[TASK] Remove global declarations inside methods
[Packages/TYPO3.CMS.git] / t3lib / class.t3lib_tsfebeuserauth.php
1 <?php
2 /***************************************************************
3 * Copyright notice
4 *
5 * (c) 1999-2011 Kasper Skårhøj (kasperYYYY@typo3.com)
6 * All rights reserved
7 *
8 * This script is part of the TYPO3 project. The TYPO3 project is
9 * free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
13 *
14 * The GNU General Public License can be found at
15 * http://www.gnu.org/copyleft/gpl.html.
16 * A copy is found in the textfile GPL.txt and important notices to the license
17 * from the author is found in LICENSE.txt distributed with these scripts.
18 *
19 *
20 * This script is distributed in the hope that it will be useful,
21 * but WITHOUT ANY WARRANTY; without even the implied warranty of
22 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
23 * GNU General Public License for more details.
24 *
25 * This copyright notice MUST APPEAR in all copies of the script!
26 ***************************************************************/
27 /**
28 * Class for TYPO3 backend user authentication in the TSFE frontend
29 *
30 * Revised for TYPO3 3.6 July/2003 by Kasper Skårhøj
31 * XHTML compliant
32 *
33 * @author Kasper Skårhøj <kasperYYYY@typo3.com>
34 */
35 /**
36 * [CLASS/FUNCTION INDEX of SCRIPT]
37 *
38 *
39 *
40 * 103: class t3lib_tsfeBeUserAuth extends t3lib_beUserAuth
41 * 129: function extInitFeAdmin()
42 * 154: function extPrintFeAdminDialog()
43 *
44 * SECTION: Creating sections of the Admin Panel
45 * 250: function extGetCategory_preview($out='')
46 * 283: function extGetCategory_cache($out='')
47 * 321: function extGetCategory_publish($out='')
48 * 356: function extGetCategory_edit($out='')
49 * 400: function extGetCategory_tsdebug($out='')
50 * 433: function extGetCategory_info($out='')
51 *
52 * SECTION: Admin Panel Layout Helper functions
53 * 506: function extGetHead($pre)
54 * 526: function extItemLink($pre,$str)
55 * 542: function extGetItem($pre,$element)
56 * 559: function extFw($str)
57 * 568: function ext_makeToolBar()
58 *
59 * SECTION: TSFE BE user Access Functions
60 * 637: function checkBackendAccessSettingsFromInitPhp()
61 * 682: function extPageReadAccess($pageRec)
62 * 693: function extAdmModuleEnabled($key)
63 * 709: function extSaveFeAdminConfig()
64 * 741: function extGetFeAdminValue($pre,$val='')
65 * 783: function extIsAdmMenuOpen($pre)
66 *
67 * SECTION: TSFE BE user Access Functions
68 * 818: function extGetTreeList($id,$depth,$begin=0,$perms_clause)
69 * 849: function extGetNumberOfCachedPages($page_id)
70 *
71 * SECTION: Localization handling
72 * 888: function extGetLL($key)
73 *
74 * SECTION: Frontend Editing
75 * 932: function extIsEditAction()
76 * 954: function extIsFormShown()
77 * 970: function extEditAction()
78 *
79 * TOTAL FUNCTIONS: 25
80 * (This index is automatically created/updated by the extension "extdeveval")
81 *
82 */
83
84
85 /**
86 * TYPO3 backend user authentication in the TSFE frontend.
87 * This includes mainly functions related to the Admin Panel
88 *
89 * @author Kasper Skårhøj <kasperYYYY@typo3.com>
90 * @package TYPO3
91 * @subpackage t3lib
92 */
93 class t3lib_tsfeBeUserAuth extends t3lib_beUserAuth {
94 /**
95 * Form field with login name.
96 *
97 * @var string
98 */
99 public $formfield_uname = '';
100
101 /**
102 * Form field with password.
103 *
104 * @var string
105 */
106 public $formfield_uident = '';
107
108 /**
109 * Form field with a unique value which is used to encrypt the password and username.
110 *
111 * @var string
112 */
113 public $formfield_chalvalue = '';
114
115 /**
116 * Sets the level of security. *'normal' = clear-text. 'challenged' = hashed password/username.
117 * from form in $formfield_uident. 'superchallenged' = hashed password hashed again with username.
118 *
119 * @var string
120 */
121 public $security_level = '';
122
123 /**
124 * Decides if the writelog() function is called at login and logout.
125 *
126 * @var boolean
127 */
128 public $writeStdLog = FALSE;
129
130 /**
131 * If the writelog() functions is called if a login-attempt has be tried without success.
132 *
133 * @var boolean
134 */
135 public $writeAttemptLog = FALSE;
136
137 /**
138 * Array of page related information (uid, title, depth).
139 *
140 * @var array
141 */
142 public $extPageInTreeInfo = array();
143
144 /**
145 * General flag which is set if the adminpanel should be displayed at all.
