[TASK] Remove global declarations inside methods
[Packages/TYPO3.CMS.git] / typo3 / index.php
1 <?php
2 /***************************************************************
3 * Copyright notice
4 *
5 * (c) 1999-2011 Kasper Skårhøj (kasperYYYY@typo3.com)
6 * All rights reserved
7 *
8 * This script is part of the TYPO3 project. The TYPO3 project is
9 * free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
13 *
14 * The GNU General Public License can be found at
15 * http://www.gnu.org/copyleft/gpl.html.
16 * A copy is found in the textfile GPL.txt and important notices to the license
17 * from the author is found in LICENSE.txt distributed with these scripts.
18 *
19 *
20 * This script is distributed in the hope that it will be useful,
21 * but WITHOUT ANY WARRANTY; without even the implied warranty of
22 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
23 * GNU General Public License for more details.
24 *
25 * This copyright notice MUST APPEAR in all copies of the script!
26 ***************************************************************/
27 /**
28 * Login-screen of TYPO3.
29 *
30 * Revised for TYPO3 3.6 December/2003 by Kasper Skårhøj
31 * XHTML compliant
32 *
33 * @author Kasper Skårhøj <kasperYYYY@typo3.com>
34 */
35 /**
36 * [CLASS/FUNCTION INDEX of SCRIPT]
37 *
38 *
39 *
40 * 87: class SC_index
41 * 120: function init()
42 * 159: function main()
43 * 268: function printContent()
44 *
45 * SECTION: Various functions
46 * 292: function makeLoginForm()
47 * 337: function makeLogoutForm()
48 * 379: function wrapLoginForm($content)
49 * 438: function checkRedirect()
50 * 495: function makeInterfaceSelectorBox()
51 * 549: function makeCopyrightNotice()
52 * 582: function makeLoginBoxImage()
53 * 622: function makeLoginNews()
54 *
55 * TOTAL FUNCTIONS: 11
56 * (This index is automatically created/updated by the extension "extdeveval")
57 *
58 */
59
60
61 define('TYPO3_PROCEED_IF_NO_USER', 1);
62 require('init.php');
63 require('template.php');
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79 /**
80 * Script Class for rendering the login form
81 *
82 * @author Kasper Skårhøj <kasperYYYY@typo3.com>
83 * @package TYPO3
84 * @subpackage core
85 */
86 class SC_index {
87
88 // Internal, GPvars:
89 var $redirect_url; // GPvar: redirect_url; The URL to redirect to after login.
90 var $GPinterface; // GPvar: Defines which interface to load (from interface selector)
91 var $u; // GPvar: preset username
92 var $p; // GPvar: preset password
93 var $L; // GPvar: If "L" is "OUT", then any logged in used is logged out. If redirect_url is given, we redirect to it
94 var $loginRefresh; // Login-refresh boolean; The backend will call this script with this value set when the login is close to being expired and the form needs to be redrawn.
95 var $commandLI; // Value of forms submit button for login.
96
97 // Internal, static:
98 var $redirectToURL; // Set to the redirect URL of the form (may be redirect_url or "backend.php")
99
100 // Internal, dynamic:
101 var $content; // Content accumulation
102
103 var $interfaceSelector; // A selector box for selecting value for "interface" may be rendered into this variable
104 var $interfaceSelector_jump; // A selector box for selecting value for "interface" may be rendered into this variable - this will have an onchange action which will redirect the user to the selected interface right away
105 var $interfaceSelector_hidden; // A hidden field, if the interface is not set.
106 var $addFields_hidden = ''; // Additional hidden fields to be placed at the login form
107
108 // sets the level of security. *'normal' = clear-text. 'challenged' = hashed password/username from form in $formfield_uident. 'superchallenged' = hashed password hashed again with username.
109 var $loginSecurityLevel = 'superchallenged';
110
111
112
113
114 /**
115 * Initialize the login box. Will also react on a &L=OUT flag and exit.
116 *
117 * @return void
118 */
119 function init() {
120 // We need a PHP session session for most login levels
121 session_start();
122
123 $this->redirect_url = t3lib_div::sanitizeLocalUrl(t3lib_div::_GP('redirect_url'));
124 $this->GPinterface = t3lib_div::_GP('interface');
125
126 // Grabbing preset username and password, for security reasons this feature only works if SSL is used
127 if (t3lib_div::getIndpEnv('TYPO3_SSL')) {
128 $this->u = t3lib_div::_GP('u');
129 $this->p = t3lib_div::_GP('p');
130 }
131
132 // If "L" is "OUT", then any logged in is logged out. If redirect_url is given, we redirect to it
133 $this->L = t3lib_div::_GP('L');
134
135 // Login
136 $this->loginRefresh = t3lib_div::_GP('loginRefresh');
137
138 // Value of "Login" button. If set, the login button was pressed.
