b1f87195ec4ac1a4f757581cde05171ab3d72058
[Packages/TYPO3.CMS.git] / typo3 / sysext / backend / Classes / Controller / LoginController.php
1 <?php
2 namespace TYPO3\CMS\Backend\Controller;
3
4 /*
5 * This file is part of the TYPO3 CMS project.
6 *
7 * It is free software; you can redistribute it and/or modify it under
8 * the terms of the GNU General Public License, either version 2
9 * of the License, or any later version.
10 *
11 * For the full copyright and license information, please read the
12 * LICENSE.txt file that was distributed with this source code.
13 *
14 * The TYPO3 project - inspiring people to share!
15 */
16
17 use TYPO3\CMS\Backend\Utility\BackendUtility;
18 use TYPO3\CMS\Backend\Utility\IconUtility;
19 use TYPO3\CMS\Core\Html\HtmlParser;
20 use TYPO3\CMS\Core\Messaging\FlashMessage;
21 use TYPO3\CMS\Core\Utility\ExtensionManagementUtility;
22 use TYPO3\CMS\Core\Utility\GeneralUtility;
23 use TYPO3\CMS\Core\Utility\HttpUtility;
24
25 /**
26 * Script Class for rendering the login form
27 *
28 * @author Kasper Skårhøj <kasperYYYY@typo3.com>
29 */
30 class LoginController {
31
32 const SIGNAL_RenderLoginForm = 'renderLoginForm';
33
34 /**
35 * The URL to redirect to after login.
36 *
37 * @var string
38 */
39 public $redirect_url;
40
41 /**
42 * Defines which interface to load (from interface selector)
43 *
44 * @var string
45 */
46 public $GPinterface;
47
48 /**
49 * preset username
50 *
51 * @var string
52 */
53 public $u;
54
55 /**
56 * preset password
57 *
58 * @var string
59 */
60 public $p;
61
62 /**
63 * OpenID URL submitted by form
64 *
65 * @var string
66 */
67 protected $openIdUrl;
68
69 /**
70 * If "L" is "OUT", then any logged in used is logged out. If redirect_url is given, we redirect to it
71 *
72 * @var string
73 */
74 public $L;
75
76 /**
77 * Login-refresh boolean; The backend will call this script
78 * with this value set when the login is close to being expired
79 * and the form needs to be redrawn.
80 *
81 * @var bool
82 */
83 public $loginRefresh;
84
85 /**
86 * Value of forms submit button for login.
87 *
88 * @var string
89 */
90 public $commandLI;
91
92 /**
93 * Set to the redirect URL of the form (may be redirect_url or "backend.php")
94 *
95 * @var string
96 */
97 public $redirectToURL;
98
99 /**
100 * Content accumulation
101 *
102 * @var string
103 */
104 public $content;
105
106 /**
107 * A selector box for selecting value for "interface" may be rendered into this variable
108 *
109 * @var string
110 */
111 public $interfaceSelector;
112
113 /**
114 * A selector box for selecting value for "interface" may be rendered into this variable
115 * this will have an onchange action which will redirect the user to the selected interface right away
116 *
117 * @var string
118 */
119 public $interfaceSelector_jump;
120
121 /**
122 * A hidden field, if the interface is not set.
123 *
124 * @var string
125 */
126 public $interfaceSelector_hidden;
127
128 /**
129 * Additional hidden fields to be placed at the login form
130 *
131 * @var string
132 */
133 public $addFields_hidden = '';
134
135 /**
136 * Sets the level of security. *'normal' = clear-text. 'challenged' = hashed
137 * password/username from form in $formfield_uident. 'superchallenged' = hashed password hashed again with username.
138 *
139 * @var string
140 */
141 public $loginSecurityLevel = 'superchallenged';
142
143 /**
144 * @var \TYPO3\CMS\Extbase\SignalSlot\Dispatcher
145 */
146 protected $signalSlotDispatcher;
147
148 /**
149 * Constructor
150 */
151 public function __construct() {
152 $this->init();
153 }
154
155 /**
156 * Initialize the login box. Will also react on a &L=OUT flag and exit.
