2 /***************************************************************
5 * (c) 1999-2011 Kasper Skårhøj (kasperYYYY@typo3.com)
8 * This script is part of the TYPO3 project. The TYPO3 project is
9 * free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
14 * The GNU General Public License can be found at
15 * http://www.gnu.org/copyleft/gpl.html.
16 * A copy is found in the textfile GPL.txt and important notices to the license
17 * from the author is found in LICENSE.txt distributed with these scripts.
20 * This script is distributed in the hope that it will be useful,
21 * but WITHOUT ANY WARRANTY; without even the implied warranty of
22 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
23 * GNU General Public License for more details.
25 * This copyright notice MUST APPEAR in all copies of the script!
26 ***************************************************************/
28 * Login-screen of TYPO3.
30 * Revised for TYPO3 3.6 December/2003 by Kasper Skårhøj
33 * @author Kasper Skårhøj <kasperYYYY@typo3.com>
37 define('TYPO3_PROCEED_IF_NO_USER', 1);
39 require('template.php');
56 * Script Class for rendering the login form
58 * @author Kasper Skårhøj <kasperYYYY@typo3.com>
65 var $redirect_url; // GPvar: redirect_url; The URL to redirect to after login.
66 var $GPinterface; // GPvar: Defines which interface to load (from interface selector)
67 var $u; // GPvar: preset username
68 var $p; // GPvar: preset password
69 var $L; // GPvar: If "L" is "OUT", then any logged in used is logged out. If redirect_url is given, we redirect to it
70 var $loginRefresh; // Login-refresh boolean; The backend will call this script with this value set when the login is close to being expired and the form needs to be redrawn.
71 var $commandLI; // Value of forms submit button for login.
74 var $redirectToURL; // Set to the redirect URL of the form (may be redirect_url or "backend.php")
77 var $content; // Content accumulation
79 var $interfaceSelector; // A selector box for selecting value for "interface" may be rendered into this variable
80 var $interfaceSelector_jump; // A selector box for selecting value for "interface" may be rendered into this variable - this will have an onchange action which will redirect the user to the selected interface right away
81 var $interfaceSelector_hidden; // A hidden field, if the interface is not set.
82 var $addFields_hidden = ''; // Additional hidden fields to be placed at the login form
84 // sets the level of security. *'normal' = clear-text. 'challenged' = hashed password/username from form in $formfield_uident. 'superchallenged' = hashed password hashed again with username.
85 var $loginSecurityLevel = 'superchallenged';
91 * Initialize the login box. Will also react on a &L=OUT flag and exit.
96 // We need a PHP session session for most login levels
99 $this->redirect_url
= t3lib_div
::sanitizeLocalUrl(t3lib_div
::_GP('redirect_url'));
100 $this->GPinterface
= t3lib_div
::_GP('interface');
102 // Grabbing preset username and password, for security reasons this feature only works if SSL is used
103 if (t3lib_div
::getIndpEnv('TYPO3_SSL')) {
104 $this->u
= t3lib_div
::_GP('u');
105 $this->p
= t3lib_div
::_GP('p');
108 // If "L" is "OUT", then any logged in is logged out. If redirect_url is given, we redirect to it
109 $this->L
= t3lib_div
::_GP('L');
112 $this->loginRefresh
= t3lib_div
::_GP('loginRefresh');
114 // Value of "Login" button. If set, the login button was pressed.
115 $this->commandLI
= t3lib_div
::_GP('commandLI');
117 // sets the level of security from conf vars
118 if ($GLOBALS['TYPO3_CONF_VARS']['BE']['loginSecurityLevel']) {
119 $this->loginSecurityLevel
= $GLOBALS['TYPO3_CONF_VARS']['BE']['loginSecurityLevel'];
122 // try to get the preferred browser language
123 $preferredBrowserLanguage = $GLOBALS['LANG']->csConvObj
->getPreferredClientLanguage(t3lib_div
::getIndpEnv('HTTP_ACCEPT_LANGUAGE'));
124 // if we found a $preferredBrowserLanguage and it is not the default language and no be_user is logged in
125 // initialize $GLOBALS['LANG'] again with $preferredBrowserLanguage
126 if ($preferredBrowserLanguage != 'default' && !$GLOBALS['BE_USER']->user
['uid']) {
127 $GLOBALS['LANG']->init($preferredBrowserLanguage);
129 $GLOBALS['LANG']->includeLLFile('EXT:lang/locallang_login.xml');
131 // Setting the redirect URL to "backend.php" if no alternative input is given
132 $this->redirectToURL
= ($this->redirect_url ?