139 $this->commandLI = t3lib_div::_GP('commandLI');
140
141 // sets the level of security from conf vars
142 if ($GLOBALS['TYPO3_CONF_VARS']['BE']['loginSecurityLevel']) {
143 $this->loginSecurityLevel = $GLOBALS['TYPO3_CONF_VARS']['BE']['loginSecurityLevel'];
144 }
145
146 // try to get the preferred browser language
147 $preferredBrowserLanguage = $GLOBALS['LANG']->csConvObj->getPreferredClientLanguage(t3lib_div::getIndpEnv('HTTP_ACCEPT_LANGUAGE'));
148 // if we found a $preferredBrowserLanguage and it is not the default language and no be_user is logged in
149 // initialize $GLOBALS['LANG'] again with $preferredBrowserLanguage
150 if ($preferredBrowserLanguage != 'default' && !$GLOBALS['BE_USER']->user['uid']) {
151 $GLOBALS['LANG']->init($preferredBrowserLanguage);
152 }
153 $GLOBALS['LANG']->includeLLFile('EXT:lang/locallang_login.xml');
154
155 // check if labels from $GLOBALS['TYPO3_CONF_VARS']['BE']['loginLabels'] were changed,
156 // and merge them to $GLOBALS['LOCAL_LANG'] if needed
157 $this->mergeOldLoginLabels();
158
159 // Setting the redirect URL to "backend.php" if no alternative input is given
160 $this->redirectToURL = ($this->redirect_url ? $this->redirect_url : 'backend.php');
161
162
163 // Do a logout if the command is set
164 if ($this->L == 'OUT' && is_object($GLOBALS['BE_USER'])) {
165 $GLOBALS['BE_USER']->logoff();
166 if ($this->redirect_url) {
167 t3lib_utility_Http::redirect($this->redirect_url);
168 }
169 exit;
170 }
171 }
172
173
174 /**
175 * Main function - creating the login/logout form
176 *
177 * @return void
178 */
179 function main() {
180 // Initialize template object:
181 $GLOBALS['TBE_TEMPLATE']->bodyTagAdditions = ' onload="startUp();"';
182 $GLOBALS['TBE_TEMPLATE']->moduleTemplate = $GLOBALS['TBE_TEMPLATE']->getHtmlTemplate('templates/login.html');
183
184 $GLOBALS['TBE_TEMPLATE']->getPageRenderer()->loadExtJS();
185 $GLOBALS['TBE_TEMPLATE']->getPageRenderer()->loadPrototype();
186 $GLOBALS['TBE_TEMPLATE']->getPageRenderer()->loadScriptaculous();
187
188 // Set JavaScript for creating a MD5 hash of the password:
189 $GLOBALS['TBE_TEMPLATE']->JScode.= $this->getJScode();
190
191 // Checking, if we should make a redirect.
192 // Might set JavaScript in the header to close window.
193 $this->checkRedirect();
194
195 // Initialize interface selectors:
196 $this->makeInterfaceSelectorBox();
197
198 // Creating form based on whether there is a login or not:
199 if (!$GLOBALS['BE_USER']->user['uid']) {
200 $GLOBALS['TBE_TEMPLATE']->form = $this->startForm();
201 $loginForm = $this->makeLoginForm();
202 } else {
203 $GLOBALS['TBE_TEMPLATE']->form = '
204 <form action="index.php" method="post" name="loginform">
205 <input type="hidden" name="login_status" value="logout" />
206 ';
207 $loginForm = $this->makeLogoutForm();
208 }
209
210 // Starting page:
211 $this->content .= $GLOBALS['TBE_TEMPLATE']->startPage('TYPO3 Login: ' . htmlspecialchars($GLOBALS['TYPO3_CONF_VARS']['SYS']['sitename']), FALSE);
212
213 // Add login form:
214 $this->content.=$this->wrapLoginForm($loginForm);
215
216 $this->content.= $GLOBALS['TBE_TEMPLATE']->endPage();
217 }
218
219 /**
220 * Outputting the accumulated content to screen
221 *
222 * @return void
223 */
224 function printContent() {
225 echo $this->content;
226 }
227
228 /*****************************
229 *
230 * Various functions
231 *
232 ******************************/
233
234 /**
235 * Creates the login form
236 * This is drawn when NO login exists.
