[BUGFIX] Fix PHP warning in EXT:beuser
[Packages/TYPO3.CMS.git] / typo3 / index.php
old mode 100755 (executable)
new mode 100644 (file)
index b0cd564..7f0c19c
@@ -2,7 +2,7 @@
 /***************************************************************
 *  Copyright notice
 *
-*  (c) 1999-2008 Kasper Skaarhoj (kasperYYYY@typo3.com)
+*  (c) 1999-2011 Kasper Skårhøj (kasperYYYY@typo3.com)
 *  All rights reserved
 *
 *  This script is part of the TYPO3 project. The TYPO3 project is
 *
 *  This copyright notice MUST APPEAR in all copies of the script!
 ***************************************************************/
+
 /**
  * Login-screen of TYPO3.
  *
- * $Id$
- * Revised for TYPO3 3.6 December/2003 by Kasper Skaarhoj
+ * Revised for TYPO3 3.6 December/2003 by Kasper Skårhøj
  * XHTML compliant
  *
- * @author     Kasper Skaarhoj <kasperYYYY@typo3.com>
- */
-/**
- * [CLASS/FUNCTION INDEX of SCRIPT]
- *
- *
- *
- *   87: class SC_index
- *  120:     function init()
- *  159:     function main()
- *  268:     function printContent()
- *
- *              SECTION: Various functions
- *  292:     function makeLoginForm()
- *  337:     function makeLogoutForm()
- *  379:     function wrapLoginForm($content)
- *  438:     function checkRedirect()
- *  495:     function makeInterfaceSelectorBox()
- *  549:     function makeCopyrightNotice()
- *  582:     function makeLoginBoxImage()
- *  622:     function makeLoginNews()
- *
- * TOTAL FUNCTIONS: 11
- * (This index is automatically created/updated by the extension "extdeveval")
- *
+ * @author Kasper Skårhøj <kasperYYYY@typo3.com>
  */
 
-
 define('TYPO3_PROCEED_IF_NO_USER', 1);
-require ('init.php');
-require ('template.php');
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+require('init.php');
 
 /**
  * Script Class for rendering the login form
  *
- * @author     Kasper Skaarhoj <kasperYYYY@typo3.com>
+ * @author Kasper Skårhøj <kasperYYYY@typo3.com>
  * @package TYPO3
  * @subpackage core
  */
 class SC_index {
 
+       const SIGNAL_RenderLoginForm = 'renderLoginForm';
+
                // Internal, GPvars:
-       var $redirect_url;                      // GPvar: redirect_url; The URL to redirect to after login.
-       var $GPinterface;                       // GPvar: Defines which interface to load (from interface selector)
-       var $u;                                 // GPvar: preset username
-       var $p;                                 // GPvar: preset password
-       var $L;                                 // GPvar: If "L" is "OUT", then any logged in used is logged out. If redirect_url is given, we redirect to it
-       var $loginRefresh;                      // Login-refresh boolean; The backend will call this script with this value set when the login is close to being expired and the form needs to be redrawn.
-       var $commandLI;                         // Value of forms submit button for login.
+               // GPvar: redirect_url; The URL to redirect to after login.
+       var $redirect_url;
+               // GPvar: Defines which interface to load (from interface selector)
+       var $GPinterface;
+               // GPvar: preset username
+       var $u;
+               // GPvar: preset password
+       var $p;
+               // GPvar: If "L" is "OUT", then any logged in used is logged out. If redirect_url is given, we redirect to it
+       var $L;
+               // Login-refresh boolean; The backend will call this script with this value set when the login is close to being expired and the form needs to be redrawn.
+       var $loginRefresh;
+               // Value of forms submit button for login.
+       var $commandLI;
 
                // Internal, static:
-       var $redirectToURL;                     // Set to the redirect URL of the form (may be redirect_url or "backend.php")
-       var $L_vars;                            // Set to the labels used for the login screen.
+               // Set to the redirect URL of the form (may be redirect_url or "backend.php")
+       var $redirectToURL;
 
