[!!!][TASK][CONF] Remove deprecated code for 4.7
[Packages/TYPO3.CMS.git] / typo3 / index.php
1 <?php
2 /***************************************************************
3 * Copyright notice
4 *
5 * (c) 1999-2011 Kasper Skårhøj (kasperYYYY@typo3.com)
6 * All rights reserved
7 *
8 * This script is part of the TYPO3 project. The TYPO3 project is
9 * free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
13 *
14 * The GNU General Public License can be found at
15 * http://www.gnu.org/copyleft/gpl.html.
16 * A copy is found in the textfile GPL.txt and important notices to the license
17 * from the author is found in LICENSE.txt distributed with these scripts.
18 *
19 *
20 * This script is distributed in the hope that it will be useful,
21 * but WITHOUT ANY WARRANTY; without even the implied warranty of
22 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
23 * GNU General Public License for more details.
24 *
25 * This copyright notice MUST APPEAR in all copies of the script!
26 ***************************************************************/
27 /**
28 * Login-screen of TYPO3.
29 *
30 * Revised for TYPO3 3.6 December/2003 by Kasper Skårhøj
31 * XHTML compliant
32 *
33 * @author Kasper Skårhøj <kasperYYYY@typo3.com>
34 */
35
36
37 define('TYPO3_PROCEED_IF_NO_USER', 1);
38 require('init.php');
39 require('template.php');
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55 /**
56 * Script Class for rendering the login form
57 *
58 * @author Kasper Skårhøj <kasperYYYY@typo3.com>
59 * @package TYPO3
60 * @subpackage core
61 */
62 class SC_index {
63
64 // Internal, GPvars:
65 var $redirect_url; // GPvar: redirect_url; The URL to redirect to after login.
66 var $GPinterface; // GPvar: Defines which interface to load (from interface selector)
67 var $u; // GPvar: preset username
68 var $p; // GPvar: preset password
69 var $L; // GPvar: If "L" is "OUT", then any logged in used is logged out. If redirect_url is given, we redirect to it
70 var $loginRefresh; // Login-refresh boolean; The backend will call this script with this value set when the login is close to being expired and the form needs to be redrawn.
71 var $commandLI; // Value of forms submit button for login.
72
73 // Internal, static:
74 var $redirectToURL; // Set to the redirect URL of the form (may be redirect_url or "backend.php")
75
76 // Internal, dynamic:
77 var $content; // Content accumulation
78
79 var $interfaceSelector; // A selector box for selecting value for "interface" may be rendered into this variable
80 var $interfaceSelector_jump; // A selector box for selecting value for "interface" may be rendered into this variable - this will have an onchange action which will redirect the user to the selected interface right away
81 var $interfaceSelector_hidden; // A hidden field, if the interface is not set.
82 var $addFields_hidden = ''; // Additional hidden fields to be placed at the login form
83
84 // sets the level of security. *'normal' = clear-text. 'challenged' = hashed password/username from form in $formfield_uident. 'superchallenged' = hashed password hashed again with username.
85 var $loginSecurityLevel = 'superchallenged';
86
87
88
89
90 /**
91 * Initialize the login box. Will also react on a &L=OUT flag and exit.
92 *
93 * @return void
94 */
95 function init() {
96 // We need a PHP session session for most login levels
97 session_start();
98
99 $this->redirect_url = t3lib_div::sanitizeLocalUrl(t3lib_div::_GP('redirect_url'));
100 $this->GPinterface = t3lib_div::_GP('interface');
101
102 // Grabbing preset username and password, for security reasons this feature only works if SSL is used
103 if (t3lib_div::getIndpEnv('TYPO3_SSL')) {
104 $this->u = t3lib_div::_GP('u');
105 $this->p = t3lib_div::_GP('p');
106 }
107
108 // If "L" is "OUT", then any logged in is logged out. If redirect_url is given, we redirect to it
109 $this->L = t3lib_div::_GP('L');
110
111 // Login
112 $this->loginRefresh = t3lib_div::_GP('loginRefresh');
113
114 // Value of "Login" button. If set, the login button was pressed.