146 *
147 * @var boolean
148 */
149 public $extAdmEnabled = FALSE;
150
151 /**
152 * Instance of the admin panel
153 *
154 * @var tslib_AdminPanel
155 */
156 public $adminPanel = NULL;
157
158 /**
159 * Class for frontend editing.
160 *
161 * @var t3lib_frontendedit
162 */
163 public $frontendEdit = NULL;
164
165 /**
166 * Initializes the admin panel.
167 *
168 * @return void
169 */
170 public function initializeAdminPanel() {
171 $this->extAdminConfig = $this->getTSConfigProp('admPanel');
172
173 if (isset($this->extAdminConfig['enable.'])) {
174 foreach ($this->extAdminConfig['enable.'] as $key => $value) {
175 if ($value) {
176 $this->adminPanel = t3lib_div::makeInstance('tslib_AdminPanel');
177 $this->extAdmEnabled = TRUE;
178
179 break;
180 }
181 }
182 }
183 }
184
185 /**
186 * Initializes frontend editing.
187 *
188 * @return void
189 */
190 public function initializeFrontendEdit() {
191 if (isset($this->extAdminConfig['enable.']) && $this->isFrontendEditingActive()) {
192 foreach ($this->extAdminConfig['enable.'] as $key => $value) {
193 if ($value) {
194 if ($GLOBALS['TSFE'] instanceof tslib_fe) {
195 // Grab the Page TSConfig property that determines which controller to use.
196 $pageTSConfig = $GLOBALS['TSFE']->getPagesTSconfig();
197 $controllerKey = isset($pageTSConfig['TSFE.']['frontendEditingController']) ? $pageTSConfig['TSFE.']['frontendEditingController'] : 'default';
198 } else {
199 $controllerKey = 'default';
200 }
201
202 $controllerClass = $GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['t3lib/class.t3lib_tsfebeuserauth.php']['frontendEditingController'][$controllerKey];
203 if ($controllerClass) {
204 $this->frontendEdit = t3lib_div::getUserObj($controllerClass, FALSE);
205 }
206
207 break;
208 }
209 }
210 }
211 }
212
213 /**
214 * Determines whether frontend editing is currently active.
215 *
216 * @return boolean Wheter frontend editing is active
217 */
218 public function isFrontendEditingActive() {
219 return ($this->extAdmEnabled
220 && ($this->adminPanel->isAdminModuleEnabled('edit') && $this->adminPanel->isAdminModuleOpen('edit')
221 || $GLOBALS['TSFE']->displayEditIcons == 1)
222 );
223 }
224
225 /**
226 * Delegates to the appropriate view and renders the admin panel content.
227 *
228 * @return string.
229 */
230 public function displayAdminPanel() {
231 $content = $this->adminPanel->display();
232
233 return $content;
234 }
235
236 /**
237 * Determines whether the admin panel is enabled and visible.
238 *
239 * @return boolean Whether the admin panel is enabled and visible
240 */
241 public function isAdminPanelVisible() {
242 return ($this->extAdmEnabled && !$this->extAdminConfig['hide'] && $GLOBALS['TSFE']->config['config']['admPanel']);
243 }
244
245 /*****************************************************
246 *
247 * TSFE BE user Access Functions
248 *
249 ****************************************************/
250
251 /**
252 * Implementing the access checks that the typo3/init.php script does before a user is ever logged in.
253 * Used in the frontend.
254 *
255 * @return boolean Returns TRUE if access is OK
256 * @see typo3/init.php, t3lib_beuserauth::backendCheckLogin()
257 */
258 public function checkBackendAccessSettingsFromInitPhp() {
259
260 // **********************
261 // Check Hardcoded lock on BE:
262 // **********************
263 if ($GLOBALS['TYPO3_CONF_VARS']['BE']['adminOnly'] < 0) {
264 return FALSE;
265 }
266
267 // **********************
268 // Check IP
269 // **********************
270 if (trim($GLOBALS['TYPO3_CONF_VARS']['BE']['IPmaskList'])) {
271 if (!t3lib_div::cmpIP(t3lib_div::getIndpEnv('REMOTE_ADDR'), $GLOBALS['TYPO3_CONF_VARS']['BE']['IPmaskList'])) {
272 return FALSE;
273 }
274 }
275
276
277 // **********************
278 // Check SSL (https)
279 // **********************
280 if (intval($GLOBALS['TYPO3_CONF_VARS']['BE']['lockSSL']) && $GLOBALS['TYPO3_CONF_VARS']['BE']['lockSSL'] != 3) {
281 if (!t3lib_div::getIndpEnv('TYPO3_SSL')) {
282 return FALSE;
283 }
284 }
285
286 // Finally a check from t3lib_beuserauth::backendCheckLogin()
287 if ($this->isUserAllowedToLogin()) {
288 return TRUE;
289 } else {
290 return FALSE;
291 }
292 }
293
294
295 /**
296 * Evaluates if the Backend User has read access to the input page record.
