e3b70fc841fc772f3454a1c77c8ae6d35cef1442
2 /***************************************************************
5 * (c) 2007-2011 Steffen Kamper <info@sk-typo3.de>
6 * Based on Newloginbox (c) 2002-2004 Kasper Skårhøj <kasper@typo3.com>
10 * This script is part of the TYPO3 project. The TYPO3 project is
11 * free software; you can redistribute it and/or modify
12 * it under the terms of the GNU General Public License as published by
13 * the Free Software Foundation; either version 2 of the License, or
14 * (at your option) any later version.
16 * The GNU General Public License can be found at
17 * http://www.gnu.org/copyleft/gpl.html.
19 * This script is distributed in the hope that it will be useful,
20 * but WITHOUT ANY WARRANTY; without even the implied warranty of
21 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
22 * GNU General Public License for more details.
24 * This copyright notice MUST APPEAR in all copies of the script!
26 * The code was adapted from newloginbox, see manual for detailed description
27 ***************************************************************/
29 * Plugin 'Website User Login' for the 'felogin' extension.
31 * @author Steffen Kamper <info@sk-typo3.de>
33 * @subpackage tx_felogin
35 class tx_felogin_pi1
extends tslib_pibase
{
36 var $prefixId = 'tx_felogin_pi1'; // Same as class name
37 var $scriptRelPath = 'pi1/class.tx_felogin_pi1.php'; // Path to this script relative to the extension dir.
38 var $extKey = 'felogin'; // The extension key.
39 public $pi_checkCHash = FALSE;
40 public $pi_USER_INT_obj = TRUE;
42 protected $userIsLoggedIn; // Is user logged in?
43 protected $template; // holds the template for FE rendering
44 protected $uploadDir; // upload dir, used for flexform template files
45 protected $redirectUrl; // URL for the redirect
46 protected $noRedirect = FALSE; // flag for disable the redirect
47 protected $logintype; // logintype (given as GPvar), possible: login, logout
50 * The main method of the plugin
52 * @param string $content: The PlugIn content
53 * @param array $conf: The PlugIn configuration
55 * @return string The content that is displayed on the website
57 public function main($content,$conf) {
59 // Loading TypoScript array into object variable:
61 $this->uploadDir
= 'uploads/tx_felogin/';
63 // Loading default pivars
64 $this->pi_setPiVarDefaults();
66 // Loading language-labels
69 // Init FlexForm configuration for plugin:
70 $this->pi_initPIflexForm();
71 $this->mergeflexFormValuesIntoConf();
75 if ($this->conf
['storagePid']) {
76 if (intval($this->conf
['recursive'])) {
77 $this->spid
= $this->pi_getPidList($this->conf
['storagePid'], intval($this->conf
['recursive']));
79 $this->spid
= $this->conf
['storagePid'];
82 $pids = $GLOBALS['TSFE']->getStorageSiterootPids();
83 $this->spid
= $pids['_STORAGE_PID'];
87 $this->logintype
= t3lib_div
::_GP('logintype');
88 $this->referer
= $this->validateRedirectUrl(t3lib_div
::_GP('referer'));
89 $this->noRedirect
= ($this->piVars
['noredirect'] ||
$this->conf
['redirectDisable']);
91 // if config.typolinkLinkAccessRestrictedPages is set, the var is return_url
92 $returnUrl = t3lib_div
::_GP('return_url');
94 $this->redirectUrl
= $returnUrl;
96 $this->redirectUrl
= t3lib_div
::_GP('redirect_url');
98 $this->redirectUrl
= $this->validateRedirectUrl($this->redirectUrl
);
101 $templateFile = $this->conf
['templateFile'] ?
$this->conf
['templateFile'] : 'EXT:felogin/template.html';
102 $this->template
= $this->cObj
->fileResource($templateFile);
104 // Is user logged in?
105 $this->userIsLoggedIn
= $GLOBALS['TSFE']->loginUser
;
108 if ($this->conf
['redirectMode'] && !$this->conf
['redirectDisable'] && !$this->noRedirect
) {
109 $redirectUrl = $this->processRedirect();
110 if (count($redirectUrl)) {
111 $this->redirectUrl
= $this->conf
['redirectFirstMethod'] ?
array_shift($redirectUrl) : array_pop($redirectUrl);
113 $this->redirectUrl
= '';
119 if ($this->piVars
['forgot']) {
120 $content .= $this->showForgot();
121 } elseif ($this->piVars
['forgothash']) {
122 $content .= $this->changePassword();
124 if($this->userIsLoggedIn
&& !$this->logintype
) {
125 $content .= $this->showLogout();
127 $content .= $this->showLogin();
131 // Process the redirect
132 if (($this->logintype
=== 'login' ||
$this->logintype
=== 'logout') && $this->redirectUrl
&& !$this->noRedirect
) {
133 if (!$GLOBALS['TSFE']->fe_user
->cookieId
) {
134 $content .= $this->cObj
->stdWrap($this->pi_getLL('cookie_warning', '', 1), $this->conf
['cookieWarning_stdWrap.']);
136 t3lib_utility_Http
::redirect($this->redirectUrl
);
140 // Adds hook for processing of extra item markers / special
141 if (isset($GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['felogin']['postProcContent']) && is_array($GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['felogin']['postProcContent'])) {
143 'content' => $content
145 foreach ($GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['felogin']['postProcContent'] as $_funcRef) {
146 $content = t3lib_div
::callUserFunction($_funcRef, $_params, $this);
150 return $this->conf
['wrapContentInBaseClass'] ?