115 $this->commandLI = t3lib_div::_GP('commandLI');
116
117 // sets the level of security from conf vars
118 if ($GLOBALS['TYPO3_CONF_VARS']['BE']['loginSecurityLevel']) {
119 $this->loginSecurityLevel = $GLOBALS['TYPO3_CONF_VARS']['BE']['loginSecurityLevel'];
120 }
121
122 // try to get the preferred browser language
123 $preferredBrowserLanguage = $GLOBALS['LANG']->csConvObj->getPreferredClientLanguage(t3lib_div::getIndpEnv('HTTP_ACCEPT_LANGUAGE'));
124 // if we found a $preferredBrowserLanguage and it is not the default language and no be_user is logged in
125 // initialize $GLOBALS['LANG'] again with $preferredBrowserLanguage
126 if ($preferredBrowserLanguage != 'default' && !$GLOBALS['BE_USER']->user['uid']) {
127 $GLOBALS['LANG']->init($preferredBrowserLanguage);
128 }
129 $GLOBALS['LANG']->includeLLFile('EXT:lang/locallang_login.xml');
130
131 // check if labels from $GLOBALS['TYPO3_CONF_VARS']['BE']['loginLabels'] were changed,
132 // and merge them to $GLOBALS['LOCAL_LANG'] if needed
133 $this->mergeOldLoginLabels();
134
135 // Setting the redirect URL to "backend.php" if no alternative input is given
136 $this->redirectToURL = ($this->redirect_url ? $this->redirect_url : 'backend.php');
137
138
139 // Do a logout if the command is set
140 if ($this->L == 'OUT' && is_object($GLOBALS['BE_USER'])) {
141 $GLOBALS['BE_USER']->logoff();
142 if ($this->redirect_url) {
143 t3lib_utility_Http::redirect($this->redirect_url);
144 }
145 exit;
146 }
147 }
148
149
150 /**
151 * Main function - creating the login/logout form
152 *
153 * @return void
154 */
155 function main() {
156 // Initialize template object:
157 $GLOBALS['TBE_TEMPLATE']->bodyTagAdditions = ' onload="startUp();"';
158 $GLOBALS['TBE_TEMPLATE']->moduleTemplate = $GLOBALS['TBE_TEMPLATE']->getHtmlTemplate('templates/login.html');
159
160 $GLOBALS['TBE_TEMPLATE']->getPageRenderer()->loadExtJS();
161 $GLOBALS['TBE_TEMPLATE']->getPageRenderer()->loadPrototype();
162 $GLOBALS['TBE_TEMPLATE']->getPageRenderer()->loadScriptaculous();
163
164 // Set JavaScript for creating a MD5 hash of the password:
165 $GLOBALS['TBE_TEMPLATE']->JScode.= $this->getJScode();
166
167 // Checking, if we should make a redirect.
168 // Might set JavaScript in the header to close window.
169 $this->checkRedirect();
170
171 // Initialize interface selectors:
172 $this->makeInterfaceSelectorBox();
173
174 // Creating form based on whether there is a login or not:
175 if (!$GLOBALS['BE_USER']->user['uid']) {
176 $GLOBALS['TBE_TEMPLATE']->form = $this->startForm();
177 $loginForm = $this->makeLoginForm();
178 } else {
179 $GLOBALS['TBE_TEMPLATE']->form = '
180 <form action="index.php" method="post" name="loginform">
181 <input type="hidden" name="login_status" value="logout" />
182 ';
183 $loginForm = $this->makeLogoutForm();
184 }
185
186 // Starting page:
187 $this->content .= $GLOBALS['TBE_TEMPLATE']->startPage('TYPO3 Login: ' . $GLOBALS['TYPO3_CONF_VARS']['SYS']['sitename'], FALSE);
188
189 // Add login form:
190 $this->content.=$this->wrapLoginForm($loginForm);
191
192 $this->content.= $GLOBALS['TBE_TEMPLATE']->endPage();
193 }
194
195 /**
196 * Outputting the accumulated content to screen
197 *
198 * @return void
199 */
200 function printContent() {
201 echo $this->content;
202 }
203
204 /*****************************
205 *
206 * Various functions
207 *
208 ******************************/
209
210 /**
211 * Creates the login form
212 * This is drawn when NO login exists.
213 *
214 * @return string HTML output
215 */
216 function makeLoginForm() {
217 $content = t3lib_parsehtml::getSubpart($GLOBALS['TBE_TEMPLATE']->moduleTemplate, '###LOGIN_FORM###');
218 $markers = array(
219 'VALUE_USERNAME' => htmlspecialchars($this->u),
220 'VALUE_PASSWORD' => htmlspecialchars($this->p),
221 'VALUE_SUBMIT' => $GLOBALS['LANG']->getLL('labels.submitLogin', TRUE),
222 );
223
224 // show an error message if the login command was successful already, otherwise remove the subpart
225 if (!$this->isLoginInProgress()) {
226 $content = t3lib_parsehtml::substituteSubpart($content, '###LOGIN_ERROR###', '');
227 } else {
228 $markers['ERROR_MESSAGE'] = $GLOBALS['LANG']->getLL('error.login', TRUE);
229 $markers['ERROR_LOGIN_TITLE'] = $GLOBALS['LANG']->getLL('error.login.title', TRUE);
230 $markers['ERROR_LOGIN_DESCRIPTION'] = $GLOBALS['LANG']->getLL('error.login.description', TRUE);
231 }
232
233
234 // remove the interface selector markers if it's not available
235 if (!($this->interfaceSelector && !$this->loginRefresh)) {
236 $content = t3lib_parsehtml::substituteSubpart($content, '###INTERFACE_SELECTOR###', '');
237 } else {
238 $markers['LABEL_INTERFACE'] = $GLOBALS['LANG']->getLL('labels.interface', TRUE);
239 $markers['VALUE_INTERFACE'] = $this->interfaceSelector;
240 }
241
242 return t3lib_parsehtml::substituteMarkerArray($content, $markers, '###|###');
243 }
244
245
246 /**
247 * Creates the logout form
248 * This is drawn if a user login already exists.