                // Internal, dynamic:
-       var $content;                           // Content accumulation
-
-       var $interfaceSelector;                 // A selector box for selecting value for "interface" may be rendered into this variable
-       var $interfaceSelector_jump;    // A selector box for selecting value for "interface" may be rendered into this variable - this will have an onchange action which will redirect the user to the selected interface right away
-       var $interfaceSelector_hidden;  // A hidden field, if the interface is not set.
-       var $addFields_hidden = '';             // Additional hidden fields to be placed at the login form
-
-               // sets the level of security. *'normal' = clear-text. 'challenged' = hashed password/username from form in $formfield_uident. 'superchallenged' = hashed password hashed again with username.
+               // Content accumulation
+       var $content;
+               // A selector box for selecting value for "interface" may be rendered into this variable
+       var $interfaceSelector;
+               // A selector box for selecting value for "interface" may be rendered into this variable
+               // this will have an onchange action which will redirect the user to the selected interface right away
+       var $interfaceSelector_jump;
+               // A hidden field, if the interface is not set.
+       var $interfaceSelector_hidden;
+               // Additional hidden fields to be placed at the login form
+       var $addFields_hidden = '';
+
+               // sets the level of security. *'normal' = clear-text. 'challenged' = hashed
+               // password/username from form in $formfield_uident. 'superchallenged' = hashed password hashed again with username.
        var $loginSecurityLevel = 'superchallenged';
 
-
-
+       /**
+        * @var Tx_Extbase_SignalSlot_Dispatcher
+        */
+       protected $signalSlotDispatcher;
 
        /**
         * Initialize the login box. Will also react on a &L=OUT flag and exit.
         *
-        * @return      void
+        * @return void
         */
-       function init() {
-               global $BE_USER,$TYPO3_CONF_VARS;
+       function init() {
+                       // We need a PHP session session for most login levels
+               session_start();
 
-                       // GPvars:
-               $this->redirect_url = t3lib_div::_GP('redirect_url');
+               $this->redirect_url = t3lib_div::sanitizeLocalUrl(t3lib_div::_GP('redirect_url'));
                $this->GPinterface = t3lib_div::_GP('interface');
 
-               if(t3lib_div::getIndpEnv('TYPO3_SSL'))  {       // For security reasons this feature only works if SSL is used
-                       $this->u = t3lib_div::_GP('u');         // preset username
-                       $this->p = t3lib_div::_GP('p');         // preset password
+                       // Grabbing preset username and password, for security reasons this feature only works if SSL is used
+               if (t3lib_div::getIndpEnv('TYPO3_SSL')) {
+                       $this->u = t3lib_div::_GP('u');
+                       $this->p = t3lib_div::_GP('p');
                }
-               $this->L = t3lib_div::_GP('L');                         // If "L" is "OUT", then any logged in used is logged out. If redirect_url is given, we redirect to it
-               $this->loginRefresh = t3lib_div::_GP('loginRefresh');   // Login
-               $this->commandLI = t3lib_div::_GP('commandLI');         // Value of "Login" button. If set, the login button was pressed.
 
-                       // sets the level of security from conf vars
-               if ($TYPO3_CONF_VARS['BE']['loginSecurityLevel']) {
-                       $this->loginSecurityLevel = $TYPO3_CONF_VARS['BE']['loginSecurityLevel'];
+                       // If "L" is "OUT", then any logged in is logged out. If redirect_url is given, we redirect to it
+               $this->L = t3lib_div::_GP('L');
+
+                       // Login
+               $this->loginRefresh = t3lib_div::_GP('loginRefresh');
+
+                       // Value of "Login" button. If set, the login button was pressed.
+               $this->commandLI = t3lib_div::_GP('commandLI');
+
+                       // Sets the level of security from conf vars
+               if ($GLOBALS['TYPO3_CONF_VARS']['BE']['loginSecurityLevel']) {
+                       $this->loginSecurityLevel = $GLOBALS['TYPO3_CONF_VARS']['BE']['loginSecurityLevel'];
                }
 