$this->pi_wrapInBaseClass($content) : $content;
155 * Shows the forgot password form
157 * @return string content
159 protected function showForgot() {
160 $subpart = $this->cObj
->getSubpart($this->template
, '###TEMPLATE_FORGOT###');
161 $subpartArray = $linkpartArray = array();
162 $postData = t3lib_div
::_POST($this->prefixId
);
164 if ($postData['forgot_email']) {
166 // get hashes for compare
167 $postedHash = $postData['forgot_hash'];
168 $hashData = $GLOBALS['TSFE']->fe_user
->getKey('ses', 'forgot_hash');
171 if ($postedHash === $hashData['forgot_hash']) {
174 // look for user record
175 $data = $GLOBALS['TYPO3_DB']->fullQuoteStr($this->piVars
['forgot_email'], 'fe_users');
176 $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery(
177 'uid, username, password, email',
179 '(email=' . $data .' OR username=' . $data . ') AND pid IN ('.$GLOBALS['TYPO3_DB']->cleanIntList($this->spid
).') '.$this->cObj
->enableFields('fe_users')
182 if ($GLOBALS['TYPO3_DB']->sql_num_rows($res)) {
183 $row = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res);
187 // generate an email with the hashed link
188 $error = $this->generateAndSendHash($row);
192 $markerArray['###STATUS_MESSAGE###'] = $this->cObj
->stdWrap($error, $this->conf
['forgotMessage_stdWrap.']);
194 $markerArray['###STATUS_MESSAGE###'] = $this->cObj
->stdWrap($this->pi_getLL('ll_forgot_reset_message_emailSent', '', 1), $this->conf
['forgotMessage_stdWrap.']);
196 $subpartArray['###FORGOT_FORM###'] = '';
201 $markerArray['###STATUS_MESSAGE###'] = $this->getDisplayText('forgot_reset_message', $this->conf
['forgotMessage_stdWrap.']);
202 $markerArray['###BACKLINK_LOGIN###'] = '';
205 $markerArray['###STATUS_MESSAGE###'] = $this->getDisplayText('forgot_reset_message', $this->conf
['forgotMessage_stdWrap.']);
206 $markerArray['###BACKLINK_LOGIN###'] = '';
209 $markerArray['###BACKLINK_LOGIN###'] = $this->getPageLink($this->pi_getLL('ll_forgot_header_backToLogin', '', 1), array());
210 $markerArray['###STATUS_HEADER###'] = $this->getDisplayText('forgot_header', $this->conf
['forgotHeader_stdWrap.']);
212 $markerArray['###LEGEND###'] = $this->pi_getLL('reset_password', '', 1);
213 $markerArray['###ACTION_URI###'] = $this->getPageLink('', array($this->prefixId
. '[forgot]'=>1), TRUE);
214 $markerArray['###EMAIL_LABEL###'] = $this->pi_getLL('your_email', '', 1);
215 $markerArray['###FORGOT_PASSWORD_ENTEREMAIL###'] = $this->pi_getLL('forgot_password_enterEmail', '', 1);
216 $markerArray['###FORGOT_EMAIL###'] = $this->prefixId
.'[forgot_email]';
217 $markerArray['###SEND_PASSWORD###'] = $this->pi_getLL('reset_password', '', 1);
219 $markerArray['###DATA_LABEL###'] = $this->pi_getLL('ll_enter_your_data', '', 1);
223 $markerArray = array_merge($markerArray, $this->getUserFieldMarkers());
226 $hash = md5($this->generatePassword(3));
227 $markerArray['###FORGOTHASH###'] = $hash;
228 // set hash in feuser session
229 $GLOBALS['TSFE']->fe_user
->setKey('ses', 'forgot_hash', array('forgot_hash' => $hash));
232 return $this->cObj
->substituteMarkerArrayCached($subpart, $markerArray, $subpartArray, $linkpartArray);
236 * This function checks the hash from link and checks the validity. If it's valid it shows the form for
237 * changing the password and process the change of password after submit, if not valid it returns the error message
239 * @return string The content.