249 *
250 * @return string HTML output
251 */
252 function makeLogoutForm() {
253 $content = t3lib_parsehtml::getSubpart($GLOBALS['TBE_TEMPLATE']->moduleTemplate, '###LOGOUT_FORM###');
254 $markers = array(
255 'LABEL_USERNAME' => $GLOBALS['LANG']->getLL('labels.username', TRUE),
256 'VALUE_USERNAME' => htmlspecialchars($GLOBALS['BE_USER']->user['username']),
257 'VALUE_SUBMIT' => $GLOBALS['LANG']->getLL('labels.submitLogout', TRUE),
258 );
259
260 // remove the interface selector markers if it's not available
261 if (!$this->interfaceSelector_jump) {
262 $content = t3lib_parsehtml::substituteSubpart($content, '###INTERFACE_SELECTOR###', '');
263 } else {
264 $markers['LABEL_INTERFACE'] = $GLOBALS['LANG']->getLL('labels.interface', TRUE);
265 $markers['VALUE_INTERFACE'] = $this->interfaceSelector_jump;
266 }
267
268 return t3lib_parsehtml::substituteMarkerArray($content, $markers, '###|###');
269 }
270
271
272 /**
273 * Wrapping the login form table in another set of tables etc:
274 *
275 * @param string HTML content for the login form
276 * @return string The HTML for the page.
277 */
278 function wrapLoginForm($content) {
279 $mainContent = t3lib_parsehtml::getSubpart($GLOBALS['TBE_TEMPLATE']->moduleTemplate, '###PAGE###');
280
281 if ($GLOBALS['TBE_STYLES']['logo_login']) {
282 $logo = '<img src="'.htmlspecialchars($GLOBALS['BACK_PATH'] . $GLOBALS['TBE_STYLES']['logo_login']) . '" alt="" />';
283 } else {
284 $logo = '<img'.t3lib_iconWorks::skinImg($GLOBALS['BACK_PATH'],'gfx/typo3logo.gif','width="123" height="34"').' alt="" />';
285 }
286
287 $browserWarning = t3lib_div::makeInstance(
288 't3lib_FlashMessage',
289 // TODO: refactor if other old browsers are not supported anymore
290 $GLOBALS['LANG']->getLL('warning.incompatibleBrowser') . ' ' . $GLOBALS['LANG']->getLL('warning.incompatibleBrowserInternetExplorer'),
291 $GLOBALS['LANG']->getLL('warning.incompatibleBrowserHeadline'),
292 t3lib_FlashMessage::ERROR
293 );
294 $browserWarning = $browserWarning->render();
295
296 $markers = array(
297 'LOGO' => $logo,
298 'LOGINBOX_IMAGE' => $this->makeLoginBoxImage(),
299 'FORM' => $content,
300 'NEWS' => $this->makeLoginNews(),
301 'COPYRIGHT' => $this->makeCopyrightNotice(),
302 'CSS_ERRORCLASS' => ($this->isLoginInProgress() ? ' class="error"' : ''),
303 'CSS_OPENIDCLASS' => 't3-login-openid-' . (t3lib_extMgm::isLoaded('openid') ? 'enabled' : 'disabled'),
304
305 // the labels will be replaced later on, thus the other parts above
306 // can use these markers as well and it will be replaced
307 'HEADLINE' => $GLOBALS['LANG']->getLL('headline', TRUE),
308 'INFO_ABOUT' => $GLOBALS['LANG']->getLL('info.about', TRUE),
309 'INFO_RELOAD' => $GLOBALS['LANG']->getLL('info.reset', TRUE),
310 'INFO' => $GLOBALS['LANG']->getLL('info.cookies_and_js', TRUE),
311 'WARNING_BROWSER_INCOMPATIBLE' => $browserWarning,
312 'ERROR_JAVASCRIPT' => $GLOBALS['LANG']->getLL('error.javascript', TRUE),
313 'ERROR_COOKIES' => $GLOBALS['LANG']->getLL('error.cookies', TRUE),
314 'ERROR_COOKIES_IGNORE' => $GLOBALS['LANG']->getLL('error.cookies_ignore', TRUE),
315 'ERROR_CAPSLOCK' => $GLOBALS['LANG']->getLL('error.capslock', TRUE),
316 'ERROR_FURTHERHELP' => $GLOBALS['LANG']->getLL('error.furtherInformation', TRUE),
317 'LABEL_DONATELINK' => $GLOBALS['LANG']->getLL('labels.donate', TRUE),
318 'LABEL_USERNAME' => $GLOBALS['LANG']->getLL('labels.username', TRUE),
319 'LABEL_OPENID' => $GLOBALS['LANG']->getLL('labels.openId', TRUE),
320 'LABEL_PASSWORD' => $GLOBALS['LANG']->getLL('labels.password', TRUE),
321 'LABEL_WHATISOPENID' => $GLOBALS['LANG']->getLL('labels.whatIsOpenId', TRUE),
322 'LABEL_SWITCHOPENID' => $GLOBALS['LANG']->getLL('labels.switchToOpenId', TRUE),
323 'LABEL_SWITCHDEFAULT' => $GLOBALS['LANG']->getLL('labels.switchToDefault', TRUE),
324 'CLEAR' => $GLOBALS['LANG']->getLL('clear', TRUE),
325 'LOGIN_PROCESS' => $GLOBALS['LANG']->getLL('login_process', TRUE),
326 'SITELINK' => '<a href="/">###SITENAME###</a>',
327
328 // global variables will now be replaced (at last)
329 'SITENAME' => htmlspecialchars($GLOBALS['TYPO3_CONF_VARS']['SYS']['sitename'])
330 );
331 return t3lib_parsehtml::substituteMarkerArray($mainContent, $markers, '###|###');
332 }
333
334
335 /**
336 * Checking, if we should perform some sort of redirection OR closing of windows.