-                       // Getting login labels:
-               $this->L_vars = explode('|',$TYPO3_CONF_VARS['BE']['loginLabels']);
+                       // Try to get the preferred browser language
+               $preferredBrowserLanguage = $GLOBALS['LANG']->csConvObj->getPreferredClientLanguage(t3lib_div::getIndpEnv('HTTP_ACCEPT_LANGUAGE'));
+                       // If we found a $preferredBrowserLanguage and it is not the default language and no be_user is logged in
+                       // initialize $GLOBALS['LANG'] again with $preferredBrowserLanguage
+               if ($preferredBrowserLanguage != 'default' && !$GLOBALS['BE_USER']->user['uid']) {
+                       $GLOBALS['LANG']->init($preferredBrowserLanguage);
+               }
+               $GLOBALS['LANG']->includeLLFile('EXT:lang/locallang_login.xml');
 
-                       // Setting the redirect URL to "backend.php" if no alternative input is given:
-               $this->redirectToURL = $this->redirect_url ? $this->redirect_url : 'backend.php';
+                       // Setting the redirect URL to "backend.php" if no alternative input is given
+               $this->redirectToURL = ($this->redirect_url ? $this->redirect_url : 'backend.php');
 
-                       // Logout?
-               if ($this->L=='OUT' && is_object($BE_USER))     {
-                       $BE_USER->logoff();
-                       if ($this->redirect_url)        header('Location: '.t3lib_div::locationHeaderUrl($this->redirect_url));
+                       // Do a logout if the command is set
+               if ($this->L == 'OUT' && is_object($GLOBALS['BE_USER'])) {
+                       $GLOBALS['BE_USER']->logoff();
+                       if ($this->redirect_url) {
+                               t3lib_utility_Http::redirect($this->redirect_url);
+                       }
                        exit;
                }
        }
@@ -155,17 +147,19 @@ class SC_index {
        /**
         * Main function - creating the login/logout form
         *
-        * @return      void
+        * @return void
         */
-       function main() {
-               global $TBE_TEMPLATE, $TYPO3_CONF_VARS, $BE_USER;
-
+       function main() {
                        // Initialize template object:
-               $TBE_TEMPLATE->docType='xhtml_trans';
-               $TBE_TEMPLATE->bodyTagAdditions = ' onload="startUp();"';
+               $GLOBALS['TBE_TEMPLATE']->bodyTagAdditions = ' onload="startUp();"';
+               $GLOBALS['TBE_TEMPLATE']->moduleTemplate = $GLOBALS['TBE_TEMPLATE']->getHtmlTemplate('templates/login.html');
+
+               $GLOBALS['TBE_TEMPLATE']->getPageRenderer()->loadExtJS();
+               $GLOBALS['TBE_TEMPLATE']->getPageRenderer()->loadPrototype();
+               $GLOBALS['TBE_TEMPLATE']->getPageRenderer()->loadScriptaculous();
 
                        // Set JavaScript for creating a MD5 hash of the password:
-               $TBE_TEMPLATE->JScode.= $this->getJScode();
+               $GLOBALS['TBE_TEMPLATE']->JScode.= $this->getJScode();
 
                        // Checking, if we should make a redirect.
                        // Might set JavaScript in the header to close window.
@@ -174,15 +168,12 @@ class SC_index {
                        // Initialize interface selectors:
                $this->makeInterfaceSelectorBox();
 
-                       // Replace an optional marker in the "Administration Login" label
-               $this->L_vars[6] = str_replace("###SITENAME###",$TYPO3_CONF_VARS['SYS']['sitename'],$this->L_vars[6]);
-
                        // Creating form based on whether there is a login or not:
-               if (!$BE_USER->user['uid'])     {
-                       $TBE_TEMPLATE->form = $this->startForm();
+               if (!$GLOBALS['BE_USER']->user['uid']) {
+                       $GLOBALS['TBE_TEMPLATE']->form = $this->startForm();
                        $loginForm = $this->makeLoginForm();
                } else {
-                       $TBE_TEMPLATE->form = '
+                       $GLOBALS['TBE_TEMPLATE']->form = '
                                <form action="index.php" method="post" name="loginform">
                                <input type="hidden" name="login_status" value="logout" />
                                ';
@@ -190,41 +181,23 @@ class SC_index {
                }
 