241 protected function changePassword() {
243 $subpartArray = $linkpartArray = array();
246 $minLength = intval($this->conf
['newPasswordMinLength']) ?
intval($this->conf
['newPasswordMinLength']) : 6;
248 $subpart = $this->cObj
->getSubpart($this->template
, '###TEMPLATE_CHANGEPASSWORD###');
250 $markerArray['###STATUS_HEADER###'] = $this->getDisplayText('change_password_header', $this->conf
['changePasswordHeader_stdWrap.']);
251 $markerArray['###STATUS_MESSAGE###'] = sprintf($this->getDisplayText('change_password_message', $this->conf
['changePasswordMessage_stdWrap.']), $minLength);
253 $markerArray['###BACKLINK_LOGIN###'] = '';
254 $uid = $this->piVars
['user'];
255 $piHash = $this->piVars
['forgothash'];
257 $hash = explode('|', $piHash);
258 if (intval($uid) == 0) {
259 $markerArray['###STATUS_MESSAGE###'] = $this->getDisplayText('change_password_notvalid_message', $this->conf
['changePasswordMessage_stdWrap.']);
260 $subpartArray['###CHANGEPASSWORD_FORM###'] = '';
262 $user = $this->pi_getRecord('fe_users', intval($uid));
263 $userHash = $user['felogin_forgotHash'];
264 $compareHash = explode('|', $userHash);
266 if (!$compareHash ||
!$compareHash[1] ||
$compareHash[0] < time() ||
$hash[0] != $compareHash[0] ||
md5($hash[1]) != $compareHash[1]) {
267 $markerArray['###STATUS_MESSAGE###'] = $this->getDisplayText('change_password_notvalid_message',$this->conf
['changePasswordMessage_stdWrap.']);
268 $subpartArray['###CHANGEPASSWORD_FORM###'] = '';
270 // all is fine, continue with new password
271 $postData = t3lib_div
::_POST($this->prefixId
);
273 if (isset($postData['changepasswordsubmit'])) {
274 if (strlen($postData['password1']) < $minLength) {
275 $markerArray['###STATUS_MESSAGE###'] = sprintf($this->getDisplayText('change_password_tooshort_message', $this->conf
['changePasswordMessage_stdWrap.']), $minLength);
276 } elseif ($postData['password1'] != $postData['password2']) {
277 $markerArray['###STATUS_MESSAGE###'] = sprintf($this->getDisplayText('change_password_notequal_message', $this->conf
['changePasswordMessage_stdWrap.']), $minLength);
279 $newPass = $postData['password1'];
281 if ($GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['felogin']['password_changed']) {
284 'newPassword' => $newPass,
286 foreach($GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['felogin']['password_changed'] as $_funcRef) {
288 t3lib_div
::callUserFunction($_funcRef, $_params, $this);
291 $newPass = $_params['newPassword'];
294 // save new password and clear DB-hash
295 $res = $GLOBALS['TYPO3_DB']->exec_UPDATEquery(
297 'uid=' . $user['uid'],
298 array('password' => $newPass, 'felogin_forgotHash' => '')
300 $markerArray['###STATUS_MESSAGE###'] = $this->getDisplayText('change_password_done_message', $this->conf
['changePasswordMessage_stdWrap.']);
302 $subpartArray['###CHANGEPASSWORD_FORM###'] = '';
303 $markerArray['###BACKLINK_LOGIN###'] = $this->getPageLink($this->pi_getLL('ll_forgot_header_backToLogin', '', 1), array());
308 // Change password form
309 $markerArray['###ACTION_URI###'] = $this->pi_getPageLink($GLOBALS['TSFE']->id
, '', array(
310 $this->prefixId
. '[user]' => $user['uid'],
311 $this->prefixId
. '[forgothash]' => $piHash
313 $markerArray['###LEGEND###'] = $this->pi_getLL('change_password', '', 1);
314 $markerArray['###NEWPASSWORD1_LABEL###'] = $this->pi_getLL('newpassword_label1', '', 1);
315 $markerArray['###NEWPASSWORD2_LABEL###'] = $this->pi_getLL('newpassword_label2', '', 1);
316 $markerArray['###NEWPASSWORD1###'] = $this->prefixId
. '[password1]';
317 $markerArray['###NEWPASSWORD2###'] = $this->prefixId
. '[password2]';
318 $markerArray['###STORAGE_PID###'] = $this->spid
;
319 $markerArray['###SEND_PASSWORD###'] = $this->pi_getLL('change_password', '', 1);
320 $markerArray['###FORGOTHASH###'] = $piHash;
325 return $this->cObj
->substituteMarkerArrayCached($subpart, $markerArray, $subpartArray, $linkpartArray);
329 * generates a hashed link and send it with email
331 * @param array $user contains user data
332 * @return string Empty string with success, error message with no success
334 protected function generateAndSendHash($user) {
335 $hours = intval($this->conf
['forgotLinkHashValidTime']) > 0 ?
intval($this->conf
['forgotLinkHashValidTime']) : 24;
336 $validEnd = time() +
3600 * $hours;
337 $validEndString = date($this->conf
['dateFormat'], $validEnd);
339 $hash = md5(t3lib_div
::generateRandomBytes(64));
340 $randHash = $validEnd . '|' . $hash;
341 $randHashDB = $validEnd . '|' . md5($hash);
344 $res = $GLOBALS['TYPO3_DB']->exec_UPDATEquery('fe_users', 'uid=' . $user['uid'], array('felogin_forgotHash' => $randHashDB));
346 // send hashlink to user
347 $this->conf
['linkPrefix'] = -1;
348 $isAbsRelPrefix = !empty($GLOBALS['TSFE']->absRefPrefix
);
349 $isBaseURL = !empty($GLOBALS['TSFE']->baseUrl
);
350 $isFeloginBaseURL = !empty($this->conf
['feloginBaseURL']);
352 if ($isFeloginBaseURL) {
354 $this->conf
['linkPrefix'] = $this->conf
['feloginBaseURL'];
358 $this->conf
['linkPrefix'] = $GLOBALS['TSFE']->baseUrl
;
362 if ($this->conf
['linkPrefix'] == -1 && !$isAbsRelPrefix) {
363 // no preix is set, return the error
364 return $this->pi_getLL('ll_change_password_nolinkprefix_message');
367 $link = ($isAbsRelPrefix ?