337 *
338 * @return void
339 */
340 function checkRedirect() {
341 // Do redirect:
342 // If a user is logged in AND a) if either the login is just done (isLoginInProgress) or b) a loginRefresh is done or c) the interface-selector is NOT enabled (If it is on the other hand, it should not just load an interface, because people has to choose then...)
343 if ($GLOBALS['BE_USER']->user['uid'] && ($this->isLoginInProgress() || $this->loginRefresh || !$this->interfaceSelector)) {
344
345 // If no cookie has been set previously we tell people that this is a problem. This assumes that a cookie-setting script (like this one) has been hit at least once prior to this instance.
346 if (!$_COOKIE[t3lib_beUserAuth::getCookieName()]) {
347 if ($this->commandLI=='setCookie') {
348 // we tried it a second time but still no cookie
349 // 26/4 2005: This does not work anymore, because the saving of challenge values in $_SESSION means the system will act as if the password was wrong.
350 throw new RuntimeException('Login-error: Yeah, that\'s a classic. No cookies, no TYPO3.<br /><br />Please accept cookies from TYPO3 - otherwise you\'ll not be able to use the system.', 1294586846);
351 } else {
352 // try it once again - that might be needed for auto login
353 $this->redirectToURL = 'index.php?commandLI=setCookie';
354 }
355 }
356
357 if (($redirectToURL = (string)$GLOBALS['BE_USER']->getTSConfigVal('auth.BE.redirectToURL'))) {
358 $this->redirectToURL = $redirectToURL;
359 $this->GPinterface = '';
360 }
361
362 // store interface
363 $GLOBALS['BE_USER']->uc['interfaceSetup'] = $this->GPinterface;
364 $GLOBALS['BE_USER']->writeUC();
365
366 // Based on specific setting of interface we set the redirect script:
367 switch ($this->GPinterface) {
368 case 'backend':
369 case 'backend_old':
370 $this->redirectToURL = 'backend.php';
371 break;
372 case 'frontend':
373 $this->redirectToURL = '../';
374 break;
375 }
376
377 $formProtection = t3lib_formprotection_Factory::get();
378 // If there is a redirect URL AND if loginRefresh is not set...
