[FEATURE] Add Hook to manipulate BE login form
[Packages/TYPO3.CMS.git] / typo3 / index.php
1 <?php
2 /***************************************************************
3 * Copyright notice
4 *
5 * (c) 1999-2011 Kasper Skårhøj (kasperYYYY@typo3.com)
6 * All rights reserved
7 *
8 * This script is part of the TYPO3 project. The TYPO3 project is
9 * free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
13 *
14 * The GNU General Public License can be found at
15 * http://www.gnu.org/copyleft/gpl.html.
16 * A copy is found in the textfile GPL.txt and important notices to the license
17 * from the author is found in LICENSE.txt distributed with these scripts.
18 *
19 *
20 * This script is distributed in the hope that it will be useful,
21 * but WITHOUT ANY WARRANTY; without even the implied warranty of
22 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
23 * GNU General Public License for more details.
24 *
25 * This copyright notice MUST APPEAR in all copies of the script!
26 ***************************************************************/
27
28 /**
29 * Login-screen of TYPO3.
30 *
31 * Revised for TYPO3 3.6 December/2003 by Kasper Skårhøj
32 * XHTML compliant
33 *
34 * @author Kasper Skårhøj <kasperYYYY@typo3.com>
35 */
36
37 define('TYPO3_PROCEED_IF_NO_USER', 1);
38 require('init.php');
39
40 /**
41 * Script Class for rendering the login form
42 *
43 * @author Kasper Skårhøj <kasperYYYY@typo3.com>
44 * @package TYPO3
45 * @subpackage core
46 */
47 class SC_index {
48
49 const SIGNAL_RenderLoginForm = 'renderLoginForm';
50
51 // Internal, GPvars:
52 // GPvar: redirect_url; The URL to redirect to after login.
53 var $redirect_url;
54 // GPvar: Defines which interface to load (from interface selector)
55 var $GPinterface;
56 // GPvar: preset username
57 var $u;
58 // GPvar: preset password
59 var $p;
60 // GPvar: If "L" is "OUT", then any logged in used is logged out. If redirect_url is given, we redirect to it
61 var $L;
62 // Login-refresh boolean; The backend will call this script with this value set when the login is close to being expired and the form needs to be redrawn.
63 var $loginRefresh;
64 // Value of forms submit button for login.
65 var $commandLI;
66
67 // Internal, static:
68 // Set to the redirect URL of the form (may be redirect_url or "backend.php")
69 var $redirectToURL;
70
71 // Internal, dynamic:
72 // Content accumulation
73 var $content;
74 // A selector box for selecting value for "interface" may be rendered into this variable
75 var $interfaceSelector;
76 // A selector box for selecting value for "interface" may be rendered into this variable
77 // this will have an onchange action which will redirect the user to the selected interface right away
78 var $interfaceSelector_jump;
79 // A hidden field, if the interface is not set.
80 var $interfaceSelector_hidden;
81 // Additional hidden fields to be placed at the login form
82 var $addFields_hidden = '';
83
84 // sets the level of security. *'normal' = clear-text. 'challenged' = hashed
85 // password/username from form in $formfield_uident. 'superchallenged' = hashed password hashed again with username.
86 var $loginSecurityLevel = 'superchallenged';
87
88 /**
89 * @var Tx_Extbase_SignalSlot_Dispatcher
90 */
91 protected $signalSlotDispatcher;
92
93 /**
94 * Initialize the login box. Will also react on a &L=OUT flag and exit.
95 *
96 * @return void
97 */
98 function init() {
99 // We need a PHP session session for most login levels
100 session_start();
101
102 $this->redirect_url = t3lib_div::sanitizeLocalUrl(t3lib_div::_GP('redirect_url'));
103 $this->GPinterface = t3lib_div::_GP('interface');
104
105 // Grabbing preset username and password, for security reasons this feature only works if SSL is used
106 if (t3lib_div::getIndpEnv('TYPO3_SSL')) {
107 $this->u = t3lib_div::_GP('u');
108 $this->p = t3lib_div::_GP('p');
109 }
110
111 // If "L" is "OUT", then any logged in is logged out. If redirect_url is given, we redirect to it
112 $this->L = t3lib_div::_GP('L');
113
114 // Login
115 $this->loginRefresh = t3lib_div::_GP('loginRefresh');
116
117 // Value of "Login" button. If set, the login button was pressed.