                        // Starting page:
-               $this->content.=$TBE_TEMPLATE->startPage('TYPO3 Login: '.$TYPO3_CONF_VARS['SYS']['sitename']);
+               $this->content .= $GLOBALS['TBE_TEMPLATE']->startPage('TYPO3 Login: ' . $GLOBALS['TYPO3_CONF_VARS']['SYS']['sitename'], FALSE);
 
                        // Add login form:
-               $this->content.=$this->wrapLoginForm($loginForm);
-
-                       // Create a random challenge string
-               $challenge = $this->getChallenge();
+               $this->content .= $this->wrapLoginForm($loginForm);
 
-                       // Save challenge value in session data (thanks to Bernhard Kraft for providing code):
-               session_start();
-               $_SESSION['login_challenge'] = $challenge;
-
-                       // Add hidden fields:
-               $this->content.= $this->getHiddenFields($challenge);
-
-                       // End page:
-               $this->content.=$TBE_TEMPLATE->endPage();
+               $this->content .= $GLOBALS['TBE_TEMPLATE']->endPage();
        }
 
        /**
         * Outputting the accumulated content to screen
         *
-        * @return      void
+        * @return void
         */
-       function printContent() {
+       function printContent() {
                echo $this->content;
        }
 
-
-
-
-
-
-
-
        /*****************************
         *
         * Various functions
@@ -235,260 +208,247 @@ class SC_index {
         * Creates the login form
         * This is drawn when NO login exists.
         *
-        * @return      string          HTML output
+        * @return string HTML output
         */
-       function makeLoginForm()        {
-
-                       // There must be no white-spaces outside of the tags (needed for buggy IE)
-               $content.=                              '<!--
-                                                               Login form:
-                                                       --><table cellspacing="0" cellpadding="0" border="0" id="logintable">
-                                                                       <tr>
-                                                                               <td colspan="2"><h2>'.htmlspecialchars($this->L_vars[6]).'</h2></td>
-                                                                       </tr>'.($this->commandLI ? '
-                                                                       <tr class="c-wrong">
-                                                                               <td colspan="2"><p class="c-wrong">'.htmlspecialchars($this->L_vars[9]).'</p></td>
-                                                                       </tr>' : '').'
-                                                                       <tr class="c-username">
-                                                                               <td><label for="username" class="c-username">'.htmlspecialchars($this->L_vars[0]).':</label></td>
-                                                                               <td><input type="text" id="username" name="username" value="'.htmlspecialchars($this->u).'" class="c-username" /></td>
-                                                                       </tr>
-                                                                       <tr class="c-password">
-                                                                               <td><label for="password" class="c-password">'.htmlspecialchars($this->L_vars[1]).':</label></td>
-                                                                               <td><input type="password" id="password" name="p_field" value="'.htmlspecialchars($this->p).'" class="c-password" /></td>
-                                                                       </tr>'.($this->interfaceSelector && !$this->loginRefresh ? '
-                                                                       <tr class="c-interfaceselector">
-                                                                               <td><label for="interfaceselector" class="c-interfaceselector">'.htmlspecialchars($this->L_vars[2]).':</label></td>
-                                                                               <td>'.$this->interfaceSelector.'</td>
-                                                                       </tr>' : '' ).'
-                                                                       <tr class="c-submit">
-                                                                               <td></td>
-                                                                               <td><input type="submit" name="commandLI" value="'.htmlspecialchars($this->L_vars[3]).'" class="c-submit" /></td>
-                                                                       </tr>
-                                                                       <tr class="c-info">
-                                                                               <td colspan="2"><p class="c-info">'.htmlspecialchars($this->L_vars[7]).'</p></td>
-                                                                       </tr>
-                                                               </table>';
-
-                       // Return content:
-               return $content;
+       function makeLoginForm() {
+               $content = t3lib_parsehtml::getSubpart($GLOBALS['TBE_TEMPLATE']->moduleTemplate, '###LOGIN_FORM###');
+               $markers = array(
+                       'VALUE_USERNAME' => htmlspecialchars($this->u),
+                       'VALUE_PASSWORD' => htmlspecialchars($this->p),
+                       'VALUE_SUBMIT'   => $GLOBALS['LANG']->getLL('labels.submitLogin', TRUE),
+               );
+
+                       // Show an error message if the login command was successful already, otherwise remove the subpart
+               if (!$this->isLoginInProgress()) {
+                       $content = t3lib_parsehtml::substituteSubpart($content, '###LOGIN_ERROR###', '');
+               } else {
+                       $markers['ERROR_MESSAGE'] = $GLOBALS['LANG']->getLL('error.login', TRUE);
+                       $markers['ERROR_LOGIN_TITLE'] = $GLOBALS['LANG']->getLL('error.login.title', TRUE);
+                       $markers['ERROR_LOGIN_DESCRIPTION'] = $GLOBALS['LANG']->getLL('error.login.description', TRUE);
+               }
+
+                       // Remove the interface selector markers if it's not available
+               if (!($this->interfaceSelector && !$this->loginRefresh)) {
+                       $content = t3lib_parsehtml::substituteSubpart($content, '###INTERFACE_SELECTOR###', '');
+               } else {
+                       $markers['LABEL_INTERFACE'] = $GLOBALS['LANG']->getLL('labels.interface', TRUE);
+                       $markers['VALUE_INTERFACE'] = $this->interfaceSelector;
+               }
+
+               return t3lib_parsehtml::substituteMarkerArray($content, $markers, '###|###');
        }
 