379 if (!$this->loginRefresh) {
380 $formProtection->storeSessionTokenInRegistry();
381 t3lib_utility_Http::redirect($this->redirectToURL);
382 } else {
383 $formProtection->setSessionTokenFromRegistry();
384 $formProtection->persistSessionToken();
385 $GLOBALS['TBE_TEMPLATE']->JScode.=$GLOBALS['TBE_TEMPLATE']->wrapScriptTags('
386 if (parent.opener && (parent.opener.busy || parent.opener.TYPO3.loginRefresh)) {
387 if (parent.opener.TYPO3.loginRefresh) {
388 parent.opener.TYPO3.loginRefresh.startTimer();
389 } else {
390 parent.opener.busy.loginRefreshed();
391 }
392 parent.close();
393 }
394 ');
395 }
396 } elseif (!$GLOBALS['BE_USER']->user['uid'] && $this->isLoginInProgress()) {
397 sleep(5); // Wrong password, wait for 5 seconds
398 }
399 }
400
401 /**
402 * Making interface selector:
403 *
404 * @return void
405 */
406 function makeInterfaceSelectorBox() {
407 // Reset variables:
408 $this->interfaceSelector = '';
409 $this->interfaceSelector_hidden='';
410 $this->interfaceSelector_jump = '';
411
412 // If interfaces are defined AND no input redirect URL in GET vars:
413 if ($GLOBALS['TYPO3_CONF_VARS']['BE']['interfaces'] && ($this->isLoginInProgress() || !$this->redirect_url)) {
414 $parts = t3lib_div::trimExplode(',',$GLOBALS['TYPO3_CONF_VARS']['BE']['interfaces']);
415 if (count($parts)>1) { // Only if more than one interface is defined will we show the selector:
416
417 // Initialize:
418 $labels=array();
419
420 $labels['backend'] = $GLOBALS['LANG']->getLL('interface.backend');
421 $labels['backend_old'] = $GLOBALS['LANG']->getLL('interface.backend_old');
422 $labels['frontend'] = $GLOBALS['LANG']->getLL('interface.frontend');
423
424 $jumpScript=array();
425 $jumpScript['backend'] = 'backend.php';
426 $jumpScript['backend_old'] = 'backend.php';
427 $jumpScript['frontend'] = '../';
428
429 // Traverse the interface keys:
430 foreach($parts as $valueStr) {
431 $this->interfaceSelector.='
432 <option value="'.htmlspecialchars($valueStr).'"'.(t3lib_div::_GP('interface')==htmlspecialchars($valueStr) ? ' selected="selected"' : '').'>'.htmlspecialchars($labels[$valueStr]).'</option>';
433 $this->interfaceSelector_jump.='
434 <option value="'.htmlspecialchars($jumpScript[$valueStr]).'">'.htmlspecialchars($labels[$valueStr]).'</option>';
435 }
436 $this->interfaceSelector='
437 <select id="t3-interfaceselector" name="interface" class="c-interfaceselector" tabindex="3">'.$this->interfaceSelector.'
438 </select>';
439 $this->interfaceSelector_jump='
440 <select id="t3-interfaceselector" name="interface" class="c-interfaceselector" tabindex="3" onchange="window.location.href=this.options[this.selectedIndex].value;">'.$this->interfaceSelector_jump.'
441 </select>';
442
443 } elseif (!$this->redirect_url) {
444 // If there is only ONE interface value set and no redirect_url is present:
445 $this->interfaceSelector_hidden='<input type="hidden" name="interface" value="'.trim($GLOBALS['TYPO3_CONF_VARS']['BE']['interfaces']).'" />';
446 }
447 }
448 }
449
450 /**
451 * COPYRIGHT notice
452 *
453 * Warning:
454 * DO NOT prevent this notice from being shown in ANY WAY.
455 * According to the GPL license an interactive application must show such a notice on start-up ('If the program is interactive, make it output a short notice... ' - see GPL.txt)
456 * Therefore preventing this notice from being properly shown is a violation of the license, regardless of whether you remove it or use a stylesheet to obstruct the display.
457 *
458 * @return string Text/Image (HTML) for copyright notice.
459 */
460 function makeCopyrightNotice() {
461
462 // Get values from TYPO3_CONF_VARS:
463 $loginCopyrightWarrantyProvider = strip_tags(trim($GLOBALS['TYPO3_CONF_VARS']['SYS']['loginCopyrightWarrantyProvider']));
464 $loginCopyrightWarrantyURL = strip_tags(trim($GLOBALS['TYPO3_CONF_VARS']['SYS']['loginCopyrightWarrantyURL']));
465 $loginImageSmall = (trim($GLOBALS['TBE_STYLES']['loginBoxImageSmall'])) ? trim($GLOBALS['TBE_STYLES']['loginBoxImageSmall']) : 'gfx/loginlogo_transp.gif';
466
467 // Make warranty note:
468 if (strlen($loginCopyrightWarrantyProvider)>=2 && strlen($loginCopyrightWarrantyURL)>=10) {
469 $warrantyNote = sprintf($GLOBALS['LANG']->getLL('warranty.by'), htmlspecialchars($loginCopyrightWarrantyProvider), '<a href="' . htmlspecialchars($loginCopyrightWarrantyURL) . '" target="_blank">', '</a>');
470 } else {
471 $warrantyNote = sprintf($GLOBALS['LANG']->getLL('no.warranty'), '<a href="' . TYPO3_URL_LICENSE . '" target="_blank">', '</a>');
472 }
473
474 // Compile full copyright notice:
475 $copyrightNotice = '<a href="' . TYPO3_URL_GENERAL . '" target="_blank">'.
476 '<img src="' . $loginImageSmall . '" alt="' . $GLOBALS['LANG']->getLL('typo3.logo') . '" align="left" />' .
477 $GLOBALS['LANG']->getLL('typo3.cms') . ($GLOBALS['TYPO3_CONF_VARS']['SYS']['loginCopyrightShowVersion']?' ' . $GLOBALS['LANG']->getLL('version.short') . ' ' . htmlspecialchars($GLOBALS['TYPO_VERSION']):'') .
478 '</a>. ' .
479 $GLOBALS['LANG']->getLL('copyright') . ' &copy; ' . TYPO3_copyright_year . ' Kasper Sk&#229;rh&#248;j. ' . $GLOBALS['LANG']->getLL('extension.copyright') . ' ' .