$this->redirect_url
: 'backend.php');
135 // Do a logout if the command is set
136 if ($this->L
== 'OUT' && is_object($GLOBALS['BE_USER'])) {
137 $GLOBALS['BE_USER']->logoff();
138 if ($this->redirect_url
) {
139 t3lib_utility_Http
::redirect($this->redirect_url
);
147 * Main function - creating the login/logout form
152 // Initialize template object:
153 $GLOBALS['TBE_TEMPLATE']->bodyTagAdditions
= ' onload="startUp();"';
154 $GLOBALS['TBE_TEMPLATE']->moduleTemplate
= $GLOBALS['TBE_TEMPLATE']->getHtmlTemplate('templates/login.html');
156 $GLOBALS['TBE_TEMPLATE']->getPageRenderer()->loadExtJS();
157 $GLOBALS['TBE_TEMPLATE']->getPageRenderer()->loadPrototype();
158 $GLOBALS['TBE_TEMPLATE']->getPageRenderer()->loadScriptaculous();
160 // Set JavaScript for creating a MD5 hash of the password:
161 $GLOBALS['TBE_TEMPLATE']->JScode
.= $this->getJScode();
163 // Checking, if we should make a redirect.
164 // Might set JavaScript in the header to close window.
165 $this->checkRedirect();
167 // Initialize interface selectors:
168 $this->makeInterfaceSelectorBox();
170 // Creating form based on whether there is a login or not:
171 if (!$GLOBALS['BE_USER']->user
['uid']) {
172 $GLOBALS['TBE_TEMPLATE']->form
= $this->startForm();
173 $loginForm = $this->makeLoginForm();
175 $GLOBALS['TBE_TEMPLATE']->form
= '
176 <form action="index.php" method="post" name="loginform">
177 <input type="hidden" name="login_status" value="logout" />
179 $loginForm = $this->makeLogoutForm();
183 $this->content
.= $GLOBALS['TBE_TEMPLATE']->startPage('TYPO3 Login: ' . $GLOBALS['TYPO3_CONF_VARS']['SYS']['sitename'], FALSE);
186 $this->content
.=$this->wrapLoginForm($loginForm);
188 $this->content
.= $GLOBALS['TBE_TEMPLATE']->endPage();
192 * Outputting the accumulated content to screen
196 function printContent() {
200 /*****************************
204 ******************************/
207 * Creates the login form
208 * This is drawn when NO login exists.
210 * @return string HTML output
212 function makeLoginForm() {
213 $content = t3lib_parsehtml
::getSubpart($GLOBALS['TBE_TEMPLATE']->moduleTemplate
, '###LOGIN_FORM###');
215 'VALUE_USERNAME' => htmlspecialchars($this->u
),
216 'VALUE_PASSWORD' => htmlspecialchars($this->p
),
217 'VALUE_SUBMIT' => $GLOBALS['LANG']->getLL('labels.submitLogin', TRUE),
220 // show an error message if the login command was successful already, otherwise remove the subpart
221 if (!$this->isLoginInProgress()) {
222 $content = t3lib_parsehtml
::substituteSubpart($content, '###LOGIN_ERROR###', '');
224 $markers['ERROR_MESSAGE'] = $GLOBALS['LANG']->getLL('error.login', TRUE);
225 $markers['ERROR_LOGIN_TITLE'] = $GLOBALS['LANG']->getLL('error.login.title', TRUE);
226 $markers['ERROR_LOGIN_DESCRIPTION'] = $GLOBALS['LANG']->getLL('error.login.description', TRUE);
230 // remove the interface selector markers if it's not available
231 if (!($this->interfaceSelector
&& !$this->loginRefresh
)) {
232 $content = t3lib_parsehtml
::substituteSubpart($content, '###INTERFACE_SELECTOR###', '');
234 $markers['LABEL_INTERFACE'] = $GLOBALS['LANG']->getLL('labels.interface', TRUE);
235 $markers['VALUE_INTERFACE'] = $this->interfaceSelector
;
238 return t3lib_parsehtml
::substituteMarkerArray($content, $markers, '###|###');
243 * Creates the logout form
244 * This is drawn if a user login already exists.