        /**
         * Creates the logout form
         * This is drawn if a user login already exists.
         *
-        * @return      string          HTML output
+        * @return string HTML output
         */
-       function makeLogoutForm()       {
-               global $BE_USER;
-
-               $content.= '
-
-                                                       <!--
-                                                               Login form:
-                                                       -->
-                                                       <table cellspacing="0" cellpadding="0" border="0" id="logintable">
-                                                                       <tr>
-                                                                               <td></td>
-                                                                               <td><h2>'.htmlspecialchars($this->L_vars[6]).'</h2></td>
-                                                                       </tr>
-                                                                       <tr class="c-username">
-                                                                               <td><p class="c-username">'.htmlspecialchars($this->L_vars[0]).':</p></td>
-                                                                               <td><p class="c-username-current">'.htmlspecialchars($BE_USER->user['username']).'</p></td>
-                                                                       </tr>'.($this->interfaceSelector_jump ? '
-                                                                       <tr class="c-interfaceselector">
-                                                                               <td><p class="c-interfaceselector">'.htmlspecialchars($this->L_vars[2]).':</p></td>
-                                                                               <td>'.$this->interfaceSelector_jump.'</td>
-                                                                       </tr>' : '' ).'
-                                                                       <tr class="c-submit">
-                                                                               <td><input type="hidden" name="p_field" value="" /></td>
-                                                                               <td><input type="submit" name="commandLO" value="'.htmlspecialchars($this->L_vars[4]).'" class="c-submit" /></td>
-                                                                       </tr>
-                                                                       <tr class="c-info">
-                                                                               <td></td>
-                                                                               <td><p class="c-info">'.htmlspecialchars($this->L_vars[7]).'</p></td>
-                                                                       </tr>
-                                                               </table>';
-
-                       // Return content:
-               return $content;
+       function makeLogoutForm() {
+               $content = t3lib_parsehtml::getSubpart($GLOBALS['TBE_TEMPLATE']->moduleTemplate, '###LOGOUT_FORM###');
+               $markers = array(
+                       'LABEL_USERNAME' => $GLOBALS['LANG']->getLL('labels.username', TRUE),
+                       'VALUE_USERNAME' => htmlspecialchars($GLOBALS['BE_USER']->user['username']),
+                       'VALUE_SUBMIT'   => $GLOBALS['LANG']->getLL('labels.submitLogout', TRUE),
+               );
+
+                       // Remove the interface selector markers if it's not available
+               if (!$this->interfaceSelector_jump) {
+                       $content = t3lib_parsehtml::substituteSubpart($content, '###INTERFACE_SELECTOR###', '');
+               } else {
+                       $markers['LABEL_INTERFACE'] = $GLOBALS['LANG']->getLL('labels.interface', TRUE);
+                       $markers['VALUE_INTERFACE'] = $this->interfaceSelector_jump;
+               }
+
+               return t3lib_parsehtml::substituteMarkerArray($content, $markers, '###|###');
        }
 