480 sprintf($GLOBALS['LANG']->getLL('details.link'), '<a href="' . TYPO3_URL_GENERAL . '" target="_blank">' . TYPO3_URL_GENERAL . '</a>') . '<br /> ' .
481 $warrantyNote . ' ' .
482 sprintf($GLOBALS['LANG']->getLL('free.software'), '<a href="' . TYPO3_URL_LICENSE . '" target="_blank">', '</a> ') .
483 $GLOBALS['LANG']->getLL('keep.notice');
484
485 // Return notice:
486 return $copyrightNotice;
487 }
488
489 /**
490 * Returns the login box image, whether the default or an image from the rotation folder.
491 *
492 * @return string HTML image tag.
493 */
494 function makeLoginBoxImage() {
495 $loginboxImage = '';
496 if ($GLOBALS['TBE_STYLES']['loginBoxImage_rotationFolder']) { // Look for rotation image folder:
497 $absPath = t3lib_div::resolveBackPath(PATH_typo3.$GLOBALS['TBE_STYLES']['loginBoxImage_rotationFolder']);
498
499 // Get rotation folder:
500 $dir = t3lib_div::getFileAbsFileName($absPath);
501 if ($dir && @is_dir($dir)) {
502
503 // Get files for rotation into array:
504 $files = t3lib_div::getFilesInDir($dir,'png,jpg,gif');
505
506 // Pick random file:
507 $randImg = array_rand($files, 1);
508
509 // Get size of random file:
510 $imgSize = @getimagesize($dir.$files[$randImg]);
511
512 $imgAuthor = is_array($GLOBALS['TBE_STYLES']['loginBoxImage_author'])&&$GLOBALS['TBE_STYLES']['loginBoxImage_author'][$files[$randImg]] ? htmlspecialchars($GLOBALS['TBE_STYLES']['loginBoxImage_author'][$files[$randImg]]) : '';
513
514 // Create image tag:
515 if (is_array($imgSize)) {
516 $loginboxImage = '<img src="'.htmlspecialchars($GLOBALS['TBE_STYLES']['loginBoxImage_rotationFolder'].$files[$randImg]).'" '.$imgSize[3].' id="loginbox-image" alt="'.$imgAuthor.'" title="'.$imgAuthor.'" />';
517 }
518 }
519 } else { // If no rotation folder configured, print default image:
520
521 if (strstr(TYPO3_version,'-dev')) { // development version
522 $loginImage = 'loginbox_image_dev.png';
523 $imagecopy = 'You are running a development version of TYPO3 '.TYPO3_branch;
524 } else {
525 $loginImage = 'loginbox_image.jpg';
526 $imagecopy = 'Photo by J.C. Franca (www.digitalphoto.com.br)';
527 }
528 $loginboxImage = '<img'.t3lib_iconWorks::skinImg($GLOBALS['BACK_PATH'],'gfx/'.$loginImage,'width="200" height="133"').' id="loginbox-image" alt="'.$imagecopy.'" title="'.$imagecopy.'" />';
529 }
530
531 // Return image tag:
532 return $loginboxImage;
533 }
534
535 /**
536 * Make login news - renders the HTML content for a list of news shown under
537 * the login form. News data is added through $GLOBALS['TYPO3_CONF_VARS']
538 *
539 * @return string HTML content
540 * @credits Idea by Jan-Hendrik Heuing
541 */
542 function makeLoginNews() {
543 $newsContent = '';
544
545 $systemNews = $this->getSystemNews();
546
547 // Traverse news array IF there are records in it:
548 if (is_array($systemNews) && count($systemNews) && !t3lib_div::_GP('loginRefresh')) {
549 $htmlParser = t3lib_div::makeInstance('t3lib_parsehtml_proc');
550 // get the main news template, and replace the subpart after looped through
551 $newsContent = t3lib_parsehtml::getSubpart($GLOBALS['TBE_TEMPLATE']->moduleTemplate, '###LOGIN_NEWS###');
552 $newsItemTemplate = t3lib_parsehtml::getSubpart($newsContent, '###NEWS_ITEM###');
553
554 $newsItem = '';
555 $count = 1;
556 foreach ($systemNews as $newsItemData) {
557 $additionalClass = '';
558 if ($count == 1) {
559 $additionalClass = ' first-item';
560 } elseif($count == count($systemNews)) {
561 $additionalClass = ' last-item';
562 }
563
564 $newsItemContent = $htmlParser->TS_transform_rte($htmlParser->TS_links_rte($newsItemData['content']));
565 $newsItemMarker = array(
566 '###HEADER###' => htmlspecialchars($newsItemData['header']),
567 '###DATE###' => htmlspecialchars($newsItemData['date']),
568 '###CONTENT###' => $newsItemContent,
569 '###CLASS###' => $additionalClass
570 );
571
572 $count++;
573 $newsItem .= t3lib_parsehtml::substituteMarkerArray($newsItemTemplate, $newsItemMarker);
574 }
575
576 $title = ($GLOBALS['TYPO3_CONF_VARS']['BE']['loginNewsTitle'] ? $GLOBALS['TYPO3_CONF_VARS']['BE']['loginNewsTitle'] : $GLOBALS['LANG']->getLL('newsheadline'));
577
578 $newsContent = t3lib_parsehtml::substituteMarker($newsContent, '###NEWS_HEADLINE###', htmlspecialchars($title));
579 $newsContent = t3lib_parsehtml::substituteSubpart($newsContent, '###NEWS_ITEM###', $newsItem);
580 }
581
582 return $newsContent;
583 }
584
585 /**
586 * Gets news from sys_news and converts them into a format suitable for
587 * showing them at the login screen.