118 $this->commandLI = t3lib_div::_GP('commandLI');
119
120 // Sets the level of security from conf vars
121 if ($GLOBALS['TYPO3_CONF_VARS']['BE']['loginSecurityLevel']) {
122 $this->loginSecurityLevel = $GLOBALS['TYPO3_CONF_VARS']['BE']['loginSecurityLevel'];
123 }
124
125 // Try to get the preferred browser language
126 $preferredBrowserLanguage = $GLOBALS['LANG']->csConvObj->getPreferredClientLanguage(t3lib_div::getIndpEnv('HTTP_ACCEPT_LANGUAGE'));
127 // If we found a $preferredBrowserLanguage and it is not the default language and no be_user is logged in
128 // initialize $GLOBALS['LANG'] again with $preferredBrowserLanguage
129 if ($preferredBrowserLanguage != 'default' && !$GLOBALS['BE_USER']->user['uid']) {
130 $GLOBALS['LANG']->init($preferredBrowserLanguage);
131 }
132 $GLOBALS['LANG']->includeLLFile('EXT:lang/locallang_login.xml');
133
134 // Setting the redirect URL to "backend.php" if no alternative input is given
135 $this->redirectToURL = ($this->redirect_url ? $this->redirect_url : 'backend.php');
136
137 // Do a logout if the command is set
138 if ($this->L == 'OUT' && is_object($GLOBALS['BE_USER'])) {
139 $GLOBALS['BE_USER']->logoff();
140 if ($this->redirect_url) {
141 t3lib_utility_Http::redirect($this->redirect_url);
142 }
143 exit;
144 }
145 }
146
147 /**
148 * Main function - creating the login/logout form
149 *
150 * @return void
151 */
152 function main() {
153 // Initialize template object:
154 $GLOBALS['TBE_TEMPLATE']->bodyTagAdditions = ' onload="startUp();"';
155 $GLOBALS['TBE_TEMPLATE']->moduleTemplate = $GLOBALS['TBE_TEMPLATE']->getHtmlTemplate('templates/login.html');
156
157 $GLOBALS['TBE_TEMPLATE']->getPageRenderer()->loadExtJS();
158 $GLOBALS['TBE_TEMPLATE']->getPageRenderer()->loadPrototype();
159 $GLOBALS['TBE_TEMPLATE']->getPageRenderer()->loadScriptaculous();
160
161 // Set JavaScript for creating a MD5 hash of the password:
162 $GLOBALS['TBE_TEMPLATE']->JScode.= $this->getJScode();
163
164 // Checking, if we should make a redirect.
165 // Might set JavaScript in the header to close window.
166 $this->checkRedirect();
167
168 // Initialize interface selectors:
169 $this->makeInterfaceSelectorBox();
170
171 // Creating form based on whether there is a login or not:
172 if (!$GLOBALS['BE_USER']->user['uid']) {
173 $GLOBALS['TBE_TEMPLATE']->form = $this->startForm();
174 $loginForm = $this->makeLoginForm();
175 } else {
176 $GLOBALS['TBE_TEMPLATE']->form = '
177 <form action="index.php" method="post" name="loginform">
178 <input type="hidden" name="login_status" value="logout" />
179 ';
180 $loginForm = $this->makeLogoutForm();
181 }
182
183 // Starting page:
184 $this->content .= $GLOBALS['TBE_TEMPLATE']->startPage('TYPO3 Login: ' . $GLOBALS['TYPO3_CONF_VARS']['SYS']['sitename'], FALSE);
185
186 // Add login form:
187 $this->content .= $this->wrapLoginForm($loginForm);
188
189 $this->content .= $GLOBALS['TBE_TEMPLATE']->endPage();
190 }
191
192 /**
193 * Outputting the accumulated content to screen
194 *
195 * @return void
196 */
197 function printContent() {
198 echo $this->content;
199 }
200
201 /*****************************
202 *
203 * Various functions
204 *
205 ******************************/
206
207 /**
208 * Creates the login form
209 * This is drawn when NO login exists.
210 *
211 * @return string HTML output
212 */
213 function makeLoginForm() {
214 $content = t3lib_parsehtml::getSubpart($GLOBALS['TBE_TEMPLATE']->moduleTemplate, '###LOGIN_FORM###');
215 $markers = array(
216 'VALUE_USERNAME' => htmlspecialchars($this->u),
217 'VALUE_PASSWORD' => htmlspecialchars($this->p),
218 'VALUE_SUBMIT' => $GLOBALS['LANG']->getLL('labels.submitLogin', TRUE),
219 );
220
221 // Show an error message if the login command was successful already, otherwise remove the subpart
222 if (!$this->isLoginInProgress()) {
223 $content = t3lib_parsehtml::substituteSubpart($content, '###LOGIN_ERROR###', '');
224 } else {
225 $markers['ERROR_MESSAGE'] = $GLOBALS['LANG']->getLL('error.login', TRUE);
226 $markers['ERROR_LOGIN_TITLE'] = $GLOBALS['LANG']->getLL('error.login.title', TRUE);
227 $markers['ERROR_LOGIN_DESCRIPTION'] = $GLOBALS['LANG']->getLL('error.login.description', TRUE);
228 }
229
230 // Remove the interface selector markers if it's not available
231 if (!($this->interfaceSelector && !$this->loginRefresh)) {
232 $content = t3lib_parsehtml::substituteSubpart($content, '###INTERFACE_SELECTOR###', '');
233 } else {
234 $markers['LABEL_INTERFACE'] = $GLOBALS['LANG']->getLL('labels.interface', TRUE);
235 $markers['VALUE_INTERFACE'] = $this->interfaceSelector;
236 }
237
238 return t3lib_parsehtml::substituteMarkerArray($content, $markers, '###|###');
239 }
240
241 /**
242 * Creates the logout form
243 * This is drawn if a user login already exists.