246 * @return string HTML output
248 function makeLogoutForm() {
249 $content = t3lib_parsehtml
::getSubpart($GLOBALS['TBE_TEMPLATE']->moduleTemplate
, '###LOGOUT_FORM###');
251 'LABEL_USERNAME' => $GLOBALS['LANG']->getLL('labels.username', TRUE),
252 'VALUE_USERNAME' => htmlspecialchars($GLOBALS['BE_USER']->user
['username']),
253 'VALUE_SUBMIT' => $GLOBALS['LANG']->getLL('labels.submitLogout', TRUE),
256 // remove the interface selector markers if it's not available
257 if (!$this->interfaceSelector_jump
) {
258 $content = t3lib_parsehtml
::substituteSubpart($content, '###INTERFACE_SELECTOR###', '');
260 $markers['LABEL_INTERFACE'] = $GLOBALS['LANG']->getLL('labels.interface', TRUE);
261 $markers['VALUE_INTERFACE'] = $this->interfaceSelector_jump
;
264 return t3lib_parsehtml
::substituteMarkerArray($content, $markers, '###|###');
269 * Wrapping the login form table in another set of tables etc:
271 * @param string HTML content for the login form
272 * @return string The HTML for the page.
274 function wrapLoginForm($content) {
275 $mainContent = t3lib_parsehtml
::getSubpart($GLOBALS['TBE_TEMPLATE']->moduleTemplate
, '###PAGE###');
277 if ($GLOBALS['TBE_STYLES']['logo_login']) {
278 $logo = '<img src="'.htmlspecialchars($GLOBALS['BACK_PATH'] . $GLOBALS['TBE_STYLES']['logo_login']) . '" alt="" />';
280 $logo = '<img'.t3lib_iconWorks
::skinImg($GLOBALS['BACK_PATH'],'gfx/typo3logo.gif','width="123" height="34"').' alt="" />';
283 $browserWarning = t3lib_div
::makeInstance(
284 't3lib_FlashMessage',
285 // TODO: refactor if other old browsers are not supported anymore
286 $GLOBALS['LANG']->getLL('warning.incompatibleBrowser') . ' ' . $GLOBALS['LANG']->getLL('warning.incompatibleBrowserInternetExplorer'),
287 $GLOBALS['LANG']->getLL('warning.incompatibleBrowserHeadline'),
288 t3lib_FlashMessage
::ERROR
290 $browserWarning = $browserWarning->render();
294 'LOGINBOX_IMAGE' => $this->makeLoginBoxImage(),
296 'NEWS' => $this->makeLoginNews(),
297 'COPYRIGHT' => $this->makeCopyrightNotice(),
298 'CSS_ERRORCLASS' => ($this->isLoginInProgress() ?
' class="error"' : ''),
299 'CSS_OPENIDCLASS' => 't3-login-openid-' . (t3lib_extMgm
::isLoaded('openid') ?