297 * The evaluation is based on both read-permission and whether the page is found in one of the users webmounts. Only if both conditions are TRUE will the function return TRUE.
298 * Read access means that previewing is allowed etc.
299 * Used in index_ts.php
300 *
301 * @param array The page record to evaluate for
302 * @return boolean TRUE if read access
303 */
304 public function extPageReadAccess($pageRec) {
305 return $this->isInWebMount($pageRec['uid']) && $this->doesUserHaveAccess($pageRec, 1);
306 }
307
308 /*****************************************************
309 *
310 * TSFE BE user Access Functions
311 *
312 ****************************************************/
313
314 /**
315 * Generates a list of Page-uid's from $id. List does not include $id itself
316 * The only pages excluded from the list are deleted pages.
317 *
318 * @param integer Start page id
319 * @param integer Depth to traverse down the page tree.
320 * @param integer $begin is an optional integer that determines at which level in the tree to start collecting uid's. Zero means 'start right away', 1 = 'next level and out'
321 * @param string Perms clause
322 * @return string Returns the list with a comma in the end (if any pages selected!)
323 */
324 public function extGetTreeList($id, $depth, $begin = 0, $perms_clause) {
325 $depth = intval($depth);
326 $begin = intval($begin);
327 $id = intval($id);
328 $theList = '';
329
330 if ($id && $depth > 0) {
331 $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery(
332 'uid,title',
333 'pages',
334 'pid=' . $id . ' AND doktype IN (' . $GLOBALS['TYPO3_CONF_VARS']['FE']['content_doktypes'] . ') AND deleted=0 AND ' . $perms_clause
335 );
336 while ($row = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res)) {
337 if ($begin <= 0) {
338 $theList .= $row['uid'] . ',';
339 $this->extPageInTreeInfo[] = array($row['uid'], htmlspecialchars($row['title'], $depth));
340 }
341 if ($depth > 1) {
342 $theList .= $this->extGetTreeList($row['uid'], $depth - 1, $begin - 1, $perms_clause);
343 }
344 }
345 }
346 return $theList;
347 }
348
349 /**
350 * Returns the number of cached pages for a page id.
351 *
352 * @param integer The page id.
353 * @return integer The number of pages for this page in the table "cache_pages"
354 */
355 public function extGetNumberOfCachedPages($pageId) {
356 $pageCache = $GLOBALS['typo3CacheManager']->getCache('cache_pages');
357 $pageCacheEntries = $pageCache->getByTag('pageId_' . (int)$pageId);
358 return count($pageCacheEntries);
359 }
360
361
362 /*****************************************************
363 *
364 * Localization handling
365 *
366 ****************************************************/
367
368 /**
369 * Returns the label for key, $key. If a translation for the language set in $this->uc['lang'] is found that is returned, otherwise the default value.
370 * IF the global variable $LOCAL_LANG is NOT an array (yet) then this function loads the global $LOCAL_LANG array with the content of "sysext/lang/locallang_tsfe.php" so that the values therein can be used for labels in the Admin Panel
371 *
372 * @param string Key for a label in the $GLOBALS['LOCAL_LANG'] array of "sysext/lang/locallang_tsfe.php"
373 * @return string The value for the $key
374 */
375 public function extGetLL($key) {
376 if (!is_array($GLOBALS['LOCAL_LANG'])) {
377 $GLOBALS['LANG']->includeLLFile('EXT:lang/locallang_tsfe.php');
378 #include('./'.TYPO3_mainDir.'sysext/lang/locallang_tsfe.php');
379 if (!is_array($GLOBALS['LOCAL_LANG'])) {
380 $GLOBALS['LOCAL_LANG'] = array();
381 }
382 }
383
384 $labelStr = htmlspecialchars($GLOBALS['LANG']->getLL($key)); // Label string in the default backend output charset.
385
386 // Convert to utf-8, then to entities:
387 if ($GLOBALS['LANG']->charSet != 'utf-8') {
388 $labelStr = $GLOBALS['LANG']->csConvObj->utf8_encode($labelStr, $GLOBALS['LANG']->charSet);
389 }
390 $labelStr = $GLOBALS['LANG']->csConvObj->utf8_to_entities($labelStr);
391
392 // Return the result:
393 return $labelStr;
394 }
395
396 }
397
398
399 if (defined('TYPO3_MODE') && isset($GLOBALS['TYPO3_CONF_VARS'][TYPO3_MODE]['XCLASS']['t3lib/class.t3lib_tsfebeuserauth.php'])) {
400 include_once($GLOBALS['TYPO3_CONF_VARS'][TYPO3_MODE]['XCLASS']['t3lib/class.t3lib_tsfebeuserauth.php']);
401 }
402
403 ?>