Fixed bug #14117: RuntimeException thrown within the exception handler when wrong...
[Packages/TYPO3.CMS.git] / t3lib / class.t3lib_beuserauth.php
index b54d1d4..4a693f1 100644 (file)
@@ -136,6 +136,9 @@ class t3lib_beUserAuth extends t3lib_userAuthGroup {
                'disableCMlayers' => 0,
                'navFrameWidth' => '',  // Default is 245 pixels
                'navFrameResizable' => 0,
+               'resizeTextareas' => 1,
+               'resizeTextareas_MaxHeight' => 300,
+               'resizeTextareas_Flexible' => 1,
        );
 
 
@@ -157,9 +160,11 @@ class t3lib_beUserAuth extends t3lib_userAuthGroup {
         *
         * @param       boolean         Activate insertion of the URL.
         * @return      void
-        * @deprecated since TYPO3 3.6
+        * @deprecated since TYPO3 3.6, this function will be removed in TYPO3 4.5.
         */
        function trackBeUser($flag)     {
+               t3lib_div::logDeprecatedFunction();
+
                if ($flag && t3lib_extMgm::isLoaded('beuser_tracking')) {
                        $insertFields = array(
                                'userid' => intval($this->user['uid']),
@@ -200,13 +205,12 @@ class t3lib_beUserAuth extends t3lib_userAuthGroup {
        function backendCheckLogin()    {
                if (!$this->user['uid'])        {
                        if (!defined('TYPO3_PROCEED_IF_NO_USER') || !TYPO3_PROCEED_IF_NO_USER)  {
-                               t3lib_BEfunc::typo3PrintError ('Login-error or session timed-out', 'No user logged in! Sorry, I can\'t proceed then!<br /><br />(You must have cookies enabled!)<br /><br />If your session has just timed-out, you may<br /><a href="'.t3lib_div::locationHeaderUrl(t3lib_div::getIndpEnv('TYPO3_SITE_URL').TYPO3_mainDir.'index.php'.'" target="_top">click here to re-login</a>.',0));
-                               exit;
+                               t3lib_utility_Http::redirect($GLOBALS['BACK_PATH']);
                        }
                } else {        // ...and if that's the case, call these functions
                        $this->fetchGroupData();        //      The groups are fetched and ready for permission checking in this initialization.        Tables.php must be read before this because stuff like the modules has impact in this
                        if ($this->checkLockToIP())     {
-                               if (!$GLOBALS['TYPO3_CONF_VARS']['BE']['adminOnly'] || $this->isAdmin())        {
+                               if ($this->isUserAllowedToLogin()) {
                                        $this->backendSetUC();          // Setting the UC array. It's needed with fetchGroupData first, due to default/overriding of values.
                                        $this->emailAtLogin();          // email at login - if option set.
                                } else {
@@ -235,10 +239,10 @@ class t3lib_beUserAuth extends t3lib_userAuthGroup {
                                        if ($this->user['uid']) {
                                                if (!$this->isAdmin())  {
                                                        return TRUE;
-                                               } else die('ERROR: CLI backend user "'.$userName.'" was ADMIN which is not allowed!'.chr(10).chr(10));
-                                       } else die('ERROR: No backend user named "'.$userName.'" was found! [Database: '.TYPO3_db.']'.chr(10).chr(10));
-                               } else die('ERROR: Module name, "'.$GLOBALS['MCONF']['name'].'", was not prefixed with "_CLI_"'.chr(10).chr(10));
-                       } else die('ERROR: Another user was already loaded which is impossible in CLI mode!'.chr(10).chr(10));
+                                               } else die('ERROR: CLI backend user "'.$userName.'" was ADMIN which is not allowed!'.LF.LF);
+                                       } else die('ERROR: No backend user named "'.$userName.'" was found! [Database: '.TYPO3_db.']'.LF.LF);
+                               } else die('ERROR: Module name, "'.$GLOBALS['MCONF']['name'].'", was not prefixed with "_CLI_"'.LF.LF);
+                       } else die('ERROR: Another user was already loaded which is impossible in CLI mode!'.LF.LF);
                }
        }
 