588 *
589 * @return array An array of login news.
590 */
591 protected function getSystemNews() {
592 $systemNewsTable = 'sys_news';
593 $systemNews = array();
594
595 $systemNewsRecords = $GLOBALS['TYPO3_DB']->exec_SELECTgetRows(
596 'title, content, crdate',
597 $systemNewsTable,
598 '1=1' .
599 t3lib_BEfunc::BEenableFields($systemNewsTable) .
600 t3lib_BEfunc::deleteClause($systemNewsTable),
601 '',
602 'crdate DESC'
603 );
604
605 foreach ($systemNewsRecords as $systemNewsRecord) {
606 $systemNews[] = array(
607 'date' => date(
608 $GLOBALS['TYPO3_CONF_VARS']['SYS']['ddmmyy'],
609 $systemNewsRecord['crdate']
610 ),
611 'header' => $systemNewsRecord['title'],
612 'content' => $systemNewsRecord['content']
613 );
614 }
615
616 return $systemNews;
617 }
618
619 /**
620 * Returns the form tag
621 *
622 * @return string Opening form tag string
623 */
624 function startForm() {
625 $output = '';
626
627 // The form defaults to 'no login'. This prevents plain
628 // text logins to the Backend. The 'sv' extension changes the form to
629 // use superchallenged method and rsaauth extension makes rsa authetication.
630 $form = '<form action="index.php" method="post" name="loginform" ' .
631 'onsubmit="alert(\'No authentication methods available. Please, ' .
632 'contact your TYPO3 administrator.\');return false">';
633
634 // Call hooks. If they do not return anything, we fail to login
635 if (is_array($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['typo3/index.php']['loginFormHook'])) {
636 foreach ($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['typo3/index.php']['loginFormHook'] as $function) {
637 $params = array();
638 $formCode = t3lib_div::callUserFunction($function, $params, $this);
639 if ($formCode) {
640 $form = $formCode;
641 break;
642 }
643 }
644 }
645
646 $output .= $form .
647 '<input type="hidden" name="login_status" value="login" />' .
648 '<input type="hidden" name="userident" value="" />' .
649 '<input type="hidden" name="redirect_url" value="'.htmlspecialchars($this->redirectToURL).'" />' .
650 '<input type="hidden" name="loginRefresh" value="'.htmlspecialchars($this->loginRefresh).'" />' .
651 $this->interfaceSelector_hidden . $this->addFields_hidden;
652
653 return $output;
654 }
655
656 /**
657 * Creates JavaScript for the login form
658 *
659 * @return string JavaScript code
660 */
661 function getJScode() {
662 $JSCode = '';
663 if (is_array($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['typo3/index.php']['loginScriptHook'])) {
664 foreach ($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['typo3/index.php']['loginScriptHook'] as $function) {
665 $params = array();
666 $JSCode = t3lib_div::callUserFunction($function, $params, $this);
667 if ($JSCode) {
668 break;
669 }
670 }
671 }
672 $JSCode .= $GLOBALS['TBE_TEMPLATE']->wrapScriptTags('
673 function startUp() {
674 // If the login screen is shown in the login_frameset window for re-login, then try to get the username of the current/former login from opening windows main frame:
675 try {
676 if (parent.opener && parent.opener.TS && parent.opener.TS.username && document.loginform && document.loginform.username) {
677 document.loginform.username.value = parent.opener.TS.username;
678 }
679 }
680 catch(error) {
681 //continue
682 }
683
684 // Wait a few millisecons before calling checkFocus(). This might be necessary because some browsers need some time to auto-fill in the form fields
685 window.setTimeout("checkFocus()", 50);
686 }
687
688 // This moves focus to the right input field:
689 function checkFocus() {
690 // If for some reason there already is a username in the username form field, move focus to the password field:
691 if (document.loginform.username && document.loginform.username.value == "") {
692 document.loginform.username.focus();
693 } else if (document.loginform.p_field && document.loginform.p_field.type!="hidden") {
694 document.loginform.p_field.focus();
695 }
696 }
697
698 // This function shows a warning, if user has capslock enabled