237 *
238 * @return string HTML output
239 */
240 function makeLoginForm() {
241 $content = t3lib_parsehtml::getSubpart($GLOBALS['TBE_TEMPLATE']->moduleTemplate, '###LOGIN_FORM###');
242 $markers = array(
243 'VALUE_USERNAME' => htmlspecialchars($this->u),
244 'VALUE_PASSWORD' => htmlspecialchars($this->p),
245 'VALUE_SUBMIT' => $GLOBALS['LANG']->getLL('labels.submitLogin', TRUE),
246 );
247
248 // show an error message if the login command was successful already, otherwise remove the subpart
249 if (!$this->commandLI) {
250 $content = t3lib_parsehtml::substituteSubpart($content, '###LOGIN_ERROR###', '');
251 } else {
252 $markers['ERROR_MESSAGE'] = $GLOBALS['LANG']->getLL('error.login', TRUE);
253 $markers['ERROR_LOGIN_TITLE'] = $GLOBALS['LANG']->getLL('error.login.title', TRUE);
254 $markers['ERROR_LOGIN_DESCRIPTION'] = $GLOBALS['LANG']->getLL('error.login.description', TRUE);
255 }
256
257
258 // remove the interface selector markers if it's not available
259 if (!($this->interfaceSelector && !$this->loginRefresh)) {
260 $content = t3lib_parsehtml::substituteSubpart($content, '###INTERFACE_SELECTOR###', '');
261 } else {
262 $markers['LABEL_INTERFACE'] = $GLOBALS['LANG']->getLL('labels.interface', TRUE);
263 $markers['VALUE_INTERFACE'] = $this->interfaceSelector;
264 }
265
266 return t3lib_parsehtml::substituteMarkerArray($content, $markers, '###|###');
267 }
268
269
270 /**
271 * Creates the logout form
272 * This is drawn if a user login already exists.
273 *
274 * @return string HTML output
275 */
276 function makeLogoutForm() {
277 $content = t3lib_parsehtml::getSubpart($GLOBALS['TBE_TEMPLATE']->moduleTemplate, '###LOGOUT_FORM###');
278 $markers = array(
279 'LABEL_USERNAME' => $GLOBALS['LANG']->getLL('labels.username', TRUE),
280 'VALUE_USERNAME' => htmlspecialchars($GLOBALS['BE_USER']->user['username']),
281 'VALUE_SUBMIT' => $GLOBALS['LANG']->getLL('labels.submitLogout', TRUE),
282 );
283
284 // remove the interface selector markers if it's not available
285 if (!$this->interfaceSelector_jump) {
286 $content = t3lib_parsehtml::substituteSubpart($content, '###INTERFACE_SELECTOR###', '');
287 } else {
288 $markers['LABEL_INTERFACE'] = $GLOBALS['LANG']->getLL('labels.interface', TRUE);
289 $markers['VALUE_INTERFACE'] = $this->interfaceSelector_jump;
290 }
291
292 return t3lib_parsehtml::substituteMarkerArray($content, $markers, '###|###');
293 }
294
295
296 /**
297 * Wrapping the login form table in another set of tables etc:
298 *
299 * @param string HTML content for the login form
300 * @return string The HTML for the page.
301 */
302 function wrapLoginForm($content) {
303 $mainContent = t3lib_parsehtml::getSubpart($GLOBALS['TBE_TEMPLATE']->moduleTemplate, '###PAGE###');
304
305 if ($GLOBALS['TBE_STYLES']['logo_login']) {
306 $logo = '<img src="'.htmlspecialchars($GLOBALS['BACK_PATH'] . $GLOBALS['TBE_STYLES']['logo_login']) . '" alt="" />';
307 } else {
308 $logo = '<img'.t3lib_iconWorks::skinImg($GLOBALS['BACK_PATH'],'gfx/typo3logo.gif','width="123" height="34"').' alt="" />';
309 }
310
311 $markers = array(
312 'LOGO' => $logo,
313 'LOGINBOX_IMAGE' => $this->makeLoginBoxImage(),
314 'FORM' => $content,
315 'NEWS' => $this->makeLoginNews(),
316 'COPYRIGHT' => $this->makeCopyrightNotice(),
317 'CSS_ERRORCLASS' => ($this->commandLI ? ' class="error"' : ''),
318 'CSS_OPENIDCLASS' => 't3-login-openid-' . (t3lib_extMgm::isLoaded('openid') ? 'enabled' : 'disabled'),
319
320 // the labels will be replaced later on, thus the other parts above
321 // can use these markers as well and it will be replaced
322 'HEADLINE' => $GLOBALS['LANG']->getLL('headline', TRUE),
323 'INFO_ABOUT' => $GLOBALS['LANG']->getLL('info.about', TRUE),
324 'INFO_RELOAD' => $GLOBALS['LANG']->getLL('info.reset', TRUE),
325 'INFO' => $GLOBALS['LANG']->getLL('info.cookies_and_js', TRUE),
326 'ERROR_JAVASCRIPT' => $GLOBALS['LANG']->getLL('error.javascript', TRUE),
327 'ERROR_COOKIES' => $GLOBALS['LANG']->getLL('error.cookies', TRUE),
328 'ERROR_COOKIES_IGNORE' => $GLOBALS['LANG']->getLL('error.cookies_ignore', TRUE),
329 'ERROR_CAPSLOCK' => $GLOBALS['LANG']->getLL('error.capslock', TRUE),
330 'ERROR_FURTHERHELP' => $GLOBALS['LANG']->getLL('error.furtherInformation', TRUE),
331 'LABEL_DONATELINK' => $GLOBALS['LANG']->getLL('labels.donate', TRUE),
332 'LABEL_USERNAME' => $GLOBALS['LANG']->getLL('labels.username', TRUE),
333 'LABEL_OPENID' => $GLOBALS['LANG']->getLL('labels.openId', TRUE),
334 'LABEL_PASSWORD' => $GLOBALS['LANG']->getLL('labels.password', TRUE),
335 'LABEL_WHATISOPENID' => $GLOBALS['LANG']->getLL('labels.whatIsOpenId', TRUE),
336 'LABEL_SWITCHOPENID' => $GLOBALS['LANG']->getLL('labels.switchToOpenId', TRUE),
337 'LABEL_SWITCHDEFAULT' => $GLOBALS['LANG']->getLL('labels.switchToDefault', TRUE),
338 'CLEAR' => $GLOBALS['LANG']->getLL('clear', TRUE),
339 'LOGIN_PROCESS' => $GLOBALS['LANG']->getLL('login_process', TRUE),
340 'SITELINK' => '<a href="/">###SITENAME###</a>',
341
342 // global variables will now be replaced (at last)
343 'SITENAME' => htmlspecialchars($GLOBALS['TYPO3_CONF_VARS']['SYS']['sitename'])
344 );
345 return t3lib_parsehtml::substituteMarkerArray($mainContent, $markers, '###|###');
346 }
347
348
349 /**
350 * Checking, if we should perform some sort of redirection OR closing of windows.