@@ -259,7 +263,11 @@ class t3lib_beUserAuth extends t3lib_userAuthGroup {
                }
                        // Setting defaults if uc is empty
                if (!is_array($this->uc))       {
-                       $this->uc = array_merge($this->uc_default, (array)$TYPO3_CONF_VARS['BE']['defaultUC'], (array)$this->getTSConfigProp('setup.default')); // Candidate for t3lib_div::array_merge() if integer-keys will some day make trouble...
+                       $this->uc = array_merge(
+                               $this->uc_default,
+                               (array) $TYPO3_CONF_VARS['BE']['defaultUC'],
+                               t3lib_div::removeDotsFromTS((array) $this->getTSConfigProp('setup.default'))
+                       );
                        $this->overrideUC();
                        $U=1;
                }
@@ -337,7 +345,7 @@ class t3lib_beUserAuth extends t3lib_userAuthGroup {
                                        $prefix='[AdminLoginWarning]';
                                }
                                if ($warn)      {
-                                       mail($GLOBALS['TYPO3_CONF_VARS']['BE']['warning_email_addr'],
+                                       t3lib_utility_Mail::mail($GLOBALS['TYPO3_CONF_VARS']['BE']['warning_email_addr'],
                                                $prefix.' '.$subject,
                                                $msg,
                                                $this->notifyHeader
@@ -347,7 +355,7 @@ class t3lib_beUserAuth extends t3lib_userAuthGroup {
 
                                // If An email should be sent to the current user, do that:
                        if ($this->uc['emailMeAtLogin'] && strstr($this->user['email'],'@'))    {
-                               mail($this->user['email'],
+                               t3lib_utility_Mail::mail($this->user['email'],
                                        $subject,
                                        $msg,
                                        $this->notifyHeader
@@ -357,47 +365,28 @@ class t3lib_beUserAuth extends t3lib_userAuthGroup {
        }
 
        /**
-        * VeriCode returns 10 first chars of a md5 hash of the session cookie AND the encryptionKey from TYPO3_CONF_VARS.
-        * This code is used as an alternative verification when the JavaScript interface executes cmd's to tce_db.php from eg. MSIE 5.0 because the proper referer is not passed with this browser...
-        *
-        * @return      string
-        */
-       function veriCode()     {
-               return substr(md5($this->id.$GLOBALS['TYPO3_CONF_VARS']['SYS']['encryptionKey']),0,10);
-       }
-
-
-       /**
-        * The session_id is used to find user in the database.
-        * Two tables are joined: The session-table with user_id of the session and the usertable with its primary key
-        * if the client is flash (e.g. from a flash application inside TYPO3 that does a server request)
-        * then don't evaluate with the hashLockClause, as the client/browser is included in this hash
-        * and thus, the flash request would be rejected
+        * Determines whether a backend user is allowed to access the backend.
         *
-        * @return DB result object or false on error
-        * @access private
+        * The conditions are:
+        *      + backend user is a regular user and adminOnly is not defined
+        *      + backend user is an admin user
+        *      + backend user is used in CLI context and adminOnly is explicitely set to "2"
+        * 
+        * @return      boolean         Whether a backend user is allowed to access the backend
         */
-       protected function fetchUserSessionFromDB() {
-               if ($GLOBALS['CLIENT']['BROWSER'] == 'flash') {
-                       // if on the flash client, the veri code is valid, then the user session is fetched
-                       // from the DB without the hashLock clause
-                       if (t3lib_div::_GP('vC') == $this->veriCode()) {
-                               $dbres = $GLOBALS['TYPO3_DB']->exec_SELECTquery(
-                                               '*',
-                                               $this->session_table.','.$this->user_table,
-                                               $this->session_table.'.ses_id = '.$GLOBALS['TYPO3_DB']->fullQuoteStr($this->id, $this->session_table).'
-                                                       AND '.$this->session_table.'.ses_name = '.$GLOBALS['TYPO3_DB']->fullQuoteStr($this->name, $this->session_table).'
-                                                       AND '.$this->session_table.'.ses_userid = '.$this->user_table.'.'.$this->userid_column.'
-                                                       '.$this->ipLockClause().'
-                                                       '.$this->user_where_clause()
-                               );
-                       } else {
-                               $dbres = false;
-                       }
-               } else {
-                       $dbres = parent::fetchUserSessionFromDB();
+       protected function isUserAllowedToLogin() {
+               $isUserAllowedToLogin = FALSE;
+               $adminOnlyMode = $GLOBALS['TYPO3_CONF_VARS']['BE']['adminOnly'];
+
+                       // Backend user is allowed if adminOnly is not set or user is an admin:
+               if (!$adminOnlyMode || $this->isAdmin()) {
+                       $isUserAllowedToLogin = TRUE;
+                       // Backend user is allowed if adminOnly is set to 2 (CLI) and a CLI process is running:
+               } elseif ($adminOnlyMode == 2 && defined('TYPO3_cliMode') && TYPO3_cliMode) {
+                       $isUserAllowedToLogin = TRUE;
                }
-               return $dbres;
+
+               return $isUserAllowedToLogin;
        }
 }