699 // parameter showWarning: shows warning if TRUE and capslock active, otherwise only hides warning, if capslock gets inactive
700 function checkCapslock(e, showWarning) {
701 if (!isCapslock(e)) {
702 document.getElementById(\'t3-capslock\').style.display = \'none\';
703 } else if (showWarning) {
704 document.getElementById(\'t3-capslock\').style.display = \'block\';
705 }
706 }
707
708 // Checks weather capslock is enabled (returns TRUE if enabled, false otherwise)
709 // thanks to http://24ways.org/2007/capturing-caps-lock
710
711 function isCapslock(e) {
712 var ev = e ? e : window.event;
713 if (!ev) {
714 return;
715 }
716 var targ = ev.target ? ev.target : ev.srcElement;
717 // get key pressed
718 var which = -1;
719 if (ev.which) {
720 which = ev.which;
721 } else if (ev.keyCode) {
722 which = ev.keyCode;
723 }
724 // get shift status
725 var shift_status = false;
726 if (ev.shiftKey) {
727 shift_status = ev.shiftKey;
728 } else if (ev.modifiers) {
729 shift_status = !!(ev.modifiers & 4);
730 }
731 return (((which >= 65 && which <= 90) && !shift_status) ||
732 ((which >= 97 && which <= 122) && shift_status));
733 }
734
735 // prevent opening the login form in the backend frameset
736 if (top.location.href != self.location.href) {
737 top.location.href = self.location.href;
738 }
739
740 ');
741
742 return $JSCode;
743 }
744
745
746 /**
747 * Checks if labels from $GLOBALS['TYPO3_CONF_VARS']['BE']['loginLabels'] were changed, and merge them to $GLOBALS['LOCAL_LANG'] if needed
748 *
749 * This method keeps backwards compatibility, if you modified your
750 * labels with the install tool, we recommend to transfer this labels to a locallang.xml file
751 * using the llxml extension
752 *
753 * @return void
754 * @deprecated since TYPO3 4.6, remove in TYPO3 4.8
755 */
756 protected function mergeOldLoginLabels() {
757 // Getting login labels
758 $oldLoginLabels = trim($GLOBALS['TYPO3_CONF_VARS']['BE']['loginLabels']);
759 if ($oldLoginLabels != '') {
760 t3lib_div::deprecationLog('The use of $GLOBALS[\'TYPO3_CONF_VARS\'][\'BE\'][\'loginLabels\'] has been deprecated as of TYPO3 4.3, please use the according locallang.xml file.');
761 // md5 hash of the default loginLabels string
762 $defaultOldLoginLabelsHash = 'bcf0d32e58c6454ea50c6c956f1f18f0';
763 // compare loginLabels from TYPO3_CONF_VARS to default value
764 if (md5($oldLoginLabels) != $defaultOldLoginLabelsHash) {
765 $lang = $GLOBALS['LANG']->lang;
766 $oldLoginLabelArray = explode('|',$oldLoginLabels);
767 $overrideLabelKeys = array(
768 'labels.username' => $oldLoginLabelArray[0],
769 'labels.password' => $oldLoginLabelArray[1],
770 'labels.interface' => $oldLoginLabelArray[2],
771 'labels.submitLogin' => $oldLoginLabelArray[3],
772 'labels.submitLogout' => $oldLoginLabelArray[4],
773 'availableInterfaces' => $oldLoginLabelArray[5],
774 'headline' => $oldLoginLabelArray[6],
775 'info.jscookies' => $oldLoginLabelArray[7],
776 'newsheadline' => $oldLoginLabelArray[8],
777 'error.login' => $oldLoginLabelArray[9],
778 );
779 if (!is_array($GLOBALS['LOCAL_LANG'][$lang])) {
780 $GLOBALS['LOCAL_LANG'][$lang] = array();
781 }
782 // now override the labels from the LOCAL_LANG with the TYPO3_CONF_VARS
783 foreach ($overrideLabelKeys as $labelKey => $label) {
784 $GLOBALS['LANG']->overrideLL($labelKey, $label);
785 }
786 }
787 }
788 }
789
790 /**
791 * Checks if login credentials are currently submitted
792 *
793 * @return boolean
794 */
795 protected function isLoginInProgress() {
796 $username = t3lib_div::_GP('username');
797 return !(empty($username) && empty($this->commandLI));
798 }
799 }
800
801
802 if (defined('TYPO3_MODE') && isset($GLOBALS['TYPO3_CONF_VARS'][TYPO3_MODE]['XCLASS']['typo3/index.php'])) {
803 include_once($GLOBALS['TYPO3_CONF_VARS'][TYPO3_MODE]['XCLASS']['typo3/index.php']);
804 }
805
806
807
808 // Make instance:
809 $SOBE = t3lib_div::makeInstance('SC_index');
810 $SOBE->init();
811 $SOBE->main();
812 $SOBE->printContent();
813
814 ?>