351 *
352 * @return void
353 */
354 function checkRedirect() {
355 // Do redirect:
356 // If a user is logged in AND a) if either the login is just done (commandLI) or b) a loginRefresh is done or c) the interface-selector is NOT enabled (If it is on the other hand, it should not just load an interface, because people has to choose then...)
357 if ($GLOBALS['BE_USER']->user['uid'] && ($this->commandLI || $this->loginRefresh || !$this->interfaceSelector)) {
358
359 // If no cookie has been set previously we tell people that this is a problem. This assumes that a cookie-setting script (like this one) has been hit at least once prior to this instance.
360 if (!$_COOKIE[t3lib_beUserAuth::getCookieName()]) {
361 if ($this->commandLI=='setCookie') {
362 // we tried it a second time but still no cookie
363 // 26/4 2005: This does not work anymore, because the saving of challenge values in $_SESSION means the system will act as if the password was wrong.
364 throw new RuntimeException('Login-error: Yeah, that\'s a classic. No cookies, no TYPO3.<br /><br />Please accept cookies from TYPO3 - otherwise you\'ll not be able to use the system.', 1294586846);
365 } else {
366 // try it once again - that might be needed for auto login
367 $this->redirectToURL = 'index.php?commandLI=setCookie';
368 }
369 }
370
371 if (($redirectToURL = (string)$GLOBALS['BE_USER']->getTSConfigVal('auth.BE.redirectToURL'))) {
372 $this->redirectToURL = $redirectToURL;
373 $this->GPinterface = '';
374 }
375
376 // store interface
377 $GLOBALS['BE_USER']->uc['interfaceSetup'] = $this->GPinterface;
378 $GLOBALS['BE_USER']->writeUC();
379
380 // Based on specific setting of interface we set the redirect script:
381 switch ($this->GPinterface) {
382 case 'backend':
383 case 'backend_old':
384 $this->redirectToURL = 'backend.php';
385 break;
386 case 'frontend':
387 $this->redirectToURL = '../';
388 break;
389 }
390
391 $formProtection = t3lib_formprotection_Factory::get();
392 // If there is a redirect URL AND if loginRefresh is not set...
393 if (!$this->loginRefresh) {
394 $formProtection->storeSessionTokenInRegistry();
395 t3lib_utility_Http::redirect($this->redirectToURL);
396 } else {
397 $formProtection->setSessionTokenFromRegistry();
398 $formProtection->persistSessionToken();
399 $GLOBALS['TBE_TEMPLATE']->JScode.=$GLOBALS['TBE_TEMPLATE']->wrapScriptTags('
400 if (parent.opener && (parent.opener.busy || parent.opener.TYPO3.loginRefresh)) {
401 if (parent.opener.TYPO3.loginRefresh) {
402 parent.opener.TYPO3.loginRefresh.startTimer();
403 } else {
404 parent.opener.busy.loginRefreshed();
405 }
406 parent.close();
407 }
408 ');
409 }
410 } elseif (!$GLOBALS['BE_USER']->user['uid'] && $this->commandLI) {
411 sleep(5); // Wrong password, wait for 5 seconds
412 }
413 }
414
415 /**
416 * Making interface selector:
417 *
418 * @return void
419 */
420 function makeInterfaceSelectorBox() {
421 // Reset variables:
422 $this->interfaceSelector = '';
423 $this->interfaceSelector_hidden='';
424 $this->interfaceSelector_jump = '';
425
426 // If interfaces are defined AND no input redirect URL in GET vars:
427 if ($GLOBALS['TYPO3_CONF_VARS']['BE']['interfaces'] && ($this->commandLI || !$this->redirect_url)) {
428 $parts = t3lib_div::trimExplode(',',$GLOBALS['TYPO3_CONF_VARS']['BE']['interfaces']);
429 if (count($parts)>1) { // Only if more than one interface is defined will we show the selector:
430
431 // Initialize:
432 $labels=array();
433
434 $labels['backend'] = $GLOBALS['LANG']->getLL('interface.backend');
435 $labels['backend_old'] = $GLOBALS['LANG']->getLL('interface.backend_old');
436 $labels['frontend'] = $GLOBALS['LANG']->getLL('interface.frontend');
437
438 $jumpScript=array();
439 $jumpScript['backend'] = 'backend.php';
440 $jumpScript['backend_old'] = 'backend.php';
441 $jumpScript['frontend'] = '../';
442
443 // Traverse the interface keys:
444 foreach($parts as $valueStr) {
445 $this->interfaceSelector.='
446 <option value="'.htmlspecialchars($valueStr).'"'.(t3lib_div::_GP('interface')==htmlspecialchars($valueStr) ? ' selected="selected"' : '').'>'.htmlspecialchars($labels[$valueStr]).'</option>';
447 $this->interfaceSelector_jump.='
448 <option value="'.htmlspecialchars($jumpScript[$valueStr]).'">'.htmlspecialchars($labels[$valueStr]).'</option>';
449 }
450 $this->interfaceSelector='
451 <select id="t3-interfaceselector" name="interface" class="c-interfaceselector" tabindex="3">'.$this->interfaceSelector.'