157 *
158 * @return void
159 */
160 public function init() {
161 // We need a PHP session session for most login levels
162 session_start();
163 $this->redirect_url = GeneralUtility::sanitizeLocalUrl(GeneralUtility::_GP('redirect_url'));
164 $this->GPinterface = GeneralUtility::_GP('interface');
165 // Grabbing preset username and password, for security reasons this feature only works if SSL is used
166 if (GeneralUtility::getIndpEnv('TYPO3_SSL')) {
167 $this->u = GeneralUtility::_GP('u');
168 $this->p = GeneralUtility::_GP('p');
169 $this->openIdUrl = GeneralUtility::_GP('openid_url');
170 }
171 // If "L" is "OUT", then any logged in is logged out. If redirect_url is given, we redirect to it
172 $this->L = GeneralUtility::_GP('L');
173 // Login
174 $this->loginRefresh = GeneralUtility::_GP('loginRefresh');
175 // Value of "Login" button. If set, the login button was pressed.
176 $this->commandLI = GeneralUtility::_GP('commandLI');
177 // Sets the level of security from conf vars
178 if ($GLOBALS['TYPO3_CONF_VARS']['BE']['loginSecurityLevel']) {
179 $this->loginSecurityLevel = $GLOBALS['TYPO3_CONF_VARS']['BE']['loginSecurityLevel'];
180 }
181 // Try to get the preferred browser language
182 $preferredBrowserLanguage = $GLOBALS['LANG']->csConvObj->getPreferredClientLanguage(GeneralUtility::getIndpEnv('HTTP_ACCEPT_LANGUAGE'));
183 // If we found a $preferredBrowserLanguage and it is not the default language and no be_user is logged in
184 // initialize $GLOBALS['LANG'] again with $preferredBrowserLanguage
185 if ($preferredBrowserLanguage !== 'default' && empty($GLOBALS['BE_USER']->user['uid'])) {
186 $GLOBALS['LANG']->init($preferredBrowserLanguage);
187 }
188 $GLOBALS['LANG']->includeLLFile('EXT:lang/locallang_login.xlf');
189 // Setting the redirect URL to "backend.php" if no alternative input is given
190 $this->redirectToURL = $this->redirect_url ?: 'backend.php';
191 // Do a logout if the command is set
192 if ($this->L == 'OUT' && is_object($GLOBALS['BE_USER'])) {
193 $GLOBALS['BE_USER']->logoff();
194 HttpUtility::redirect($this->redirect_url);
195 }
196 }
197
198 /**
199 * Main function - creating the login/logout form
200 *
201 * @return void
202 */
203 public function main() {
204 // Initialize template object:
205 $GLOBALS['TBE_TEMPLATE']->moduleTemplate = $GLOBALS['TBE_TEMPLATE']->getHtmlTemplate('EXT:backend/Resources/Private/Templates/login.html');
206 /** @var $pageRenderer \TYPO3\CMS\Core\Page\PageRenderer */
207 $pageRenderer = $GLOBALS['TBE_TEMPLATE']->getPageRenderer();
208 $pageRenderer->loadJquery();
209
210 // support placeholders for IE9 and lower
211 $clientInfo = GeneralUtility::clientInfo();
212 if ($clientInfo['BROWSER'] == 'msie' && $clientInfo['VERSION'] <= 9) {
213 $pageRenderer->addJsLibrary('placeholders', 'contrib/placeholdersjs/placeholders.jquery.min.js');
214 }
215
216 $pageRenderer->loadRequireJsModule('TYPO3/CMS/Backend/Login');
217 if (is_array($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['typo3/index.php']['loginScriptHook'])) {
218 foreach ($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['typo3/index.php']['loginScriptHook'] as $function) {
219 $params = array();
220 $JSCode = GeneralUtility::callUserFunction($function, $params, $this);
221 if ($JSCode) {
222 $GLOBALS['TBE_TEMPLATE']->JScode .= $JSCode;
223 break;
224 }
225 }
226 }
227
228 // Checking, if we should make a redirect.
229 // Might set JavaScript in the header to close window.