        /**
         * Wrapping the login form table in another set of tables etc:
         *
-        * @param       string          HTML content for the login form
-        * @return      string          The HTML for the page.
+        * @param string $content HTML content for the login form
+        * @return string The HTML for the page.
         */
-       function wrapLoginForm($content)        {
-
-                       // Logo:
-               $logo = $GLOBALS['TBE_STYLES']['logo_login'] ?
-                                       '<img src="'.htmlspecialchars($GLOBALS['BACK_PATH'].$GLOBALS['TBE_STYLES']['logo_login']).'" alt="" />' :
-                                       '<img'.t3lib_iconWorks::skinImg($GLOBALS['BACK_PATH'],'gfx/typo3logo.gif','width="123" height="34"').' alt="" />';
-
-                       // Login box image:
-               $loginboxImage = $this->makeLoginBoxImage();
-
-                       // Compile the page content:
-               $content='
-
-               <!--
-                       Wrapper table for the login form:
-               -->
-               <table cellspacing="0" cellpadding="0" border="0" id="wrapper">
-                       <tr>
-                               <td class="c-wrappercell" align="center">
-
-                                       <!--
-                                               Login form image:
-                                       -->
-                                       <div id="loginimage">
-                                                                                       '.$logo.'
-                                       </div>
-
-                                       <!--
-                                               Login form wrapper:
-                                       -->
-                                       <table cellspacing="0" cellpadding="0" border="0" id="loginwrapper">
-                                               <tr>
-                                                       <td'.($this->commandLI ? ' class="error"' : '').'>'.$loginboxImage.
-                                                               $content.'
-                                                       </td>
-                                               </tr>
-                                       </table>
-
-                                       '.$this->makeLoginNews().'
-                                       <!--
-                                               Copyright notice:
-                                       -->
-                                       <div id="copyrightnotice">
-                                               '.$this->makeCopyrightNotice().'
-                                       </div>
-
-
-                               </td>
-                       </tr>
-               </table>';
-
-                       // Return content:
-               return $content;
+       function wrapLoginForm($content) {
+               $mainContent = t3lib_parsehtml::getSubpart($GLOBALS['TBE_TEMPLATE']->moduleTemplate, '###PAGE###');
+
+               if ($GLOBALS['TBE_STYLES']['logo_login']) {
+                       $logo = '<img src="'.htmlspecialchars($GLOBALS['BACK_PATH'] . $GLOBALS['TBE_STYLES']['logo_login']) . '" alt="" />';
+               } else {
+                       $logo = '<img'.t3lib_iconWorks::skinImg($GLOBALS['BACK_PATH'], 'gfx/typo3logo.gif', 'width="123" height="34"').' alt="" />';
+               }
+
+               /** @var $browserWarning t3lib_FlashMessage */
+               $browserWarning = t3lib_div::makeInstance(
+                       't3lib_FlashMessage',
+                               // TODO: refactor if other old browsers are not supported anymore
+                       $GLOBALS['LANG']->getLL('warning.incompatibleBrowser') . ' ' . $GLOBALS['LANG']->getLL('warning.incompatibleBrowserInternetExplorer'),
+                       $GLOBALS['LANG']->getLL('warning.incompatibleBrowserHeadline'),
+                       t3lib_FlashMessage::ERROR
+               );
+               $browserWarning = $browserWarning->render();
+
+               $additionalCssClasses = array();
+               if ($this->isLoginInProgress()) {
+                       $additionalCssClasses[] = 'error';
+               }