'enabled' : 'disabled'),
301 // the labels will be replaced later on, thus the other parts above
302 // can use these markers as well and it will be replaced
303 'HEADLINE' => $GLOBALS['LANG']->getLL('headline', TRUE),
304 'INFO_ABOUT' => $GLOBALS['LANG']->getLL('info.about', TRUE),
305 'INFO_RELOAD' => $GLOBALS['LANG']->getLL('info.reset', TRUE),
306 'INFO' => $GLOBALS['LANG']->getLL('info.cookies_and_js', TRUE),
307 'WARNING_BROWSER_INCOMPATIBLE' => $browserWarning,
308 'ERROR_JAVASCRIPT' => $GLOBALS['LANG']->getLL('error.javascript', TRUE),
309 'ERROR_COOKIES' => $GLOBALS['LANG']->getLL('error.cookies', TRUE),
310 'ERROR_COOKIES_IGNORE' => $GLOBALS['LANG']->getLL('error.cookies_ignore', TRUE),
311 'ERROR_CAPSLOCK' => $GLOBALS['LANG']->getLL('error.capslock', TRUE),
312 'ERROR_FURTHERHELP' => $GLOBALS['LANG']->getLL('error.furtherInformation', TRUE),
313 'LABEL_DONATELINK' => $GLOBALS['LANG']->getLL('labels.donate', TRUE),
314 'LABEL_USERNAME' => $GLOBALS['LANG']->getLL('labels.username', TRUE),
315 'LABEL_OPENID' => $GLOBALS['LANG']->getLL('labels.openId', TRUE),
316 'LABEL_PASSWORD' => $GLOBALS['LANG']->getLL('labels.password', TRUE),
317 'LABEL_WHATISOPENID' => $GLOBALS['LANG']->getLL('labels.whatIsOpenId', TRUE),
318 'LABEL_SWITCHOPENID' => $GLOBALS['LANG']->getLL('labels.switchToOpenId', TRUE),
319 'LABEL_SWITCHDEFAULT' => $GLOBALS['LANG']->getLL('labels.switchToDefault', TRUE),
320 'CLEAR' => $GLOBALS['LANG']->getLL('clear', TRUE),
321 'LOGIN_PROCESS' => $GLOBALS['LANG']->getLL('login_process', TRUE),
322 'SITELINK' => '<a href="/">###SITENAME###</a>',
324 // global variables will now be replaced (at last)
325 'SITENAME' => htmlspecialchars($GLOBALS['TYPO3_CONF_VARS']['SYS']['sitename'])
327 return t3lib_parsehtml
::substituteMarkerArray($mainContent, $markers, '###|###');
332 * Checking, if we should perform some sort of redirection OR closing of windows.
336 function checkRedirect() {
338 // If a user is logged in AND a) if either the login is just done (isLoginInProgress) or b) a loginRefresh is done or c) the interface-selector is NOT enabled (If it is on the other hand, it should not just load an interface, because people has to choose then...)
339 if ($GLOBALS['BE_USER']->user
['uid'] && ($this->isLoginInProgress() ||
$this->loginRefresh ||
!$this->interfaceSelector
)) {
341 // If no cookie has been set previously we tell people that this is a problem. This assumes that a cookie-setting script (like this one) has been hit at least once prior to this instance.
342 if (!$_COOKIE[t3lib_beUserAuth
::getCookieName()]) {
343 if ($this->commandLI
=='setCookie') {
344 // we tried it a second time but still no cookie
345 // 26/4 2005: This does not work anymore, because the saving of challenge values in $_SESSION means the system will act as if the password was wrong.
346 throw new RuntimeException('Login-error: Yeah, that\'s a classic. No cookies, no TYPO3.<br /><br />Please accept cookies from TYPO3 - otherwise you\'ll not be able to use the system.', 1294586846);
348 // try it once again - that might be needed for auto login
349 $this->redirectToURL
= 'index.php?commandLI=setCookie';
353 if (($redirectToURL = (string)$GLOBALS['BE_USER']->getTSConfigVal('auth.BE.redirectToURL'))) {
354 $this->redirectToURL
= $redirectToURL;
355 $this->GPinterface
= '';
359 $GLOBALS['BE_USER']->uc
['interfaceSetup'] = $this->GPinterface
;
360 $GLOBALS['BE_USER']->writeUC();
362 // Based on specific setting of interface we set the redirect script:
363 switch ($this->GPinterface
) {
366 $this->redirectToURL
= 'backend.php';
369 $this->redirectToURL
= '../';
373 $formProtection = t3lib_formprotection_Factory
::get();
374 // If there is a redirect URL AND if loginRefresh is not set...