230 $this->checkRedirect();
231 // Initialize interface selectors:
232 $this->makeInterfaceSelectorBox();
233 // Creating form based on whether there is a login or not:
234 if (empty($GLOBALS['BE_USER']->user['uid'])) {
235 $GLOBALS['TBE_TEMPLATE']->form = $this->startForm();
236 $loginForm = $this->makeLoginForm();
237 } else {
238 $GLOBALS['TBE_TEMPLATE']->form = '
239 <form action="index.php" method="post" name="loginform">
240 <input type="hidden" name="login_status" value="logout" />
241 ';
242 $loginForm = $this->makeLogoutForm();
243 }
244
245 // Starting page:
246 $this->content .= $GLOBALS['TBE_TEMPLATE']->startPage('TYPO3 CMS Login: ' . $GLOBALS['TYPO3_CONF_VARS']['SYS']['sitename'], FALSE);
247 // Add login form:
248 $this->content .= $this->wrapLoginForm($loginForm);
249 $this->content .= $GLOBALS['TBE_TEMPLATE']->endPage();
250 }
251
252 /**
253 * Outputting the accumulated content to screen
254 *
255 * @return void
256 */
257 public function printContent() {
258 echo $this->content;
259 }
260
261 /*****************************
262 *
263 * Various functions
264 *
265 ******************************/
266 /**
267 * Creates the login form
268 * This is drawn when NO login exists.
269 *
270 * @return string HTML output
271 */
272 public function makeLoginForm() {
273 $content = HtmlParser::getSubpart($GLOBALS['TBE_TEMPLATE']->moduleTemplate, '###LOGIN_FORM###');
274 $markers = array(
275 'VALUE_USERNAME' => htmlspecialchars($this->u),
276 'VALUE_PASSWORD' => htmlspecialchars($this->p),
277 'VALUE_OPENID_URL' => htmlspecialchars($this->openIdUrl),
278 'VALUE_SUBMIT' => $GLOBALS['LANG']->getLL('labels.submitLogin', TRUE)
279 );
280 // Show an error message if the login command was successful already, otherwise remove the subpart
281 if (!$this->isLoginInProgress()) {
282 $content = HtmlParser::substituteSubpart($content, '###LOGIN_ERROR###', '');
283 } else {
284 $markers['ERROR_MESSAGE'] = $GLOBALS['LANG']->getLL('error.login', TRUE);
285 $markers['ERROR_LOGIN_TITLE'] = $GLOBALS['LANG']->getLL('error.login.title', TRUE);
286 $markers['ERROR_LOGIN_DESCRIPTION'] = $GLOBALS['LANG']->getLL('error.login.description', TRUE);
287 }
288 // Remove the interface selector markers if it's not available
289 if (!($this->interfaceSelector && !$this->loginRefresh)) {
290 $content = HtmlParser::substituteSubpart($content, '###INTERFACE_SELECTOR###', '');
291 } else {
292 $markers['LABEL_INTERFACE'] = $GLOBALS['LANG']->getLL('labels.interface', TRUE);
293 $markers['VALUE_INTERFACE'] = $this->interfaceSelector;
294 }
295 return HtmlParser::substituteMarkerArray($content, $markers, '###|###');
296 }
297
298 /**
299 * Creates the logout form
300 * This is drawn if a user login already exists.
301 *
302 * @return string HTML output
303 */
304 public function makeLogoutForm() {
305 $content = HtmlParser::getSubpart($GLOBALS['TBE_TEMPLATE']->moduleTemplate, '###LOGOUT_FORM###');
306 $markers = array(
307 'LABEL_USERNAME' => $GLOBALS['LANG']->getLL('labels.username', TRUE),
308 'VALUE_USERNAME' => htmlspecialchars($GLOBALS['BE_USER']->user['username']),
309 'VALUE_SUBMIT' => $GLOBALS['LANG']->getLL('labels.submitLogout', TRUE)
310 );
311 // Remove the interface selector markers if it's not available
312 if (!$this->interfaceSelector_jump) {
313 $content = HtmlParser::substituteSubpart($content, '###INTERFACE_SELECTOR###', '');
314 } else {
315 $markers['LABEL_INTERFACE'] = $GLOBALS['LANG']->getLL('labels.interface', TRUE);
316 $markers['VALUE_INTERFACE'] = $this->interfaceSelector_jump;
317 }
318 return HtmlParser::substituteMarkerArray($content, $markers, '###|###');
319 }
320
321 /**
322 * Wrapping the login form table in another set of tables etc:
323 *
324 * @param string $content HTML content for the login form
325 * @return string The HTML for the page.