244 *
245 * @return string HTML output
246 */
247 function makeLogoutForm() {
248 $content = t3lib_parsehtml::getSubpart($GLOBALS['TBE_TEMPLATE']->moduleTemplate, '###LOGOUT_FORM###');
249 $markers = array(
250 'LABEL_USERNAME' => $GLOBALS['LANG']->getLL('labels.username', TRUE),
251 'VALUE_USERNAME' => htmlspecialchars($GLOBALS['BE_USER']->user['username']),
252 'VALUE_SUBMIT' => $GLOBALS['LANG']->getLL('labels.submitLogout', TRUE),
253 );
254
255 // Remove the interface selector markers if it's not available
256 if (!$this->interfaceSelector_jump) {
257 $content = t3lib_parsehtml::substituteSubpart($content, '###INTERFACE_SELECTOR###', '');
258 } else {
259 $markers['LABEL_INTERFACE'] = $GLOBALS['LANG']->getLL('labels.interface', TRUE);
260 $markers['VALUE_INTERFACE'] = $this->interfaceSelector_jump;
261 }
262
263 return t3lib_parsehtml::substituteMarkerArray($content, $markers, '###|###');
264 }
265
266 /**
267 * Wrapping the login form table in another set of tables etc:
268 *
269 * @param string $content HTML content for the login form
270 * @return string The HTML for the page.
271 */
272 function wrapLoginForm($content) {
273 $mainContent = t3lib_parsehtml::getSubpart($GLOBALS['TBE_TEMPLATE']->moduleTemplate, '###PAGE###');
274
275 if ($GLOBALS['TBE_STYLES']['logo_login']) {
276 $logo = '<img src="'.htmlspecialchars($GLOBALS['BACK_PATH'] . $GLOBALS['TBE_STYLES']['logo_login']) . '" alt="" />';
277 } else {
278 $logo = '<img'.t3lib_iconWorks::skinImg($GLOBALS['BACK_PATH'], 'gfx/typo3logo.gif', 'width="123" height="34"').' alt="" />';
279 }
280
281 /** @var $browserWarning t3lib_FlashMessage */
282 $browserWarning = t3lib_div::makeInstance(
283 't3lib_FlashMessage',
284 // TODO: refactor if other old browsers are not supported anymore
285 $GLOBALS['LANG']->getLL('warning.incompatibleBrowser') . ' ' . $GLOBALS['LANG']->getLL('warning.incompatibleBrowserInternetExplorer'),
286 $GLOBALS['LANG']->getLL('warning.incompatibleBrowserHeadline'),
287 t3lib_FlashMessage::ERROR
288 );
289 $browserWarning = $browserWarning->render();
290
291 $additionalCssClasses = array();
292 if ($this->isLoginInProgress()) {
293 $additionalCssClasses[] = 'error';
294 }
295 if ($this->loginRefresh) {
296 $additionalCssClasses[] = 'refresh';
297 }
298
299 $markers = array(
300 'LOGO' => $logo,
301 'LOGINBOX_IMAGE' => $this->makeLoginBoxImage(),
302 'FORM' => $content,
303 'NEWS' => $this->makeLoginNews(),
304 'COPYRIGHT' => $this->makeCopyrightNotice(),
305 'CSS_CLASSES' => !empty($additionalCssClasses) ? 'class="' . implode(' ', $additionalCssClasses) . '"' : '',
306 'CSS_OPENIDCLASS' => 't3-login-openid-' . (t3lib_extMgm::isLoaded('openid') ? 'enabled' : 'disabled'),
307
308 // The labels will be replaced later on, thus the other parts above
309 // can use these markers as well and it will be replaced
310 'HEADLINE' => $GLOBALS['LANG']->getLL('headline', TRUE),
311 'INFO_ABOUT' => $GLOBALS['LANG']->getLL('info.about', TRUE),
312 'INFO_RELOAD' => $GLOBALS['LANG']->getLL('info.reset', TRUE),
313 'INFO' => $GLOBALS['LANG']->getLL('info.cookies_and_js', TRUE),
314 'WARNING_BROWSER_INCOMPATIBLE' => $browserWarning,
315 'ERROR_JAVASCRIPT' => $GLOBALS['LANG']->getLL('error.javascript', TRUE),
316 'ERROR_COOKIES' => $GLOBALS['LANG']->getLL('error.cookies', TRUE),
317 'ERROR_COOKIES_IGNORE' => $GLOBALS['LANG']->getLL('error.cookies_ignore', TRUE),