375 if (!$this->loginRefresh
) {
376 $formProtection->storeSessionTokenInRegistry();
377 t3lib_utility_Http
::redirect($this->redirectToURL
);
379 $formProtection->setSessionTokenFromRegistry();
380 $formProtection->persistSessionToken();
381 $GLOBALS['TBE_TEMPLATE']->JScode
.=$GLOBALS['TBE_TEMPLATE']->wrapScriptTags('
382 if (parent.opener && (parent.opener.busy || parent.opener.TYPO3.loginRefresh)) {
383 if (parent.opener.TYPO3.loginRefresh) {
384 parent.opener.TYPO3.loginRefresh.startTimer();
386 parent.opener.busy.loginRefreshed();
392 } elseif (!$GLOBALS['BE_USER']->user
['uid'] && $this->isLoginInProgress()) {
393 sleep(5); // Wrong password, wait for 5 seconds
398 * Making interface selector:
402 function makeInterfaceSelectorBox() {
404 $this->interfaceSelector
= '';
405 $this->interfaceSelector_hidden
='';
406 $this->interfaceSelector_jump
= '';
408 // If interfaces are defined AND no input redirect URL in GET vars:
409 if ($GLOBALS['TYPO3_CONF_VARS']['BE']['interfaces'] && ($this->isLoginInProgress() ||
!$this->redirect_url
)) {
410 $parts = t3lib_div
::trimExplode(',',$GLOBALS['TYPO3_CONF_VARS']['BE']['interfaces']);
411 if (count($parts)>1) { // Only if more than one interface is defined will we show the selector:
416 $labels['backend'] = $GLOBALS['LANG']->getLL('interface.backend');
417 $labels['backend_old'] = $GLOBALS['LANG']->getLL('interface.backend_old');
418 $labels['frontend'] = $GLOBALS['LANG']->getLL('interface.frontend');
421 $jumpScript['backend'] = 'backend.php';
422 $jumpScript['backend_old'] = 'backend.php';
423 $jumpScript['frontend'] = '../';
425 // Traverse the interface keys:
426 foreach($parts as $valueStr) {
427 $this->interfaceSelector
.='
428 <option value="'.htmlspecialchars($valueStr).'"'.(t3lib_div
::_GP('interface')==htmlspecialchars($valueStr) ?
' selected="selected"' : '').'>'.htmlspecialchars($labels[$valueStr]).'</option>';
429 $this->interfaceSelector_jump
.='
430 <option value="'.htmlspecialchars($jumpScript[$valueStr]).'">'.htmlspecialchars($labels[$valueStr]).'</option>';
432 $this->interfaceSelector
='
433 <select id="t3-interfaceselector" name="interface" class="c-interfaceselector" tabindex="3">'.$this->interfaceSelector
.'
435 $this->interfaceSelector_jump
='
436 <select id="t3-interfaceselector" name="interface" class="c-interfaceselector" tabindex="3" onchange="window.location.href=this.options[this.selectedIndex].value;">'.$this->interfaceSelector_jump
.'
439 } elseif (!$this->redirect_url
) {
440 // If there is only ONE interface value set and no redirect_url is present:
441 $this->interfaceSelector_hidden
='<input type="hidden" name="interface" value="'.trim($GLOBALS['TYPO3_CONF_VARS']['BE']['interfaces']).'" />';
450 * DO NOT prevent this notice from being shown in ANY WAY.
451 * According to the GPL license an interactive application must show such a notice on start-up ('If the program is interactive, make it output a short notice... ' - see GPL.txt)
452 * Therefore preventing this notice from being properly shown is a violation of the license, regardless of whether you remove it or use a stylesheet to obstruct the display.
454 * @return string Text/Image (HTML) for copyright notice.