'' : $this->conf
['linkPrefix']) . $this->pi_getPageLink($GLOBALS['TSFE']->id
, '', array(
368 $this->prefixId
. '[user]' => $user['uid'],
369 $this->prefixId
. '[forgothash]' => $randHash
372 $msg = sprintf($this->pi_getLL('ll_forgot_validate_reset_password', '', 0), $user['username'], $link, $validEndString);
374 // no RDCT - Links for security reasons
375 $oldSetting = $GLOBALS['TSFE']->config
['config']['notification_email_urlmode'];
376 $GLOBALS['TSFE']->config
['config']['notification_email_urlmode'] = 0;
378 $this->cObj
->sendNotifyEmail($msg, $user['email'], '', $this->conf
['email_from'], $this->conf
['email_fromName'], $this->conf
['replyTo']);
380 $GLOBALS['TSFE']->config
['config']['notification_email_urlmode'] = $oldSetting;
388 * @return string The content.
390 protected function showLogout() {
391 $subpart = $this->cObj
->getSubpart($this->template
, '###TEMPLATE_LOGOUT###');
392 $subpartArray = $linkpartArray = array();
394 $markerArray['###STATUS_HEADER###'] = $this->getDisplayText('status_header',$this->conf
['logoutHeader_stdWrap.']);
395 $markerArray['###STATUS_MESSAGE###'] = $this->getDisplayText('status_message', $this->conf
['logoutMessage_stdWrap.']);
396 $this->cObj
->stdWrap($this->flexFormValue('message', 's_status'), $this->conf
['logoutMessage_stdWrap.']);
398 $markerArray['###LEGEND###'] = $this->pi_getLL('logout', '', 1);
399 $markerArray['###ACTION_URI###'] = $this->getPageLink('',array(),TRUE);
400 $markerArray['###LOGOUT_LABEL###'] = $this->pi_getLL('logout', '', 1);
401 $markerArray['###NAME###'] = htmlspecialchars($GLOBALS['TSFE']->fe_user
->user
['name']);
402 $markerArray['###STORAGE_PID###'] = $this->spid
;
403 $markerArray['###USERNAME###'] = htmlspecialchars($GLOBALS['TSFE']->fe_user
->user
['username']);
404 $markerArray['###USERNAME_LABEL###'] = $this->pi_getLL('username', '', 1);
405 $markerArray['###NOREDIRECT###'] = $this->noRedirect ?
'1' : '0';
406 $markerArray['###PREFIXID###'] = $this->prefixId
;
407 $markerArray = array_merge($markerArray, $this->getUserFieldMarkers());
409 if ($this->redirectUrl
) {
410 // use redirectUrl for action tag because of possible access restricted pages
411 $markerArray['###ACTION_URI###'] = htmlspecialchars($this->redirectUrl
);
412 $this->redirectUrl
= '';
414 return $this->cObj
->substituteMarkerArrayCached($subpart, $markerArray, $subpartArray, $linkpartArray);
420 * @return string content
422 protected function showLogin() {
423 $subpart = $this->cObj
->getSubpart($this->template
, '###TEMPLATE_LOGIN###');
424 $subpartArray = $linkpartArray = $markerArray = array();
428 $markerArray['###LEGEND###'] = $this->pi_getLL('oLabel_header_welcome', '', 1);
430 if($this->logintype
=== 'login') {
431 if($this->userIsLoggedIn
) {
433 $markerArray['###STATUS_HEADER###'] = $this->getDisplayText('success_header',$this->conf
['successHeader_stdWrap.']);
434 $markerArray['###STATUS_MESSAGE###'] = $this->getDisplayText('success_message', $this->conf
['successMessage_stdWrap.']);
435 $markerArray = array_merge($markerArray, $this->getUserFieldMarkers());
436 $subpartArray['###LOGIN_FORM###'] = '';
438 // Hook for general actions after after login has been confirmed (by Thomas Danzl <thomas@danzl.org>)
439 if ($GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['felogin']['login_confirmed']) {
441 foreach($GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['felogin']['login_confirmed'] as $_funcRef) {
443 t3lib_div
::callUserFunction($_funcRef, $_params, $this);
447 // show logout form directly
448 if ($this->conf
['showLogoutFormAfterLogin']) {
449 $this->redirectUrl
= '';
450 return $this->showLogout();
454 $markerArray['###STATUS_HEADER###'] = $this->getDisplayText('error_header',$this->conf
['errorHeader_stdWrap.']);
455 $markerArray['###STATUS_MESSAGE###'] = $this->getDisplayText('error_message',$this->conf
['errorMessage_stdWrap.']);
456 $gpRedirectUrl = t3lib_div
::_GP('redirect_url');
459 if($this->logintype
=== 'logout') {
460 // login form after logout
461 $markerArray['###STATUS_HEADER###'] = $this->getDisplayText('logout_header', $this->conf
['logoutHeader_stdWrap.']);
462 $markerArray['###STATUS_MESSAGE###'] = $this->getDisplayText('logout_message', $this->conf
['logoutMessage_stdWrap.']);
465 $markerArray['###STATUS_HEADER###'] = $this->getDisplayText('welcome_header',$this->conf
['welcomeHeader_stdWrap.']);
466 $markerArray['###STATUS_MESSAGE###'] = $this->getDisplayText('welcome_message',$this->conf
['welcomeMessage_stdWrap.']);
471 // Hook (used by kb_md5fepw extension by Kraft Bernhard <kraftb@gmx.net>)
472 // This hook allows to call User JS functions.