318 'ERROR_CAPSLOCK' => $GLOBALS['LANG']->getLL('error.capslock', TRUE),
319 'ERROR_FURTHERHELP' => $GLOBALS['LANG']->getLL('error.furtherInformation', TRUE),
320 'LABEL_DONATELINK' => $GLOBALS['LANG']->getLL('labels.donate', TRUE),
321 'LABEL_USERNAME' => $GLOBALS['LANG']->getLL('labels.username', TRUE),
322 'LABEL_OPENID' => $GLOBALS['LANG']->getLL('labels.openId', TRUE),
323 'LABEL_PASSWORD' => $GLOBALS['LANG']->getLL('labels.password', TRUE),
324 'LABEL_WHATISOPENID' => $GLOBALS['LANG']->getLL('labels.whatIsOpenId', TRUE),
325 'LABEL_SWITCHOPENID' => $GLOBALS['LANG']->getLL('labels.switchToOpenId', TRUE),
326 'LABEL_SWITCHDEFAULT' => $GLOBALS['LANG']->getLL('labels.switchToDefault', TRUE),
327 'CLEAR' => $GLOBALS['LANG']->getLL('clear', TRUE),
328 'LOGIN_PROCESS' => $GLOBALS['LANG']->getLL('login_process', TRUE),
329 'SITELINK' => '<a href="/">###SITENAME###</a>',
330
331 // Global variables will now be replaced (at last)
332 'SITENAME' => htmlspecialchars($GLOBALS['TYPO3_CONF_VARS']['SYS']['sitename'])
333 );
334 $this->emitRenderLoginFormSignal($markers);
335 return t3lib_parsehtml::substituteMarkerArray($mainContent, $markers, '###|###');
336 }
337
338 /**
339 * Checking, if we should perform some sort of redirection OR closing of windows.
340 *
341 * @return void
342 */
343 function checkRedirect() {
344 // Do redirect:
345 // If a user is logged in AND a) if either the login is just done (isLoginInProgress) or b) a loginRefresh is done or c) the interface-selector is NOT enabled (If it is on the other hand, it should not just load an interface, because people has to choose then...)
346 if ($GLOBALS['BE_USER']->user['uid'] && ($this->isLoginInProgress() || $this->loginRefresh || !$this->interfaceSelector)) {
347
348 // If no cookie has been set previously we tell people that this is a problem. This assumes that a cookie-setting script (like this one) has been hit at least once prior to this instance.
349 if (!$_COOKIE[t3lib_beUserAuth::getCookieName()]) {
350 if ($this->commandLI == 'setCookie') {
351 // we tried it a second time but still no cookie
352 // 26/4 2005: This does not work anymore, because the saving of challenge values in $_SESSION means the system will act as if the password was wrong.
353 throw new RuntimeException('Login-error: Yeah, that\'s a classic. No cookies, no TYPO3.<br /><br />Please accept cookies from TYPO3 - otherwise you\'ll not be able to use the system.', 1294586846);
354 } else {
355 // try it once again - that might be needed for auto login
356 $this->redirectToURL = 'index.php?commandLI=setCookie';
357 }
358 }
359
360 if (($redirectToURL = (string)$GLOBALS['BE_USER']->getTSConfigVal('auth.BE.redirectToURL'))) {
361 $this->redirectToURL = $redirectToURL;
362 $this->GPinterface = '';
363 }
364
365 // store interface
366 $GLOBALS['BE_USER']->uc['interfaceSetup'] = $this->GPinterface;
367 $GLOBALS['BE_USER']->writeUC();
368
369 // Based on specific setting of interface we set the redirect script:
370 switch ($this->GPinterface) {
371 case 'backend':
372 case 'backend_old':
373 $this->redirectToURL = 'backend.php';
374 break;
375 case 'frontend':
376 $this->redirectToURL = '../';
377 break;
378 }
379
380 /** @var $formProtection t3lib_formprotection_BackendFormProtection */
381 $formProtection = t3lib_formprotection_Factory::get();
382 // If there is a redirect URL AND if loginRefresh is not set...