452 </select>';
453 $this->interfaceSelector_jump='
454 <select id="t3-interfaceselector" name="interface" class="c-interfaceselector" tabindex="3" onchange="window.location.href=this.options[this.selectedIndex].value;">'.$this->interfaceSelector_jump.'
455 </select>';
456
457 } elseif (!$this->redirect_url) {
458 // If there is only ONE interface value set and no redirect_url is present:
459 $this->interfaceSelector_hidden='<input type="hidden" name="interface" value="'.trim($GLOBALS['TYPO3_CONF_VARS']['BE']['interfaces']).'" />';
460 }
461 }
462 }
463
464 /**
465 * COPYRIGHT notice
466 *
467 * Warning:
468 * DO NOT prevent this notice from being shown in ANY WAY.
469 * According to the GPL license an interactive application must show such a notice on start-up ('If the program is interactive, make it output a short notice... ' - see GPL.txt)
470 * Therefore preventing this notice from being properly shown is a violation of the license, regardless of whether you remove it or use a stylesheet to obstruct the display.
471 *
472 * @return string Text/Image (HTML) for copyright notice.
473 */
474 function makeCopyrightNotice() {
475
476 // Get values from TYPO3_CONF_VARS:
477 $loginCopyrightWarrantyProvider = strip_tags(trim($GLOBALS['TYPO3_CONF_VARS']['SYS']['loginCopyrightWarrantyProvider']));
478 $loginCopyrightWarrantyURL = strip_tags(trim($GLOBALS['TYPO3_CONF_VARS']['SYS']['loginCopyrightWarrantyURL']));
479 $loginImageSmall = (trim($GLOBALS['TBE_STYLES']['loginBoxImageSmall'])) ? trim($GLOBALS['TBE_STYLES']['loginBoxImageSmall']) : 'gfx/loginlogo_transp.gif';
480
481 // Make warranty note:
482 if (strlen($loginCopyrightWarrantyProvider)>=2 && strlen($loginCopyrightWarrantyURL)>=10) {
483 $warrantyNote = sprintf($GLOBALS['LANG']->getLL('warranty.by'), htmlspecialchars($loginCopyrightWarrantyProvider), '<a href="' . htmlspecialchars($loginCopyrightWarrantyURL) . '" target="_blank">', '</a>');
484 } else {
485 $warrantyNote = sprintf($GLOBALS['LANG']->getLL('no.warranty'), '<a href="' . TYPO3_URL_LICENSE . '" target="_blank">', '</a>');
486 }
487
488 // Compile full copyright notice:
489 $copyrightNotice = '<a href="' . TYPO3_URL_GENERAL . '" target="_blank">'.
490 '<img src="' . $loginImageSmall . '" alt="' . $GLOBALS['LANG']->getLL('typo3.logo') . '" align="left" />' .
491 $GLOBALS['LANG']->getLL('typo3.cms') . ($GLOBALS['TYPO3_CONF_VARS']['SYS']['loginCopyrightShowVersion']?' ' . $GLOBALS['LANG']->getLL('version.short') . ' ' . htmlspecialchars($GLOBALS['TYPO_VERSION']):'') .
492 '</a>. ' .
493 $GLOBALS['LANG']->getLL('copyright') . ' &copy; ' . TYPO3_copyright_year . ' Kasper Sk&#229;rh&#248;j. ' . $GLOBALS['LANG']->getLL('extension.copyright') . ' ' .
494 sprintf($GLOBALS['LANG']->getLL('details.link'), '<a href="' . TYPO3_URL_GENERAL . '" target="_blank">' . TYPO3_URL_GENERAL . '</a>') . '<br /> ' .