473 // The methods should also set the required JS functions to get included
476 $onSubmitAr = array();
477 $extraHiddenAr = array();
479 // check for referer redirect method. if present, save referer in form field
480 if (t3lib_div
::inList($this->conf
['redirectMode'], 'referer') || t3lib_div
::inList($this->conf
['redirectMode'], 'refererDomains')) {
481 $referer = $this->referer ?
$this->referer
: t3lib_div
::getIndpEnv('HTTP_REFERER');
483 $extraHiddenAr[] = '<input type="hidden" name="referer" value="' . htmlspecialchars($referer) . '" />';
487 if (is_array($GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['felogin']['loginFormOnSubmitFuncs'])) {
489 foreach($GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['felogin']['loginFormOnSubmitFuncs'] as $funcRef) {
490 list($onSub, $hid) = t3lib_div
::callUserFunction($funcRef, $_params, $this);
491 $onSubmitAr[] = $onSub;
492 $extraHiddenAr[] = $hid;
495 if (count($onSubmitAr)) {
496 $onSubmit = implode('; ', $onSubmitAr).'; return true;';
498 if (count($extraHiddenAr)) {
499 $extraHidden = implode(LF
, $extraHiddenAr);
502 if (!$gpRedirectUrl && $this->redirectUrl
) {
503 $gpRedirectUrl = $this->redirectUrl
;
507 $markerArray['###ACTION_URI###'] = $this->getPageLink('',array(),TRUE);
508 $markerArray['###EXTRA_HIDDEN###'] = $extraHidden; // used by kb_md5fepw extension...
509 $markerArray['###LEGEND###'] = $this->pi_getLL('login', '', 1);
510 $markerArray['###LOGIN_LABEL###'] = $this->pi_getLL('login', '', 1);
511 $markerArray['###ON_SUBMIT###'] = $onSubmit; // used by kb_md5fepw extension...
512 $markerArray['###PASSWORD_LABEL###'] = $this->pi_getLL('password', '', 1);
513 $markerArray['###STORAGE_PID###'] = $this->spid
;
514 $markerArray['###USERNAME_LABEL###'] = $this->pi_getLL('username', '', 1);
515 $markerArray['###REDIRECT_URL###'] = htmlspecialchars($gpRedirectUrl);
516 $markerArray['###NOREDIRECT###'] = $this->noRedirect ?
'1' : '0';
517 $markerArray['###PREFIXID###'] = $this->prefixId
;
518 $markerArray = array_merge($markerArray, $this->getUserFieldMarkers());
520 if ($this->flexFormValue('showForgotPassword','sDEF') ||
$this->conf
['showForgotPasswordLink']) {
521 $linkpartArray['###FORGOT_PASSWORD_LINK###'] = explode('|',$this->getPageLink('|',array($this->prefixId
.'[forgot]'=>1)));
522 $markerArray['###FORGOT_PASSWORD###'] = $this->pi_getLL('ll_forgot_header', '', 1);
524 $subpartArray['###FORGOTP_VALID###'] = '';
528 // The permanent login checkbox should only be shown if permalogin is not deactivated (-1), not forced to be always active (2) and lifetime is greater than 0
529 if ($this->conf
['showPermaLogin'] && t3lib_div
::inList('0,1', $GLOBALS['TYPO3_CONF_VARS']['FE']['permalogin']) && $GLOBALS['TYPO3_CONF_VARS']['FE']['lifetime'] > 0) {
530 $markerArray['###PERMALOGIN###'] = $this->pi_getLL('permalogin', '', 1);
531 if($GLOBALS['TYPO3_CONF_VARS']['FE']['permalogin'] == 1) {
532 $markerArray['###PERMALOGIN_HIDDENFIELD_ATTRIBUTES###'] = 'disabled="disabled"';
533 $markerArray['###PERMALOGIN_CHECKBOX_ATTRIBUTES###'] = 'checked="checked"';
535 $markerArray['###PERMALOGIN_HIDDENFIELD_ATTRIBUTES###'] = '';
536 $markerArray['###PERMALOGIN_CHECKBOX_ATTRIBUTES###'] = '';
539 $subpartArray['###PERMALOGIN_VALID###'] = '';
541 return $this->cObj
->substituteMarkerArrayCached($subpart, $markerArray, $subpartArray, $linkpartArray);
545 * Process redirect methods. The function searches for a redirect url using all configured methods.