383 if (!$this->loginRefresh) {
384 $formProtection->storeSessionTokenInRegistry();
385 t3lib_utility_Http::redirect($this->redirectToURL);
386 } else {
387 $formProtection->setSessionTokenFromRegistry();
388 $formProtection->persistSessionToken();
389 $GLOBALS['TBE_TEMPLATE']->JScode.=$GLOBALS['TBE_TEMPLATE']->wrapScriptTags('
390 if (parent.opener && (parent.opener.busy || parent.opener.TYPO3.loginRefresh)) {
391 if (parent.opener.TYPO3.loginRefresh) {
392 parent.opener.TYPO3.loginRefresh.startTimer();
393 } else {
394 parent.opener.busy.loginRefreshed();
395 }
396 parent.close();
397 }
398 ');
399 }
400 } elseif (!$GLOBALS['BE_USER']->user['uid'] && $this->isLoginInProgress()) {
401 // Wrong password, wait for 5 seconds
402 sleep(5);
403 }
404 }
405
406 /**
407 * Making interface selector:
408 *
409 * @return void
410 */
411 function makeInterfaceSelectorBox() {
412 // Reset variables:
413 $this->interfaceSelector = '';
414 $this->interfaceSelector_hidden='';
415 $this->interfaceSelector_jump = '';
416
417 // If interfaces are defined AND no input redirect URL in GET vars:
418 if ($GLOBALS['TYPO3_CONF_VARS']['BE']['interfaces'] && ($this->isLoginInProgress() || !$this->redirect_url)) {
419 $parts = t3lib_div::trimExplode(',', $GLOBALS['TYPO3_CONF_VARS']['BE']['interfaces']);
420 // Only if more than one interface is defined will we show the selector:
421 if (count($parts) > 1) {
422
423 // Initialize:
424 $labels = array();
425
426 $labels['backend'] = $GLOBALS['LANG']->getLL('interface.backend');
427 $labels['backend_old'] = $GLOBALS['LANG']->getLL('interface.backend_old');
428 $labels['frontend'] = $GLOBALS['LANG']->getLL('interface.frontend');
429
430 $jumpScript = array();
431 $jumpScript['backend'] = 'backend.php';
432 $jumpScript['backend_old'] = 'backend.php';
433 $jumpScript['frontend'] = '../';
434
435 // Traverse the interface keys:
436 foreach ($parts as $valueStr) {
437 $this->interfaceSelector.='
438 <option value="'.htmlspecialchars($valueStr).'"'.(t3lib_div::_GP('interface')==htmlspecialchars($valueStr) ? ' selected="selected"' : '').'>'.htmlspecialchars($labels[$valueStr]).'</option>';
439 $this->interfaceSelector_jump.='
440 <option value="'.htmlspecialchars($jumpScript[$valueStr]).'">'.htmlspecialchars($labels[$valueStr]).'</option>';
441 }
442 $this->interfaceSelector='
443 <select id="t3-interfaceselector" name="interface" class="c-interfaceselector" tabindex="3">'.$this->interfaceSelector.'
444 </select>';
445 $this->interfaceSelector_jump='
446 <select id="t3-interfaceselector" name="interface" class="c-interfaceselector" tabindex="3" onchange="window.location.href=this.options[this.selectedIndex].value;">'.$this->interfaceSelector_jump.'
447 </select>';
448
449 } elseif (!$this->redirect_url) {
450 // If there is only ONE interface value set and no redirect_url is present:
451 $this->interfaceSelector_hidden='<input type="hidden" name="interface" value="'.trim($GLOBALS['TYPO3_CONF_VARS']['BE']['interfaces']).'" />';
452 }
453 }
454 }
455
456 /**
457 * COPYRIGHT notice
458 *
459 * Warning:
460 * DO NOT prevent this notice from being shown in ANY WAY.
461 * According to the GPL license an interactive application must show such a notice on start-up ('If the program is interactive, make it output a short notice... ' - see GPL.txt)
462 * Therefore preventing this notice from being properly shown is a violation of the license, regardless of whether you remove it or use a stylesheet to obstruct the display.
463 *
464 * @return string Text/Image (HTML) for copyright notice.
465 */
466 function makeCopyrightNotice() {
467
468 // Get values from TYPO3_CONF_VARS:
469 $loginCopyrightWarrantyProvider = strip_tags(trim($GLOBALS['TYPO3_CONF_VARS']['SYS']['loginCopyrightWarrantyProvider']));
470 $loginCopyrightWarrantyURL = strip_tags(trim($GLOBALS['TYPO3_CONF_VARS']['SYS']['loginCopyrightWarrantyURL']));
471 $loginImageSmall = (trim($GLOBALS['TBE_STYLES']['loginBoxImageSmall'])) ? trim($GLOBALS['TBE_STYLES']['loginBoxImageSmall']) : 'gfx/loginlogo_transp.gif';
472
473 // Make warranty note:
474 if (strlen($loginCopyrightWarrantyProvider)>=2 && strlen($loginCopyrightWarrantyURL)>=10) {
475 $warrantyNote = sprintf($GLOBALS['LANG']->getLL('warranty.by'), htmlspecialchars($loginCopyrightWarrantyProvider), '<a href="' . htmlspecialchars($loginCopyrightWarrantyURL) . '" target="_blank">', '</a>');
476 } else {
477 $warrantyNote = sprintf($GLOBALS['LANG']->getLL('no.warranty'), '<a href="' . TYPO3_URL_LICENSE . '" target="_blank">', '</a>');
478 }
479
480 // Compile full copyright notice:
481 $copyrightNotice = '<a href="' . TYPO3_URL_GENERAL . '" target="_blank">' .