456 function makeCopyrightNotice() {
458 // Get values from TYPO3_CONF_VARS:
459 $loginCopyrightWarrantyProvider = strip_tags(trim($GLOBALS['TYPO3_CONF_VARS']['SYS']['loginCopyrightWarrantyProvider']));
460 $loginCopyrightWarrantyURL = strip_tags(trim($GLOBALS['TYPO3_CONF_VARS']['SYS']['loginCopyrightWarrantyURL']));
461 $loginImageSmall = (trim($GLOBALS['TBE_STYLES']['loginBoxImageSmall'])) ?
trim($GLOBALS['TBE_STYLES']['loginBoxImageSmall']) : 'gfx/loginlogo_transp.gif';
463 // Make warranty note:
464 if (strlen($loginCopyrightWarrantyProvider)>=2 && strlen($loginCopyrightWarrantyURL)>=10) {
465 $warrantyNote = sprintf($GLOBALS['LANG']->getLL('warranty.by'), htmlspecialchars($loginCopyrightWarrantyProvider), '<a href="' . htmlspecialchars($loginCopyrightWarrantyURL) . '" target="_blank">', '</a>');
467 $warrantyNote = sprintf($GLOBALS['LANG']->getLL('no.warranty'), '<a href="' . TYPO3_URL_LICENSE
. '" target="_blank">', '</a>');
470 // Compile full copyright notice:
471 $copyrightNotice = '<a href="' . TYPO3_URL_GENERAL
. '" target="_blank">'.
472 '<img src="' . $loginImageSmall . '" alt="' . $GLOBALS['LANG']->getLL('typo3.logo') . '" align="left" />' .
473 $GLOBALS['LANG']->getLL('typo3.cms') . ($GLOBALS['TYPO3_CONF_VARS']['SYS']['loginCopyrightShowVersion']?
' ' . $GLOBALS['LANG']->getLL('version.short') . ' ' . htmlspecialchars(TYPO3_version
):'') .
475 $GLOBALS['LANG']->getLL('copyright') . ' © ' . TYPO3_copyright_year
. ' Kasper Skårhøj. ' . $GLOBALS['LANG']->getLL('extension.copyright') . ' ' .
476 sprintf($GLOBALS['LANG']->getLL('details.link'), '<a href="' . TYPO3_URL_GENERAL
. '" target="_blank">' . TYPO3_URL_GENERAL
. '</a>') . '<br /> ' .
477 $warrantyNote . ' ' .
478 sprintf($GLOBALS['LANG']->getLL('free.software'), '<a href="' . TYPO3_URL_LICENSE
. '" target="_blank">', '</a> ') .
479 $GLOBALS['LANG']->getLL('keep.notice');
482 return $copyrightNotice;
486 * Returns the login box image, whether the default or an image from the rotation folder.
488 * @return string HTML image tag.
490 function makeLoginBoxImage() {
492 if ($GLOBALS['TBE_STYLES']['loginBoxImage_rotationFolder']) { // Look for rotation image folder:
493 $absPath = t3lib_div
::resolveBackPath(PATH_typo3
.$GLOBALS['TBE_STYLES']['loginBoxImage_rotationFolder']);
495 // Get rotation folder:
496 $dir = t3lib_div
::getFileAbsFileName($absPath);
497 if ($dir && @is_dir
($dir)) {
499 // Get files for rotation into array:
500 $files = t3lib_div
::getFilesInDir($dir,'png,jpg,gif');
503 $randImg = array_rand($files, 1);
505 // Get size of random file:
506 $imgSize = @getimagesize
($dir.$files[$randImg]);
508 $imgAuthor = is_array($GLOBALS['TBE_STYLES']['loginBoxImage_author'])&&$GLOBALS['TBE_STYLES']['loginBoxImage_author'][$files[$randImg]] ?