547 * @return string redirect url
549 protected function processRedirect() {
550 $redirect_url = array();
551 if ($this->conf
['redirectMode']) {
552 $redirectMethods = t3lib_div
::trimExplode(',', $this->conf
['redirectMode'], TRUE);
553 foreach ($redirectMethods as $redirMethod) {
554 if ($GLOBALS['TSFE']->loginUser
&& $this->logintype
=== 'login') {
555 // logintype is needed because the login-page wouldn't be accessible anymore after a login (would always redirect)
556 switch ($redirMethod) {
557 case 'groupLogin': // taken from dkd_redirect_at_login written by Ingmar Schlecht; database-field changed
558 $groupData = $GLOBALS['TSFE']->fe_user
->groupData
;
559 $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery(
560 'felogin_redirectPid',
561 $GLOBALS['TSFE']->fe_user
->usergroup_table
,
562 'felogin_redirectPid!="" AND uid IN (' . implode(',', $groupData['uid']) . ')'
564 if ($row = $GLOBALS['TYPO3_DB']->sql_fetch_row($res)) {
565 $redirect_url[] = $this->pi_getPageLink($row[0]); // take the first group with a redirect page
569 $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery(
570 'felogin_redirectPid',
571 $GLOBALS['TSFE']->fe_user
->user_table
,
572 $GLOBALS['TSFE']->fe_user
->userid_column
. '=' . $GLOBALS['TSFE']->fe_user
->user
['uid'] . ' AND felogin_redirectPid!=""'
574 if ($row = $GLOBALS['TYPO3_DB']->sql_fetch_row($res)) {
575 $redirect_url[] = $this->pi_getPageLink($row[0]);
579 if ($this->conf
['redirectPageLogin']) {
580 $redirect_url[] = $this->pi_getPageLink(intval($this->conf
['redirectPageLogin']));
584 $redirect_url[] = $this->redirectUrl
;
587 // avoid forced logout, when trying to login immediatly after a logout
588 $redirect_url[] = preg_replace('/[&?]logintype=[a-z]+/', '', $this->referer
);
590 case 'refererDomains':
592 // Feature to redirect to the page where the user came from (HTTP_REFERER).
593 // Allowed domains to redirect to, can be configured with plugin.tx_felogin_pi1.domains
594 // Thanks to plan2.net / Martin Kutschker for implementing this feature.
595 if ($this->conf
['domains']) {
596 $url = $this->referer
;
597 // is referring url allowed to redirect?
599 if (preg_match('/^http://([[:alnum:]._-]+)//', $url, $match)) {
600 $redirect_domain = $match[1];
602 foreach(t3lib_div
::trimExplode(',', $this->conf
['domains'], TRUE) as $d) {
603 if (preg_match('/(^|\.)/'.$d.'$', $redirect_domain)) {
613 // Avoid forced logout, when trying to login immediatly after a logout
615 $redirect_url[] = preg_replace('/[&?]logintype=[a-z]+/', '', $url);
620 } elseif ($this->logintype
=== 'login') { // after login-error
621 switch ($redirMethod) {
623 if ($this->conf
['redirectPageLoginError']) {
624 $redirect_url[] = $this->pi_getPageLink(intval($this->conf
['redirectPageLoginError']));
628 } elseif (($this->logintype
== '') && ($redirMethod == 'login') && $this->conf
['redirectPageLogin']) {
629 // if login and page not accessible
630 $this->cObj
->typolink('', array(
631 'parameter' => $this->conf
['redirectPageLogin'],
632 'linkAccessRestrictedPages' => TRUE,
634 $redirect_url[] = $this->cObj
->lastTypoLinkUrl
;
636 } elseif (($this->logintype
== '') && ($redirMethod == 'logout') && $this->conf
['redirectPageLogout'] && $GLOBALS['TSFE']->loginUser
) {
637 // if logout and page not accessible
638 $redirect_url[] = $this->pi_getPageLink(intval($this->conf
['redirectPageLogout']));
640 } elseif ($this->logintype
=== 'logout') { // after logout
642 // Hook for general actions after after logout has been confirmed
643 if ($this->logintype
=== 'logout' && $GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['felogin']['logout_confirmed']) {
645 foreach($GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['felogin']['logout_confirmed'] as $_funcRef) {
647 t3lib_div
::callUserFunction($_funcRef, $_params, $this);
652 switch ($redirMethod) {
654 if ($this->conf
['redirectPageLogout']) {
655 $redirect_url[] = $this->pi_getPageLink(intval($this->conf
['redirectPageLogout']));
659 } else { // not logged in
660 // Placeholder for maybe future options
661 switch ($redirMethod) {
663 // preserve the get/post value
664 $redirect_url[] = $this->redirectUrl
;
671 // remove empty values
672 if (count($redirect_url)) {
673 return t3lib_div