326 */
327 public function wrapLoginForm($content) {
328 $mainContent = HtmlParser::getSubpart($GLOBALS['TBE_TEMPLATE']->moduleTemplate, '###PAGE###');
329
330 if ($GLOBALS['TBE_STYLES']['logo_login']) {
331 $logo = '<img src="' . htmlspecialchars(($GLOBALS['BACK_PATH'] . $GLOBALS['TBE_STYLES']['logo_login'])) . '" alt="" class="t3-login-logo" />';
332 } else {
333 $logo = '<img' . IconUtility::skinImg($GLOBALS['BACK_PATH'], 'gfx/typo3-transparent@2x.png', 'width="140" height="39"') . ' alt="" class="t3-login-logo t3-default-logo" />';
334 }
335
336 $additionalCssClasses = array();
337 if ($this->isLoginInProgress()) {
338 $additionalCssClasses[] = 'error';
339 }
340 if ($this->loginRefresh) {
341 $additionalCssClasses[] = 'refresh';
342 }
343 $markers = array(
344 'LOGO' => $logo,
345 'LOGINBOX_IMAGE' => '',
346 'FORM' => $content,
347 'NEWS' => $this->makeLoginNews(),
348 'COPYRIGHT' => BackendUtility::TYPO3_copyRightNotice($GLOBALS['TYPO3_CONF_VARS']['SYS']['loginCopyrightShowVersion']),
349 'CSS_CLASSES' => !empty($additionalCssClasses) ? 'class="' . implode(' ', $additionalCssClasses) . '"' : '',
350 'CSS_OPENIDCLASS' => 't3-login-openid-' . (\TYPO3\CMS\Core\Utility\ExtensionManagementUtility::isLoaded('openid') ? 'enabled' : 'disabled'),
351 // The labels will be replaced later on, thus the other parts above
352 // can use these markers as well and it will be replaced
353 'HEADLINE' => $GLOBALS['LANG']->getLL('headline', TRUE),
354 'INFO_ABOUT' => $GLOBALS['LANG']->getLL('info.about', TRUE),
355 'INFO_RELOAD' => $GLOBALS['LANG']->getLL('info.reset', TRUE),
356 'INFO' => $GLOBALS['LANG']->getLL('info.cookies_and_js', TRUE),
357 'ERROR_JAVASCRIPT' => $GLOBALS['LANG']->getLL('error.javascript', TRUE),
358 'ERROR_COOKIES' => $GLOBALS['LANG']->getLL('error.cookies', TRUE),
359 'ERROR_COOKIES_IGNORE' => $GLOBALS['LANG']->getLL('error.cookies_ignore', TRUE),
360 'ERROR_CAPSLOCK' => $GLOBALS['LANG']->getLL('error.capslock', TRUE),
361 'ERROR_FURTHERHELP' => $GLOBALS['LANG']->getLL('error.furtherInformation', TRUE),
362 'LABEL_DONATELINK' => $GLOBALS['LANG']->getLL('labels.donate', TRUE),
363 'LABEL_USERNAME' => $GLOBALS['LANG']->getLL('labels.username', TRUE),
364 'LABEL_OPENID' => $GLOBALS['LANG']->getLL('labels.openId', TRUE),
365 'LABEL_PASSWORD' => $GLOBALS['LANG']->getLL('labels.password', TRUE),
366 'LABEL_WHATISOPENID' => $GLOBALS['LANG']->getLL('labels.whatIsOpenId', TRUE),
367 'LABEL_SWITCHOPENID' => $GLOBALS['LANG']->getLL('labels.switchToOpenId', TRUE),
368 'LABEL_SWITCHDEFAULT' => $GLOBALS['LANG']->getLL('labels.switchToDefault', TRUE),
369 'CLEAR' => $GLOBALS['LANG']->getLL('clear', TRUE),
370 'LOGIN_PROCESS' => $GLOBALS['LANG']->getLL('login_process', TRUE),
371 'SITELINK' => '<a href="/">###SITENAME###</a>',
372 // Global variables will now be replaced (at last)
373 'SITENAME' => htmlspecialchars($GLOBALS['TYPO3_CONF_VARS']['SYS']['sitename'])
374 );
375 $markers = $this->emitRenderLoginFormSignal($markers);
376 $mainContent = HtmlParser::substituteMarkerArray($mainContent, $markers, '###|###');
377
378 // OPENID_LOADED
379 if (!ExtensionManagementUtility::isLoaded('openid')) {
380 $mainContent = HtmlParser::substituteSubpart($mainContent, 'OPENID_LOADED', '');
381 }
382 return $mainContent;
383 }
384
385 /**
386 * Checking, if we should perform some sort of redirection OR closing of windows.