htmlspecialchars($GLOBALS['TBE_STYLES']['loginBoxImage_author'][$files[$randImg]]) : '';
511 if (is_array($imgSize)) {
512 $loginboxImage = '<img src="'.htmlspecialchars($GLOBALS['TBE_STYLES']['loginBoxImage_rotationFolder'].$files[$randImg]).'" '.$imgSize[3].' id="loginbox-image" alt="'.$imgAuthor.'" title="'.$imgAuthor.'" />';
515 } else { // If no rotation folder configured, print default image:
517 if (strstr(TYPO3_version
,'-dev')) { // development version
518 $loginImage = 'loginbox_image_dev.png';
519 $imagecopy = 'You are running a development version of TYPO3 '.TYPO3_branch
;
521 $loginImage = 'loginbox_image.jpg';
522 $imagecopy = 'Photo by J.C. Franca (www.digitalphoto.com.br)';
524 $loginboxImage = '<img'.t3lib_iconWorks
::skinImg($GLOBALS['BACK_PATH'],'gfx/'.$loginImage,'width="200" height="133"').' id="loginbox-image" alt="'.$imagecopy.'" title="'.$imagecopy.'" />';
528 return $loginboxImage;
532 * Make login news - renders the HTML content for a list of news shown under
533 * the login form. News data is added through $GLOBALS['TYPO3_CONF_VARS']
535 * @return string HTML content
536 * @credits Idea by Jan-Hendrik Heuing
538 function makeLoginNews() {
541 $systemNews = $this->getSystemNews();
543 // Traverse news array IF there are records in it:
544 if (is_array($systemNews) && count($systemNews) && !t3lib_div
::_GP('loginRefresh')) {
545 $htmlParser = t3lib_div
::makeInstance('t3lib_parsehtml_proc');
546 // get the main news template, and replace the subpart after looped through
547 $newsContent = t3lib_parsehtml
::getSubpart($GLOBALS['TBE_TEMPLATE']->moduleTemplate
, '###LOGIN_NEWS###');
548 $newsItemTemplate = t3lib_parsehtml
::getSubpart($newsContent, '###NEWS_ITEM###');
552 foreach ($systemNews as $newsItemData) {
553 $additionalClass = '';
555 $additionalClass = ' first-item';
556 } elseif($count == count($systemNews)) {
557 $additionalClass = ' last-item';
560 $newsItemContent = $htmlParser->TS_transform_rte($htmlParser->TS_links_rte($newsItemData['content']));
561 $newsItemMarker = array(
562 '###HEADER###' => htmlspecialchars($newsItemData['header']),
563 '###DATE###' => htmlspecialchars($newsItemData['date']),
564 '###CONTENT###' => $newsItemContent,
565 '###CLASS###' => $additionalClass
569 $newsItem .= t3lib_parsehtml
::substituteMarkerArray($newsItemTemplate, $newsItemMarker);
572 $title = ($GLOBALS['TYPO3_CONF_VARS']['BE']['loginNewsTitle'] ?
$GLOBALS['TYPO3_CONF_VARS']['BE']['loginNewsTitle'] : $GLOBALS['LANG']->getLL('newsheadline'));
574 $newsContent = t3lib_parsehtml
::substituteMarker($newsContent, '###NEWS_HEADLINE###', htmlspecialchars($title));
575 $newsContent = t3lib_parsehtml
::substituteSubpart($newsContent, '###NEWS_ITEM###', $newsItem);
582 * Gets news from sys_news and converts them into a format suitable for
583 * showing them at the login screen.
585 * @return array An array of login news.
587 protected function getSystemNews() {
588 $systemNewsTable = 'sys_news';
589 $systemNews = array();
591 $systemNewsRecords = $GLOBALS['TYPO3_DB']->exec_SELECTgetRows(
592 'title, content, crdate',
595 t3lib_BEfunc
::BEenableFields($systemNewsTable) .
596 t3lib_BEfunc
::deleteClause($systemNewsTable),
601 foreach ($systemNewsRecords as $systemNewsRecord) {
602 $systemNews[] = array(
604 $GLOBALS['TYPO3_CONF_VARS']['SYS']['ddmmyy'],
605 $systemNewsRecord['crdate']
607 'header' => $systemNewsRecord['title'],
608 'content' => $systemNewsRecord['content']
616 * Returns the form tag
618 * @return string Opening form tag string
620 function startForm() {
623 // The form defaults to 'no login'. This prevents plain
624 // text logins to the Backend. The 'sv' extension changes the form to
625 // use superchallenged method and rsaauth extension makes rsa authetication.