::trimExplode(',', implode(',', $redirect_url), TRUE);
680 * Reads flexform configuration and merge it with $this->conf
684 protected function mergeflexFormValuesIntoConf() {
686 if ($this->flexFormValue('showForgotPassword', 'sDEF')) {
687 $flex['showForgotPassword'] = $this->flexFormValue('showForgotPassword','sDEF');
690 if ($this->flexFormValue('showPermaLogin', 'sDEF')) {
691 $flex['showPermaLogin'] = $this->flexFormValue('showPermaLogin', 'sDEF');
694 if ($this->flexFormValue('showLogoutFormAfterLogin', 'sDEF')) {
695 $flex['showLogoutFormAfterLogin'] = $this->flexFormValue('showLogoutFormAfterLogin', 'sDEF');
698 if ($this->flexFormValue('pages', 'sDEF')) {
699 $flex['pages'] = $this->flexFormValue('pages', 'sDEF');
702 if ($this->flexFormValue('recursive', 'sDEF')) {
703 $flex['recursive'] = $this->flexFormValue('recursive', 'sDEF');
706 if ($this->flexFormValue('templateFile', 'sDEF')) {
707 $flex['templateFile'] = $this->uploadDir
. $this->flexFormValue('templateFile', 'sDEF');
710 if ($this->flexFormValue('redirectMode', 's_redirect')) {
711 $flex['redirectMode'] = $this->flexFormValue('redirectMode', 's_redirect');
714 if ($this->flexFormValue('redirectFirstMethod', 's_redirect')) {
715 $flex['redirectFirstMethod'] = $this->flexFormValue('redirectFirstMethod', 's_redirect');
718 if ($this->flexFormValue('redirectDisable', 's_redirect')) {
719 $flex['redirectDisable'] = $this->flexFormValue('redirectDisable', 's_redirect');
722 if ($this->flexFormValue('redirectPageLogin', 's_redirect')) {
723 $flex['redirectPageLogin'] = $this->flexFormValue('redirectPageLogin', 's_redirect');
726 if ($this->flexFormValue('redirectPageLoginError', 's_redirect')) {
727 $flex['redirectPageLoginError'] = $this->flexFormValue('redirectPageLoginError','s_redirect');
730 if ($this->flexFormValue('redirectPageLogout', 's_redirect')) {
731 $flex['redirectPageLogout'] = $this->flexFormValue('redirectPageLogout', 's_redirect');
734 $pid = $flex['pages'] ?
$this->pi_getPidList($flex['pages'], $flex['recursive']) : 0;
736 $flex['storagePid'] = $pid;
739 $this->conf
= array_merge($this->conf
, $flex);
743 * Loads a variable from the flexform
745 * @param string name of variable
746 * @param string name of sheet
747 * @return string value of var
749 protected function flexFormValue($var, $sheet) {
750 return $this->pi_getFFvalue($this->cObj
->data
['pi_flexform'], $var,$sheet);
754 * Generate link with typolink function
756 * @param string linktext
757 * @param array link vars
758 * @param boolean TRUE: returns only url FALSE (default) returns the link)
760 * @return string link or url
762 protected function getPageLink($label, $piVars,$returnUrl = FALSE) {
763 $additionalParams = '';
765 if (count($piVars)) {
766 foreach($piVars as $key=>$val) {
767 $additionalParams .= '&' . $key . '=' . $val;
770 // should GETvars be preserved?
771 if ($this->conf
['preserveGETvars']) {
772 $additionalParams .= $this->getPreserveGetVars();
775 $this->conf
['linkConfig.']['parameter'] = $GLOBALS['TSFE']->id
;
776 if ($additionalParams) {
777 $this->conf
['linkConfig.']['additionalParams'] = $additionalParams;
781 return htmlspecialchars($this->cObj
->typolink_url($this->conf
['linkConfig.']));
783 return $this->cObj
->typolink($label,$this->conf
['linkConfig.']);
788 * Is used by TS-setting preserveGETvars
789 * possible values are "all" or a commaseperated list of GET-vars
790 * they are used as additionalParams for link generation
792 * @return string additionalParams-string
794 protected function getPreserveGetVars() {
797 $preserveVars =! ($this->conf
['preserveGETvars'] ||
$this->conf
['preserveGETvars']=='all' ?
array() : implode(',', (array)$this->conf
['preserveGETvars']));
798 $getVars = t3lib_div
::_GET();
800 foreach ($getVars as $key => $val) {
801 if (stristr($key,$this->prefixId
) === FALSE) {
802 if (is_array($val)) {
803 foreach ($val as $key1 => $val1) {
804 if ($this->conf
['preserveGETvars'] == 'all' ||
in_array($key . '[' . $key1 .']', $preserveVars)) {
805 $params .= '&' . $key . '[' . $key1 . ']=' . $val1;
809 if (!in_array($key, array('id','no_cache','logintype','redirect_url','cHash'))) {
810 $params .= '&' . $key . '=' . $val;
819 * Is used by forgot password - function with md5 option.