495 $warrantyNote . ' ' .
496 sprintf($GLOBALS['LANG']->getLL('free.software'), '<a href="' . TYPO3_URL_LICENSE . '" target="_blank">', '</a> ') .
497 $GLOBALS['LANG']->getLL('keep.notice');
498
499 // Return notice:
500 return $copyrightNotice;
501 }
502
503 /**
504 * Returns the login box image, whether the default or an image from the rotation folder.
505 *
506 * @return string HTML image tag.
507 */
508 function makeLoginBoxImage() {
509 $loginboxImage = '';
510 if ($GLOBALS['TBE_STYLES']['loginBoxImage_rotationFolder']) { // Look for rotation image folder:
511 $absPath = t3lib_div::resolveBackPath(PATH_typo3.$GLOBALS['TBE_STYLES']['loginBoxImage_rotationFolder']);
512
513 // Get rotation folder:
514 $dir = t3lib_div::getFileAbsFileName($absPath);
515 if ($dir && @is_dir($dir)) {
516
517 // Get files for rotation into array:
518 $files = t3lib_div::getFilesInDir($dir,'png,jpg,gif');
519
520 // Pick random file:
521 $randImg = array_rand($files, 1);
522
523 // Get size of random file:
524 $imgSize = @getimagesize($dir.$files[$randImg]);
525
526 $imgAuthor = is_array($GLOBALS['TBE_STYLES']['loginBoxImage_author'])&&$GLOBALS['TBE_STYLES']['loginBoxImage_author'][$files[$randImg]] ? htmlspecialchars($GLOBALS['TBE_STYLES']['loginBoxImage_author'][$files[$randImg]]) : '';
527
528 // Create image tag:
529 if (is_array($imgSize)) {
530 $loginboxImage = '<img src="'.htmlspecialchars($GLOBALS['TBE_STYLES']['loginBoxImage_rotationFolder'].$files[$randImg]).'" '.$imgSize[3].' id="loginbox-image" alt="'.$imgAuthor.'" title="'.$imgAuthor.'" />';
531 }
532 }
533 } else { // If no rotation folder configured, print default image:
534
535 if (strstr(TYPO3_version,'-dev')) { // development version
536 $loginImage = 'loginbox_image_dev.png';
537 $imagecopy = 'You are running a development version of TYPO3 '.TYPO3_branch;
538 } else {
539 $loginImage = 'loginbox_image.jpg';
540 $imagecopy = 'Photo by J.C. Franca (www.digitalphoto.com.br)';
541 }
542 $loginboxImage = '<img'.t3lib_iconWorks::skinImg($GLOBALS['BACK_PATH'],'gfx/'.$loginImage,'width="200" height="133"').' id="loginbox-image" alt="'.$imagecopy.'" title="'.$imagecopy.'" />';
543 }
544
545 // Return image tag:
546 return $loginboxImage;
547 }
548
549 /**
550 * Make login news - renders the HTML content for a list of news shown under
551 * the login form. News data is added through $GLOBALS['TYPO3_CONF_VARS']
552 *
553 * @return string HTML content
554 * @credits Idea by Jan-Hendrik Heuing
555 * @deprecated $GLOBALS['TYPO3_CONF_VARS']['BE']['loginNews'] is deprecated since 4.5. Use system news records instead.
556 */
557 function makeLoginNews() {
558 $newsContent = '';
559
560 $systemNews = $this->getSystemNews();
561 if (count($GLOBALS['TYPO3_CONF_VARS']['BE']['loginNews'])) {
562 t3lib_div::logDeprecatedFunction();
563
564 $GLOBALS['TYPO3_CONF_VARS']['BE']['loginNews'] = array_merge(
565 $systemNews,
566 $GLOBALS['TYPO3_CONF_VARS']['BE']['loginNews']
567 );
568 } else {
569 $GLOBALS['TYPO3_CONF_VARS']['BE']['loginNews'] = $systemNews;
570 }
571
572 // Traverse news array IF there are records in it:
573 if (is_array($GLOBALS['TYPO3_CONF_VARS']['BE']['loginNews']) && count($GLOBALS['TYPO3_CONF_VARS']['BE']['loginNews']) && !t3lib_div::_GP('loginRefresh')) {
574 $htmlParser = t3lib_div::makeInstance('t3lib_parsehtml_proc');
575 // get the main news template, and replace the subpart after looped through
576 $newsContent = t3lib_parsehtml::getSubpart($GLOBALS['TBE_TEMPLATE']->moduleTemplate, '###LOGIN_NEWS###');
