8 * This script is part of the TYPO3 project. The TYPO3 project is
9 * free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
13 *
14 * The GNU General Public License can be found at
15 * http://www.gnu.org/copyleft/gpl.html.
16 *
17 * This script is distributed in the hope that it will be useful,
18 * but WITHOUT ANY WARRANTY; without even the implied warranty of
19 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
20 * GNU General Public License for more details.
21 *
22 * This copyright notice MUST APPEAR in all copies of the script!
23 ***************************************************************/
24
25
26 /**
27 * This class contains a BE login form hook. It adds all necessary JavaScript
28 * for the superchallenged authentication.
29 *
30 * @author Dmitry Dulepov <dmitry@typo3.org>
31 * @package TYPO3
32 * @subpackage tx_sv
33 */
34 class tx_sv_loginformhook {
35
36 /**
37 * Provides form code for the superchallenged authentication.
38 *
39 * @param array $params Parameters to the script
40 * @param SC_index $pObj Calling object
41 * @return string The code for the login form
42 */
43 public function getLoginFormTag(array $params, SC_index &$pObj) {
44 // Get the code according to the login level
45 switch ($pObj->loginSecurityLevel) {
46 case 'challenged':
47 case 'superchallenged':
48 $_SESSION['login_challenge'] = $this->getChallenge();
49 $content = '<form action="index.php" method="post" name="loginform" ' .
50 'onsubmit="doChallengeResponse(' .
51 ($pObj->loginSecurityLevel == 'challenged' ? 0 : 1) . ');">' .
52 '<input type="hidden" name="challenge" value="' .
53 htmlspecialchars($_SESSION['login_challenge']) . '" />';
54 break;
55 case 'normal':
56 $content = '<form action="index.php" method="post" name="loginform" onsubmit="document.loginform.userident.value=document.loginform.p_field.value;document.loginform.p_field.value=\'\';return true;">';
57 break;
58 default:
59 // No code for unknown level!
60 $content = '';
61 }
62
63 return $content;
64 }
65
66 /**
67 * Provides form code for the superchallenged authentication.
68 *
69 * @param array $params Parameters to the script
70 * @param SC_index $pObj Calling object
71 * @return string The code for the login form
72 */
73 public function getLoginScripts(array $params, SC_index &$pObj) {
74 $content = '';
75
76 if ($pObj->loginSecurityLevel == 'superchallenged' ||
77 $pObj->loginSecurityLevel == 'challenged') {
78 $content = '
79 <script type="text/javascript" src="md5.js"></script>
80 ' . $GLOBALS['TBE_TEMPLATE']->wrapScriptTags('
81 function doChallengeResponse(superchallenged) { //
82 password = document.loginform.p_field.value;
83 if (password) {
84 if (superchallenged) {
85 password = MD5(password); // this makes it superchallenged!!
86 }
87 str = document.loginform.username.value+":"+password+":"+document.loginform.challenge.value;
88 document.loginform.userident.value = MD5(str);
89 document.loginform.p_field.value = "";
90 return true;
91 }
92 }
93 ');
94 }
95
96 return $content;
97 }
98
99
100 /**
101 * Create a random challenge string
102 *
103 * @return string Challenge value
104 */
105 protected function getChallenge() {
106 $challenge = md5(uniqid('') . getmypid());
107 return $challenge;
108 }
109
110 }
111
112 if (defined('TYPO3_MODE') && isset($GLOBALS['TYPO3_CONF_VARS'][TYPO3_MODE]['XCLASS']['ext/sv/class.tx_sv_loginformhook.php'])) {
113 include_once($GLOBALS['TYPO3_CONF_VARS'][TYPO3_MODE]['XCLASS']['ext/sv/class.tx_sv_loginformhook.php']);
114 }
115
116 ?>