821 * @author Bernhard Kraft
823 * @param int length of new password
824 * @return string new password
826 protected function generatePassword($len) {
833 $pass .= chr($char - 10 +
97);
840 * Returns the header / message value from flexform if present, else from locallang.xml
842 * @param string label name
843 * @param string TS stdWrap array
844 * @return string label text
846 protected function getDisplayText($label, $stdWrapArray=array()) {
847 $text = $this->flexFormValue($label, 's_messages') ?
$this->cObj
->stdWrap($this->flexFormValue($label, 's_messages'), $stdWrapArray) : $this->cObj
->stdWrap($this->pi_getLL('ll_'.$label, '', 1), $stdWrapArray);
848 $replace = $this->getUserFieldMarkers();
849 return strtr($text, $replace);
853 * Returns Array of markers filled with user fields
855 * @return array marker array
857 protected function getUserFieldMarkers() {
859 // replace markers with fe_user data
860 if ($GLOBALS['TSFE']->fe_user
->user
) {
861 // all fields of fe_user will be replaced, scheme is ###FEUSER_FIELDNAME###
862 foreach ($GLOBALS['TSFE']->fe_user
->user
as $field => $value) {
863 $marker['###FEUSER_' . t3lib_div
::strtoupper($field) . '###'] = $this->cObj
->stdWrap($value, $this->conf
['userfields.'][$field . '.']);
865 // add ###USER### for compatibility
866 $marker['###USER###'] = $marker['###FEUSER_USERNAME###'];
872 * Returns a valid and XSS cleaned url for redirect, checked against configuration "allowedRedirectHosts"
875 * @return string cleaned referer or empty string if not valid
877 protected function validateRedirectUrl($url) {
883 $decodedUrl = rawurldecode($url);
884 $sanitizedUrl = t3lib_div
::removeXSS($decodedUrl);
886 if ($decodedUrl !== $sanitizedUrl ||
preg_match('#["<>\\\]+#', $url)) {
887 t3lib_div
::sysLog(sprintf($this->pi_getLL('xssAttackDetected'), $url), 'felogin', t3lib_div
::SYSLOG_SEVERITY_WARNING
);
892 if ($this->isRelativeUrl($url) ||
$this->isInCurrentDomain($url) ||
$this->isInLocalDomain($url)) {
896 // URL is not allowed
897 t3lib_div
::sysLog(sprintf($this->pi_getLL('noValidRedirectUrl'), $url), 'felogin', t3lib_div
::SYSLOG_SEVERITY_WARNING
);
902 * Determines whether the URL is on the current host
903 * and belongs to the current TYPO3 installation.
905 * @param string $url URL to be checked
906 * @return boolean Whether the URL belongs to the current TYPO3 installation
908 protected function isInCurrentDomain($url) {
909 return (t3lib_div
::isOnCurrentHost($url) && t3lib_div
::isFirstPartOfStr($url, t3lib_div
::getIndpEnv('TYPO3_SITE_URL')));
913 * Determines whether the URL matches a domain
914 * in the sys_domain databse table.
916 * @param string $url Absolute URL which needs to be checked
917 * @return boolean Whether the URL is considered to be local
919 protected function isInLocalDomain($url) {
922 if (t3lib_div
::isValidUrl($url)) {
923 $parsedUrl = parse_url($url);
924 if ($parsedUrl['scheme'] === 'http' ||
$parsedUrl['scheme'] === 'https' ) {
925 $host = $parsedUrl['host'];
926 // Removes the last path segment and slash sequences like /// (if given):
927 $path = preg_replace('#/+[^/]*$#', '', $parsedUrl['path']);
929 $localDomains = $GLOBALS['TYPO3_DB']->exec_SELECTgetRows(
932 '1=1' . $this->cObj
->enableFields('sys_domain')
934 if (is_array($localDomains)) {
935 foreach ($localDomains as $localDomain) {
936 // strip trailing slashes (if given)
937 $domainName = rtrim($localDomain['domainName'], '/');
938 if (t3lib_div
::isFirstPartOfStr($host. $path . '/', $domainName . '/')) {
950 * Determines wether the URL is relative to the
951 * current TYPO3 installation.
953 * @param string $url URL which needs to be checked
954 * @return boolean Whether the URL is considered to be relative
956 protected function isRelativeUrl($url) {
957 $parsedUrl = @parse_url
($url);
958 if ($parsedUrl !== FALSE && !isset($parsedUrl['scheme']) && !isset($parsedUrl['host'])) {
959 // If the relative URL starts with a slash, we need to check if it's within the current site path
960 return (!t3lib_div
::isFirstPartOfStr($parsedUrl['path'], '/') || t3lib_div
::isFirstPartOfStr($parsedUrl['path'], t3lib_div
::getIndpEnv('TYPO3_SITE_PATH')));
968 if (defined('TYPO3_MODE') && isset($GLOBALS['TYPO3_CONF_VARS'][TYPO3_MODE
]['XCLASS']['ext/felogin/pi1/class.tx_felogin_pi1.php'])) {
969 include_once($GLOBALS['TYPO3_CONF_VARS'][TYPO3_MODE
]['XCLASS']['ext/felogin/pi1/class.tx_felogin_pi1.php']);