577 $newsItemTemplate = t3lib_parsehtml::getSubpart($newsContent, '###NEWS_ITEM###');
578
579 $newsItem = '';
580 $count = 1;
581 foreach ($GLOBALS['TYPO3_CONF_VARS']['BE']['loginNews'] as $newsItemData) {
582 $additionalClass = '';
583 if ($count == 1) {
584 $additionalClass = ' first-item';
585 } elseif($count == count($GLOBALS['TYPO3_CONF_VARS']['BE']['loginNews'])) {
586 $additionalClass = ' last-item';
587 }
588
589 $newsItemContent = $htmlParser->TS_transform_rte($htmlParser->TS_links_rte($newsItemData['content']));
590 $newsItemMarker = array(
591 '###HEADER###' => htmlspecialchars($newsItemData['header']),
592 '###DATE###' => htmlspecialchars($newsItemData['date']),
593 '###CONTENT###' => $newsItemContent,
594 '###CLASS###' => $additionalClass
595 );
596
597 $count++;
598 $newsItem .= t3lib_parsehtml::substituteMarkerArray($newsItemTemplate, $newsItemMarker);
599 }
600
601 $title = ($GLOBALS['TYPO3_CONF_VARS']['BE']['loginNewsTitle'] ? $GLOBALS['TYPO3_CONF_VARS']['BE']['loginNewsTitle'] : $GLOBALS['LANG']->getLL('newsheadline'));
602
603 $newsContent = t3lib_parsehtml::substituteMarker($newsContent, '###NEWS_HEADLINE###', htmlspecialchars($title));
604 $newsContent = t3lib_parsehtml::substituteSubpart($newsContent, '###NEWS_ITEM###', $newsItem);
605 }
606
607 return $newsContent;
608 }
609
610 /**
611 * Gets news from sys_news and converts them into a format suitable for
612 * showing them at the login screen.
613 *
614 * @return array An array of login news.
615 */
616 protected function getSystemNews() {
617 $systemNewsTable = 'sys_news';
618 $systemNews = array();
619
620 $systemNewsRecords = $GLOBALS['TYPO3_DB']->exec_SELECTgetRows(
621 'title, content, crdate',
622 $systemNewsTable,
623 '1=1' .
624 t3lib_BEfunc::BEenableFields($systemNewsTable) .
625 t3lib_BEfunc::deleteClause($systemNewsTable),
626 '',
627 'crdate DESC'
628 );
629
630 foreach ($systemNewsRecords as $systemNewsRecord) {
631 $systemNews[] = array(
632 'date' => date(
633 $GLOBALS['TYPO3_CONF_VARS']['SYS']['ddmmyy'],
634 $systemNewsRecord['crdate']
635 ),
636 'header' => $systemNewsRecord['title'],
637 'content' => $systemNewsRecord['content']
638 );
639 }
640
641 return $systemNews;
642 }
643
644 /**
645 * Returns the form tag
646 *
647 * @return string Opening form tag string
648 */
649 function startForm() {
650 $output = '';
651
652 // The form defaults to 'no login'. This prevents plain
653 // text logins to the Backend. The 'sv' extension changes the form to
654 // use superchallenged method and rsaauth extension makes rsa authetication.
655 $form = '<form action="index.php" method="post" name="loginform" ' .
656 'onsubmit="alert(\'No authentication methods available. Please, ' .
657 'contact your TYPO3 administrator.\');return false">';
658
659 // Call hooks. If they do not return anything, we fail to login
660 if (is_array($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['typo3/index.php']['loginFormHook'])) {
661 foreach ($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['typo3/index.php']['loginFormHook'] as $function) {
662 $params = array();
663 $formCode = t3lib_div::callUserFunction($function, $params, $this);
664 if ($formCode) {
665 $form = $formCode;
666 break;
667 }
668 }
669 }
670
671 $output .= $form .
672 '<input type="hidden" name="login_status" value="login" />' .
673 '<input type="hidden" name="userident" value="" />' .
674 '<input type="hidden" name="redirect_url" value="'.htmlspecialchars($this->redirectToURL).'" />' .
675 '<input type="hidden" name="loginRefresh" value="'.htmlspecialchars($this->loginRefresh).'" />' .