482 '<img src="' . $loginImageSmall . '" alt="' . $GLOBALS['LANG']->getLL('typo3.logo') . '" align="left" />' .
483 $GLOBALS['LANG']->getLL('typo3.cms') . ($GLOBALS['TYPO3_CONF_VARS']['SYS']['loginCopyrightShowVersion']?' ' . $GLOBALS['LANG']->getLL('version.short') . ' ' . htmlspecialchars(TYPO3_version):'') .
484 '</a>. ' .
485 $GLOBALS['LANG']->getLL('copyright') . ' &copy; ' . TYPO3_copyright_year . ' Kasper Sk&#229;rh&#248;j. ' . $GLOBALS['LANG']->getLL('extension.copyright') . ' ' .
486 sprintf($GLOBALS['LANG']->getLL('details.link'), '<a href="' . TYPO3_URL_GENERAL . '" target="_blank">' . TYPO3_URL_GENERAL . '</a>') . '<br /> ' .
487 $warrantyNote . ' ' .
488 sprintf($GLOBALS['LANG']->getLL('free.software'), '<a href="' . TYPO3_URL_LICENSE . '" target="_blank">', '</a> ') .
489 $GLOBALS['LANG']->getLL('keep.notice');
490
491 // Return notice:
492 return $copyrightNotice;
493 }
494
495 /**
496 * Returns the login box image, whether the default or an image from the rotation folder.
497 *
498 * @return string HTML image tag.
499 */
500 function makeLoginBoxImage() {
501 $loginboxImage = '';
502 // Look for rotation image folder:
503 if ($GLOBALS['TBE_STYLES']['loginBoxImage_rotationFolder']) {
504 $absPath = t3lib_div::resolveBackPath(PATH_typo3.$GLOBALS['TBE_STYLES']['loginBoxImage_rotationFolder']);
505
506 // Get rotation folder:
507 $dir = t3lib_div::getFileAbsFileName($absPath);
508 if ($dir && @is_dir($dir)) {
509
510 // Get files for rotation into array:
511 $files = t3lib_div::getFilesInDir($dir, 'png,jpg,gif');
512
513 // Pick random file:
514 $randImg = array_rand($files, 1);
515
516 // Get size of random file:
517 $imgSize = @getimagesize($dir.$files[$randImg]);
518
519 $imgAuthor = is_array($GLOBALS['TBE_STYLES']['loginBoxImage_author']) && $GLOBALS['TBE_STYLES']['loginBoxImage_author'][$files[$randImg]] ? htmlspecialchars($GLOBALS['TBE_STYLES']['loginBoxImage_author'][$files[$randImg]]) : '';
520
521 // Create image tag:
522 if (is_array($imgSize)) {
523 $loginboxImage = '<img src="' . htmlspecialchars($GLOBALS['TBE_STYLES']['loginBoxImage_rotationFolder'] .
524 $files[$randImg]) . '" ' . $imgSize[3] . ' id="loginbox-image" alt="' . $imgAuthor . '" title="' .
525 $imgAuthor . '" />';
526 }
527 }
528 } else { // If no rotation folder configured, print default image:
529 // Development version
530 if (strstr(TYPO3_version, '-dev')) {
531 $loginImage = 'loginbox_image_dev.png';
532 $imagecopy = 'You are running a development version of TYPO3 ' . TYPO3_branch;
533 } else {
534 $loginImage = 'loginbox_image.jpg';
535 $imagecopy = 'Photo by J.C. Franca (www.digitalphoto.com.br)';
536 }
537 $loginboxImage = '<img' . t3lib_iconWorks::skinImg($GLOBALS['BACK_PATH'], 'gfx/' . $loginImage, 'width="200" height="133"') .