387 *
388 * @return void
389 */
390 public function checkRedirect() {
391 // Do redirect:
392 // If a user is logged in AND a) if either the login is just done (isLoginInProgress) or b) a loginRefresh is done or c) the interface-selector is NOT enabled (If it is on the other hand, it should not just load an interface, because people has to choose then...)
393 if (!empty($GLOBALS['BE_USER']->user['uid']) && ($this->isLoginInProgress() || $this->loginRefresh || !$this->interfaceSelector)) {
394 // If no cookie has been set previously we tell people that this is a problem. This assumes that a cookie-setting script (like this one) has been hit at least once prior to this instance.
395 if (!$_COOKIE[\TYPO3\CMS\Core\Authentication\BackendUserAuthentication::getCookieName()]) {
396 if ($this->commandLI == 'setCookie') {
397 // we tried it a second time but still no cookie
398 // 26/4 2005: This does not work anymore, because the saving of challenge values in $_SESSION means the system will act as if the password was wrong.
399 throw new \RuntimeException('Login-error: Yeah, that\'s a classic. No cookies, no TYPO3.<br /><br />Please accept cookies from TYPO3 - otherwise you\'ll not be able to use the system.', 1294586846);
400 } else {
401 // try it once again - that might be needed for auto login
402 $this->redirectToURL = 'index.php?commandLI=setCookie';
403 }
404 }
405 if ($redirectToURL = (string)$GLOBALS['BE_USER']->getTSConfigVal('auth.BE.redirectToURL')) {
406 $this->redirectToURL = $redirectToURL;
407 $this->GPinterface = '';
408 }
409 // store interface
410 $GLOBALS['BE_USER']->uc['interfaceSetup'] = $this->GPinterface;
411 $GLOBALS['BE_USER']->writeUC();
412 // Based on specific setting of interface we set the redirect script:
413 switch ($this->GPinterface) {
414 case 'backend':
415 $this->redirectToURL = 'backend.php';
416 break;
417 case 'frontend':
418 $this->redirectToURL = '../';
419 break;
420 }
421 /** @var $formProtection \TYPO3\CMS\Core\FormProtection\BackendFormProtection */
422 $formProtection = \TYPO3\CMS\Core\FormProtection\FormProtectionFactory::get();
423 // If there is a redirect URL AND if loginRefresh is not set...
424 if (!$this->loginRefresh) {
425 $formProtection->storeSessionTokenInRegistry();
426 HttpUtility::redirect($this->redirectToURL);
427 } else {
428 $formProtection->setSessionTokenFromRegistry();
429 $formProtection->persistSessionToken();
430 $GLOBALS['TBE_TEMPLATE']->JScode .= $GLOBALS['TBE_TEMPLATE']->wrapScriptTags('
431 if (parent.opener && parent.opener.TYPO3 && parent.opener.TYPO3.LoginRefresh) {
432 parent.opener.TYPO3.LoginRefresh.startTask();
433 parent.close();
434 }
435 ');
436 }
437 } elseif (empty($GLOBALS['BE_USER']->user['uid']) && $this->isLoginInProgress()) {
438 // Wrong password, wait for 5 seconds
439 sleep(5);
440 }
441 }
442
443 /**
444 * Making interface selector:
445 *
446 * @return void
447 */
448 public function makeInterfaceSelectorBox() {
449 // Reset variables:
450 $this->interfaceSelector = '';
451 $this->interfaceSelector_hidden = '';
452 $this->interfaceSelector_jump = '';
453 // If interfaces are defined AND no input redirect URL in GET vars:
454 if ($GLOBALS['TYPO3_CONF_VARS']['BE']['interfaces'] && ($this->isLoginInProgress() || !$this->redirect_url)) {
455 $parts = GeneralUtility::trimExplode(',', $GLOBALS['TYPO3_CONF_VARS']['BE']['interfaces']);
456 // Only if more than one interface is defined will we show the selector:
457 if (count($parts) > 1) {
458 // Initialize:
459 $labels = array(
460 'backend' => $GLOBALS['LANG']->getLL('interface.backend'),
461 'frontend' => $GLOBALS['LANG']->getLL('interface.frontend')
462 );
463 $jumpScript = array(
464 'backend' => 'backend.php',
465 'frontend' => '../'
466 );
467 // Traverse the interface keys:
468 foreach ($parts as $valueStr) {
469 $this->interfaceSelector .= '
470 <option value="' . htmlspecialchars($valueStr) . '"' . (GeneralUtility::_GP('interface') == htmlspecialchars($valueStr) ? ' selected="selected"' : '') . '>' . htmlspecialchars($labels[$valueStr]) . '</option>';
471 $this->interfaceSelector_jump .= '
472 <option value="' . htmlspecialchars($jumpScript[$valueStr]) . '">' . htmlspecialchars($labels[$valueStr]) . '</option>';
473 }
474 $this->interfaceSelector = '
475 <select id="t3-interfaceselector" name="interface" class="form-control t3-interfaces input-lg" tabindex="3">' . $this->interfaceSelector . '
476 </select>';
477 $this->interfaceSelector_jump = '
478 <select id="t3-interfaceselector" name="interface" class="form-control t3-interfaces input-lg" tabindex="3" onchange="window.location.href=this.options[this.selectedIndex].value;">' . $this->interfaceSelector_jump . '
479 </select>';
480 } elseif (!$this->redirect_url) {
481 // If there is only ONE interface value set and no redirect_url is present:
482 $this->interfaceSelector_hidden = '<input type="hidden" name="interface" value="' . trim($GLOBALS['TYPO3_CONF_VARS']['BE']['interfaces']) . '" />';
483 }
484 }
485 }
486
487 /**
488 * Returns the login box image, whether the default or an image from the rotation folder.
489 *
490 * @return string HTML image tag.
491 * @deprecated since TYPO3 CMS 7, will be removed in TYPO3 CMS 8, see Deprecation-60559-MakeLoginBoxImage.rst
492 */
493 public function makeLoginBoxImage() {
494 GeneralUtility::logDeprecatedFunction();
495 return '';
496 }
497
498 /**
499 * Make login news - renders the HTML content for a list of news shown under
500 * the login form. News data is added through sys_news records
501 *
502 * @return string HTML content
503 * @credits Idea by Jan-Hendrik Heuing
504 */
505 public function makeLoginNews() {
506 $newsContent = '';
507 $systemNews = $this->getSystemNews();
508 // Traverse news array IF there are records in it:
509 if (is_array($systemNews) && count($systemNews) && !GeneralUtility::_GP('loginRefresh')) {
510 /** @var $htmlParser \TYPO3\CMS\Core\Html\RteHtmlParser */
511 $htmlParser = GeneralUtility::makeInstance(\TYPO3\CMS\Core\Html\RteHtmlParser::class);
512 $htmlParser->procOptions['dontHSC_rte'] = TRUE;
513
514 // Get the main news template, and replace the subpart after looped through
515 $newsContent = HtmlParser::getSubpart($GLOBALS['TBE_TEMPLATE']->moduleTemplate, '###LOGIN_NEWS###');
516 $newsItemTemplate = HtmlParser::getSubpart($newsContent, '###NEWS_ITEM###');
517 $newsItem = '';
518 $count = 1;
519 foreach ($systemNews as $newsItemData) {
520 $additionalClass = '';
521 if ($count === 1) {
522 $additionalClass = ' first-item';
523 } elseif ($count === count($systemNews)) {
524 $additionalClass = ' last-item';
525 }
526 $newsItemContent = $htmlParser->TS_transform_rte($htmlParser->TS_links_rte($newsItemData['content']));
527 $newsItemMarker = array(
528 '###HEADER###' => htmlspecialchars($newsItemData['header']),
529 '###DATE###' => htmlspecialchars($newsItemData['date']),
530 '###CONTENT###' => $newsItemContent,
531 '###CLASS###' => $additionalClass
532 );
533 $count++;
534 $newsItem .= HtmlParser::substituteMarkerArray($newsItemTemplate, $newsItemMarker);
535 }
536 $title = $GLOBALS['TYPO3_CONF_VARS']['BE']['loginNewsTitle'] ? $GLOBALS['TYPO3_CONF_VARS']['BE']['loginNewsTitle'] : $GLOBALS['LANG']->getLL('newsheadline');
537 $newsContent = HtmlParser::substituteMarker($newsContent, '###NEWS_HEADLINE###', htmlspecialchars($title));
538 $newsContent = HtmlParser::substituteSubpart($newsContent, '###NEWS_ITEM###', $newsItem);
539 }
540 return $newsContent;
541 }
542
543 /**
544 * Gets news from sys_news and converts them into a format suitable for
545 * showing them at the login screen.