676 $this->interfaceSelector_hidden . $this->addFields_hidden;
677
678 return $output;
679 }
680
681 /**
682 * Creates JavaScript for the login form
683 *
684 * @return string JavaScript code
685 */
686 function getJScode() {
687 $JSCode = '';
688 if (is_array($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['typo3/index.php']['loginScriptHook'])) {
689 foreach ($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['typo3/index.php']['loginScriptHook'] as $function) {
690 $params = array();
691 $JSCode = t3lib_div::callUserFunction($function, $params, $this);
692 if ($JSCode) {
693 break;
694 }
695 }
696 }
697 $JSCode .= $GLOBALS['TBE_TEMPLATE']->wrapScriptTags('
698 function startUp() {
699 // If the login screen is shown in the login_frameset window for re-login, then try to get the username of the current/former login from opening windows main frame:
700 try {
701 if (parent.opener && parent.opener.TS && parent.opener.TS.username && document.loginform && document.loginform.username) {
702 document.loginform.username.value = parent.opener.TS.username;
703 }
704 }
705 catch(error) {
706 //continue
707 }
708
709 // Wait a few millisecons before calling checkFocus(). This might be necessary because some browsers need some time to auto-fill in the form fields
710 window.setTimeout("checkFocus()", 50);
711 }
712
713 // This moves focus to the right input field:
714 function checkFocus() {
715 // If for some reason there already is a username in the username form field, move focus to the password field:
716 if (document.loginform.username && document.loginform.username.value == "") {
717 document.loginform.username.focus();
718 } else if (document.loginform.p_field && document.loginform.p_field.type!="hidden") {
719 document.loginform.p_field.focus();
720 }
721 }
722
723 // This function shows a warning, if user has capslock enabled
724 // parameter showWarning: shows warning if TRUE and capslock active, otherwise only hides warning, if capslock gets inactive
725 function checkCapslock(e, showWarning) {
726 if (!isCapslock(e)) {
727 document.getElementById(\'t3-capslock\').style.display = \'none\';
728 } else if (showWarning) {
729 document.getElementById(\'t3-capslock\').style.display = \'block\';
730 }
731 }
732
733 // Checks weather capslock is enabled (returns TRUE if enabled, false otherwise)
734 // thanks to http://24ways.org/2007/capturing-caps-lock
735
736 function isCapslock(e) {
737 var ev = e ? e : window.event;
738 if (!ev) {
739 return;
740 }
741 var targ = ev.target ? ev.target : ev.srcElement;
742 // get key pressed
743 var which = -1;
744 if (ev.which) {
745 which = ev.which;
746 } else if (ev.keyCode) {
747 which = ev.keyCode;
748 }
749 // get shift status
750 var shift_status = false;
751 if (ev.shiftKey) {
752 shift_status = ev.shiftKey;
753 } else if (ev.modifiers) {
754 shift_status = !!(ev.modifiers & 4);
755 }
756 return (((which >= 65 && which <= 90) && !shift_status) ||
757 ((which >= 97 && which <= 122) && shift_status));
758 }
759
760 // prevent opening the login form in the backend frameset
761 if (top.location.href != self.location.href) {
762 top.location.href = self.location.href;
763 }
764
765 ');
766
767 return $JSCode;
768 }
769
770
771 /**
772 * Checks if labels from $GLOBALS['TYPO3_CONF_VARS']['BE']['loginLabels'] were changed, and merge them to $GLOBALS['LOCAL_LANG'] if needed
773 *
774 * This method keeps backwards compatibility, if you modified your
775 * labels with the install tool, we recommend to transfer this labels to a locallang.xml file
776 * using the llxml extension
777 *
778 * @return void
779 */
780 protected function mergeOldLoginLabels() {
781 // Getting login labels
782 $oldLoginLabels = trim($GLOBALS['TYPO3_CONF_VARS']['BE']['loginLabels']);
783 if ($oldLoginLabels != '') {
784 // md5 hash of the default loginLabels string
785 $defaultOldLoginLabelsHash = 'bcf0d32e58c6454ea50c6c956f1f18f0';
786 // compare loginLabels from TYPO3_CONF_VARS to default value
787 if (md5($oldLoginLabels) != $defaultOldLoginLabelsHash) {
788 $lang = $GLOBALS['LANG']->lang;
789 $oldLoginLabelArray = explode('|',$oldLoginLabels);
790 $overrideLabelKeys = array(
791 'labels.username' => $oldLoginLabelArray[0],
792 'labels.password' => $oldLoginLabelArray[1],
793 'labels.interface' => $oldLoginLabelArray[2],
794 'labels.submitLogin' => $oldLoginLabelArray[3],
795 'labels.submitLogout' => $oldLoginLabelArray[4],
796 'availableInterfaces' => $oldLoginLabelArray[5],
797 'headline' => $oldLoginLabelArray[6],
798 'info.jscookies' => $oldLoginLabelArray[7],
799 'newsheadline' => $oldLoginLabelArray[8],
800 'error.login' => $oldLoginLabelArray[9],
801 );
802 if (!is_array($GLOBALS['LOCAL_LANG'][$lang])) {
803 $GLOBALS['LOCAL_LANG'][$lang] = array();
804 }
805 // now override the labels from the LOCAL_LANG with the TYPO3_CONF_VARS
806 foreach ($overrideLabelKeys as $labelKey => $label) {
807 $GLOBALS['LANG']->overrideLL($labelKey, $label);
808 }
809 }
810 }
811 }
812 }
813
814
815 if (defined('TYPO3_MODE') && isset($GLOBALS['TYPO3_CONF_VARS'][TYPO3_MODE]['XCLASS']['typo3/index.php'])) {
816 include_once($GLOBALS['TYPO3_CONF_VARS'][TYPO3_MODE]['XCLASS']['typo3/index.php']);
817 }
818
819
820
821 // Make instance:
822 $SOBE = t3lib_div::makeInstance('SC_index');
823 $SOBE->init();
824 $SOBE->main();
825 $SOBE->printContent();
826
827 ?>