538 ' id="loginbox-image" alt="' . $imagecopy . '" title="' . $imagecopy . '" />';
539 }
540
541 // Return image tag:
542 return $loginboxImage;
543 }
544
545 /**
546 * Make login news - renders the HTML content for a list of news shown under
547 * the login form. News data is added through $GLOBALS['TYPO3_CONF_VARS']
548 *
549 * @return string HTML content
550 * @credits Idea by Jan-Hendrik Heuing
551 */
552 function makeLoginNews() {
553 $newsContent = '';
554
555 $systemNews = $this->getSystemNews();
556
557 // Traverse news array IF there are records in it:
558 if (is_array($systemNews) && count($systemNews) && !t3lib_div::_GP('loginRefresh')) {
559 /** @var $htmlParser t3lib_parsehtml_proc */
560 $htmlParser = t3lib_div::makeInstance('t3lib_parsehtml_proc');
561 // Get the main news template, and replace the subpart after looped through
562 $newsContent = t3lib_parsehtml::getSubpart($GLOBALS['TBE_TEMPLATE']->moduleTemplate, '###LOGIN_NEWS###');
563 $newsItemTemplate = t3lib_parsehtml::getSubpart($newsContent, '###NEWS_ITEM###');
564
565 $newsItem = '';
566 $count = 1;
567 foreach ($systemNews as $newsItemData) {
568 $additionalClass = '';
569 if ($count == 1) {
570 $additionalClass = ' first-item';
571 } elseif($count == count($systemNews)) {
572 $additionalClass = ' last-item';
573 }
574
575 $newsItemContent = $htmlParser->TS_transform_rte($htmlParser->TS_links_rte($newsItemData['content']));
576 $newsItemMarker = array(
577 '###HEADER###' => htmlspecialchars($newsItemData['header']),
578 '###DATE###' => htmlspecialchars($newsItemData['date']),
579 '###CONTENT###' => $newsItemContent,
580 '###CLASS###' => $additionalClass
581 );
582
583 $count++;
584 $newsItem .= t3lib_parsehtml::substituteMarkerArray($newsItemTemplate, $newsItemMarker);
585 }
586
587 $title = ($GLOBALS['TYPO3_CONF_VARS']['BE']['loginNewsTitle'] ? $GLOBALS['TYPO3_CONF_VARS']['BE']['loginNewsTitle'] : $GLOBALS['LANG']->getLL('newsheadline'));
588
589 $newsContent = t3lib_parsehtml::substituteMarker($newsContent, '###NEWS_HEADLINE###', htmlspecialchars($title));
590 $newsContent = t3lib_parsehtml::substituteSubpart($newsContent, '###NEWS_ITEM###', $newsItem);
591 }
592
593 return $newsContent;
594 }
595
596 /**
597 * Gets news from sys_news and converts them into a format suitable for
598 * showing them at the login screen.
599 *
600 * @return array An array of login news.
601 */
602 protected function getSystemNews() {
603 $systemNewsTable = 'sys_news';
604 $systemNews = array();
605
606 $systemNewsRecords = $GLOBALS['TYPO3_DB']->exec_SELECTgetRows(
607 'title, content, crdate',
608 $systemNewsTable,
609 '1=1' .
610 t3lib_BEfunc::BEenableFields($systemNewsTable) .
611 t3lib_BEfunc::deleteClause($systemNewsTable),
612 '',
613 'crdate DESC'
614 );
615
616 foreach ($systemNewsRecords as $systemNewsRecord) {
617 $systemNews[] = array(
618 'date' => date(
619 $GLOBALS['TYPO3_CONF_VARS']['SYS']['ddmmyy'],
620 $systemNewsRecord['crdate']
621 ),
622 'header' => $systemNewsRecord['title'],
623 'content' => $systemNewsRecord['content']
624 );
625 }
626
627 return $systemNews;
628 }
629
630 /**
631 * Returns the form tag
632 *
633 * @return string Opening form tag string
634 */
635 function startForm() {
636 $output = '';
637
638 // The form defaults to 'no login'. This prevents plain
639 // text logins to the Backend. The 'sv' extension changes the form to
640 // use superchallenged method and rsaauth extension makes rsa authetication.
641 $form = '<form action="index.php" method="post" name="loginform" ' .
642 'onsubmit="alert(\'No authentication methods available. Please, ' .
643 'contact your TYPO3 administrator.\');return false">';
644
645 // Call hooks. If they do not return anything, we fail to login
646 if (is_array($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['typo3/index.php']['loginFormHook'])) {
647 foreach ($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['typo3/index.php']['loginFormHook'] as $function) {
648 $params = array();
649 $formCode = t3lib_div::callUserFunction($function, $params, $this);
650 if ($formCode) {
651 $form = $formCode;
652 break;
653 }
654 }
655 }
656
657 $output .= $form .
658 '<input type="hidden" name="login_status" value="login" />' .
659 '<input type="hidden" name="userident" value="" />' .
660 '<input type="hidden" name="redirect_url" value="' . htmlspecialchars($this->redirectToURL) . '" />' .
661 '<input type="hidden" name="loginRefresh" value="' . htmlspecialchars($this->loginRefresh) . '" />' .