546 *
547 * @return array An array of login news.
548 */
549 protected function getSystemNews() {
550 $systemNewsTable = 'sys_news';
551 $systemNews = array();
552 $systemNewsRecords = $GLOBALS['TYPO3_DB']->exec_SELECTgetRows('title, content, crdate', $systemNewsTable, '1=1' . BackendUtility::BEenableFields($systemNewsTable) . BackendUtility::deleteClause($systemNewsTable), '', 'crdate DESC');
553 foreach ($systemNewsRecords as $systemNewsRecord) {
554 $systemNews[] = array(
555 'date' => date($GLOBALS['TYPO3_CONF_VARS']['SYS']['ddmmyy'], $systemNewsRecord['crdate']),
556 'header' => $systemNewsRecord['title'],
557 'content' => $systemNewsRecord['content']
558 );
559 }
560 return $systemNews;
561 }
562
563 /**
564 * Returns the form tag
565 *
566 * @return string Opening form tag string
567 */
568 public function startForm() {
569 $output = '';
570 // The form defaults to 'no login'. This prevents plain
571 // text logins to the Backend. The 'sv' extension changes the form to
572 // use superchallenged method and rsaauth extension makes rsa authentication.
573 $form = '<form action="index.php" method="post" name="loginform" ' . 'onsubmit="alert(\'No authentication methods available. Please, contact your TYPO3 administrator.\');return false">';
574 // Call hooks. If they do not return anything, we fail to login
575 if (is_array($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['typo3/index.php']['loginFormHook'])) {
576 foreach ($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['typo3/index.php']['loginFormHook'] as $function) {
577 $params = array();
578 $formCode = GeneralUtility::callUserFunction($function, $params, $this);
579 if ($formCode) {
580 $form = $formCode;
581 break;
582 }
583 }
584 }
585 $output .= $form . '<input type="hidden" name="login_status" value="login" />' .
586 '<input type="hidden" id="t3-field-userident" name="userident" value="" />' .
587 '<input type="hidden" name="redirect_url" value="' . htmlspecialchars($this->redirectToURL) . '" />' .
588 '<input type="hidden" name="loginRefresh" value="' . htmlspecialchars($this->loginRefresh) . '" />' .
589 $this->interfaceSelector_hidden . $this->addFields_hidden;
590 return $output;
591 }
592
593 /**
594 * Creates JavaScript for the login form
595 *
596 * @return string JavaScript code
597 * @deprecated since TYPO3 CMS 7, will be removed in TYPO3 CMS 8
598 */
599 public function getJScode() {
600 GeneralUtility::logDeprecatedFunction();
601 }
602
603 /**
604 * Checks if login credentials are currently submitted
605 *
606 * @return bool
607 */
608 protected function isLoginInProgress() {
609 $username = GeneralUtility::_GP('username');
610 return !(empty($username) && empty($this->commandLI));
611 }
612
613 /**
614 * Emits the render login form signal
615 *
616 * @param array $markers Array with markers for the login form
617 * @return array Modified markers array
618 */
619 protected function emitRenderLoginFormSignal(array $markers) {
620 $signalArguments = $this->getSignalSlotDispatcher()->dispatch(\TYPO3\CMS\Backend\Controller\LoginController::class, self::SIGNAL_RenderLoginForm, array($this, $markers));
621 return $signalArguments[1];
622 }
623
624 /**
625 * Get the SignalSlot dispatcher
626 *
627 * @return \TYPO3\CMS\Extbase\SignalSlot\Dispatcher
628 */
629 protected function getSignalSlotDispatcher() {
630 if (!isset($this->signalSlotDispatcher)) {
631 $this->signalSlotDispatcher = $this->getObjectManager()->get(\TYPO3\CMS\Extbase\SignalSlot\Dispatcher::class);
632 }
633 return $this->signalSlotDispatcher;
634 }
635
636 /**
637 * Get the ObjectManager
638 *
639 * @return \TYPO3\CMS\Extbase\Object\ObjectManager
640 */
641 protected function getObjectManager() {
642 return GeneralUtility::makeInstance(\TYPO3\CMS\Extbase\Object\ObjectManager::class);
643 }
644
645 }