626 $form = '<form action="index.php" method="post" name="loginform" ' .
627 'onsubmit="alert(\'No authentication methods available. Please, ' .
628 'contact your TYPO3 administrator.\');return false">';
630 // Call hooks. If they do not return anything, we fail to login
631 if (is_array($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['typo3/index.php']['loginFormHook'])) {
632 foreach ($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['typo3/index.php']['loginFormHook'] as $function) {
634 $formCode = t3lib_div
::callUserFunction($function, $params, $this);
643 '<input type="hidden" name="login_status" value="login" />' .
644 '<input type="hidden" name="userident" value="" />' .
645 '<input type="hidden" name="redirect_url" value="'.htmlspecialchars($this->redirectToURL
).'" />' .
646 '<input type="hidden" name="loginRefresh" value="'.htmlspecialchars($this->loginRefresh
).'" />' .
647 $this->interfaceSelector_hidden
. $this->addFields_hidden
;
653 * Creates JavaScript for the login form
655 * @return string JavaScript code
657 function getJScode() {
659 if (is_array($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['typo3/index.php']['loginScriptHook'])) {
660 foreach ($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['typo3/index.php']['loginScriptHook'] as $function) {
662 $JSCode = t3lib_div
::callUserFunction($function, $params, $this);
668 $JSCode .= $GLOBALS['TBE_TEMPLATE']->wrapScriptTags('
670 // If the login screen is shown in the login_frameset window for re-login, then try to get the username of the current/former login from opening windows main frame:
672 if (parent.opener && parent.opener.TS && parent.opener.TS.username && document.loginform && document.loginform.username) {
673 document.loginform.username.value = parent.opener.TS.username;
680 // Wait a few millisecons before calling checkFocus(). This might be necessary because some browsers need some time to auto-fill in the form fields
681 window.setTimeout("checkFocus()", 50);
684 // This moves focus to the right input field:
685 function checkFocus() {
686 // If for some reason there already is a username in the username form field, move focus to the password field:
687 if (document.loginform.username && document.loginform.username.value == "") {
688 document.loginform.username.focus();
689 } else if (document.loginform.p_field && document.loginform.p_field.type!="hidden") {
690 document.loginform.p_field.focus();
694 // This function shows a warning, if user has capslock enabled
695 // parameter showWarning: shows warning if TRUE and capslock active, otherwise only hides warning, if capslock gets inactive
696 function checkCapslock(e, showWarning) {
697 if (!isCapslock(e)) {
698 document.getElementById(\'t3-capslock\').style.display = \'none\';
699 } else if (showWarning) {
700 document.getElementById(\'t3-capslock\').style.display = \'block\';
704 // Checks weather capslock is enabled (returns TRUE if enabled, false otherwise)
705 // thanks to http://24ways.org/2007/capturing-caps-lock
707 function isCapslock(e) {
708 var ev = e ? e : window.event;
712 var targ = ev.target ? ev.target : ev.srcElement;
717 } else if (ev.keyCode) {
721 var shift_status = false;
723 shift_status = ev.shiftKey;
724 } else if (ev.modifiers) {
725 shift_status = !!(ev.modifiers & 4);
727 return (((which >= 65 && which <= 90) && !shift_status) ||
728 ((which >= 97 && which <= 122) && shift_status));
731 // prevent opening the login form in the backend frameset
732 if (top.location.href != self.location.href) {
733 top.location.href = self.location.href;
742 * Checks if login credentials are currently submitted
746 protected function isLoginInProgress() {
747 $username = t3lib_div
::_GP('username');
748 return !(empty($username) && empty($this->commandLI
));
753 $SOBE = t3lib_div
::makeInstance('SC_index');
756 $SOBE->printContent();