662 $this->interfaceSelector_hidden . $this->addFields_hidden;
663
664 return $output;
665 }
666
667 /**
668 * Creates JavaScript for the login form
669 *
670 * @return string JavaScript code
671 */
672 function getJScode() {
673 $JSCode = '';
674 if (is_array($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['typo3/index.php']['loginScriptHook'])) {
675 foreach ($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['typo3/index.php']['loginScriptHook'] as $function) {
676 $params = array();
677 $JSCode = t3lib_div::callUserFunction($function, $params, $this);
678 if ($JSCode) {
679 break;
680 }
681 }
682 }
683 $JSCode .= $GLOBALS['TBE_TEMPLATE']->wrapScriptTags('
684 function startUp() {
685 // If the login screen is shown in the login_frameset window for re-login, then try to get the username of the current/former login from opening windows main frame:
686 try {
687 if (parent.opener && parent.opener.TS && parent.opener.TS.username && document.loginform && document.loginform.username) {
688 document.loginform.username.value = parent.opener.TS.username;
689 }
690 }
691 catch(error) {
692 //continue
693 }
694
695 // Wait a few millisecons before calling checkFocus(). This might be necessary because some browsers need some time to auto-fill in the form fields
696 window.setTimeout("checkFocus()", 50);
697 }
698
699 // This moves focus to the right input field:
700 function checkFocus() {
701 // If for some reason there already is a username in the username form field, move focus to the password field:
702 if (document.loginform.username && document.loginform.username.value == "") {
703 document.loginform.username.focus();
704 } else if (document.loginform.p_field && document.loginform.p_field.type!="hidden") {
705 document.loginform.p_field.focus();
706 }
707 }
708
709 // This function shows a warning, if user has capslock enabled
710 // parameter showWarning: shows warning if TRUE and capslock active, otherwise only hides warning, if capslock gets inactive
711 function checkCapslock(e, showWarning) {
712 if (!isCapslock(e)) {
713 document.getElementById(\'t3-capslock\').style.display = \'none\';
714 } else if (showWarning) {
715 document.getElementById(\'t3-capslock\').style.display = \'block\';
716 }
717 }
718
719 // Checks weather capslock is enabled (returns TRUE if enabled, false otherwise)
720 // thanks to http://24ways.org/2007/capturing-caps-lock
721
722 function isCapslock(e) {
723 var ev = e ? e : window.event;
724 if (!ev) {
725 return;
726 }
727 var targ = ev.target ? ev.target : ev.srcElement;
728 // get key pressed
729 var which = -1;
730 if (ev.which) {
731 which = ev.which;
732 } else if (ev.keyCode) {
733 which = ev.keyCode;
734 }
735 // get shift status
736 var shift_status = false;
737 if (ev.shiftKey) {
738 shift_status = ev.shiftKey;
739 } else if (ev.modifiers) {
740 shift_status = !!(ev.modifiers & 4);
741 }
742 return (((which >= 65 && which <= 90) && !shift_status) ||
743 ((which >= 97 && which <= 122) && shift_status));
744 }
745
746 // prevent opening the login form in the backend frameset
747 if (top.location.href != self.location.href) {
748 top.location.href = self.location.href;
749 }
750
751 ');
752
753 return $JSCode;
754 }
755
756 /**
757 * Checks if login credentials are currently submitted
758 *
759 * @return boolean
760 */
761 protected function isLoginInProgress() {
762 $username = t3lib_div::_GP('username');
763 return !(empty($username) && empty($this->commandLI));
764 }
765
766 /**
767 * Emits the render login form signal
768 *
769 * @param array $markers Array with markers for the login form
770 * @return void
771 */
772 protected function emitRenderLoginFormSignal(array &$markers) {
773 $this->getSignalSlotDispatcher()->dispatch(
774 'SC_index',
775 self::SIGNAL_RenderLoginForm,
776 array($this, $markers)
777 );
778 }
779
780 /**
781 * Get the SignalSlot dispatcher
782 *
783 * @return Tx_Extbase_SignalSlot_Dispatcher
784 */
785 protected function getSignalSlotDispatcher() {
786 if (!isset($this->signalSlotDispatcher)) {
787 $this->signalSlotDispatcher = $this->getObjectManager()->get('Tx_Extbase_SignalSlot_Dispatcher');
788 }
789 return $this->signalSlotDispatcher;
790 }
791
792 /**
793 * Get the ObjectManager
794 *
795 * @return Tx_Extbase_Object_ObjectManager
796 */
797 protected function getObjectManager() {
798 return t3lib_div::makeInstance('Tx_Extbase_Object_ObjectManager');
799 }
800
801 }
802
803 // Make instance:
804 /** @var $SOBE SC_index */
805 $SOBE = t3lib_div::makeInstance('SC_index');
806 $SOBE->init();
807 $SOBE->main();
808 $SOBE->printContent();
809
810 ?>