+               if ($this->loginRefresh) {
+                       $additionalCssClasses[] = 'refresh';
+               }
+
+               $markers = array(
+                       'LOGO'             => $logo,
+                       'LOGINBOX_IMAGE'   => $this->makeLoginBoxImage(),
+                       'FORM'             => $content,
+                       'NEWS'             => $this->makeLoginNews(),
+                       'COPYRIGHT'        => $this->makeCopyrightNotice(),
+                       'CSS_CLASSES'      => !empty($additionalCssClasses) ? 'class="' . implode(' ', $additionalCssClasses) . '"' : '',
+                       'CSS_OPENIDCLASS'  => 't3-login-openid-' . (t3lib_extMgm::isLoaded('openid') ? 'enabled' : 'disabled'),
+
+                               // The labels will be replaced later on, thus the other parts above
+                               // can use these markers as well and it will be replaced
+                       'HEADLINE'         => $GLOBALS['LANG']->getLL('headline', TRUE),
+                       'INFO_ABOUT'       => $GLOBALS['LANG']->getLL('info.about', TRUE),
+                       'INFO_RELOAD'      => $GLOBALS['LANG']->getLL('info.reset', TRUE),
+                       'INFO'             => $GLOBALS['LANG']->getLL('info.cookies_and_js', TRUE),
+                       'WARNING_BROWSER_INCOMPATIBLE'  => $browserWarning,
+                       'ERROR_JAVASCRIPT' => $GLOBALS['LANG']->getLL('error.javascript', TRUE),
+                       'ERROR_COOKIES'    => $GLOBALS['LANG']->getLL('error.cookies', TRUE),
+                       'ERROR_COOKIES_IGNORE' => $GLOBALS['LANG']->getLL('error.cookies_ignore', TRUE),
+                       'ERROR_CAPSLOCK'   => $GLOBALS['LANG']->getLL('error.capslock', TRUE),
+                       'ERROR_FURTHERHELP' => $GLOBALS['LANG']->getLL('error.furtherInformation', TRUE),
+                       'LABEL_DONATELINK' => $GLOBALS['LANG']->getLL('labels.donate', TRUE),
+                       'LABEL_USERNAME'   => $GLOBALS['LANG']->getLL('labels.username', TRUE),
+                       'LABEL_OPENID'     => $GLOBALS['LANG']->getLL('labels.openId', TRUE),
+                       'LABEL_PASSWORD'   => $GLOBALS['LANG']->getLL('labels.password', TRUE),
+                       'LABEL_WHATISOPENID' => $GLOBALS['LANG']->getLL('labels.whatIsOpenId', TRUE),
+                       'LABEL_SWITCHOPENID' => $GLOBALS['LANG']->getLL('labels.switchToOpenId', TRUE),
+                       'LABEL_SWITCHDEFAULT' => $GLOBALS['LANG']->getLL('labels.switchToDefault', TRUE),
+                       'CLEAR'            => $GLOBALS['LANG']->getLL('clear', TRUE),
+                       'LOGIN_PROCESS'    => $GLOBALS['LANG']->getLL('login_process', TRUE),
+                       'SITELINK'         => '<a href="/">###SITENAME###</a>',
+
+                               // Global variables will now be replaced (at last)
+                       'SITENAME'         => htmlspecialchars($GLOBALS['TYPO3_CONF_VARS']['SYS']['sitename'])
+               );
+               $this->emitRenderLoginFormSignal($markers);
+               return t3lib_parsehtml::substituteMarkerArray($mainContent, $markers, '###|###');
        }
 
        /**
         * Checking, if we should perform some sort of redirection OR closing of windows.
         *
-        * @return      void
+        * @return void
         */
-       function checkRedirect()        {
-               global $BE_USER,$TBE_TEMPLATE;
-
+       function checkRedirect() {
                        // Do redirect:
-                       // If a user is logged in AND a) if either the login is just done (commandLI) or b) a loginRefresh is done or c) the interface-selector is NOT enabled (If it is on the other hand, it should not just load an interface, because people has to choose then...)
-               if ($BE_USER->user['uid'] && ($this->commandLI || $this->loginRefresh || !$this->interfaceSelector))    {
+                       // If a user is logged in AND a) if either the login is just done (isLoginInProgress) or b) a loginRefresh is done or c) the interface-selector is NOT enabled (If it is on the other hand, it should not just load an interface, because people has to choose then...)
+               if ($GLOBALS['BE_USER']->user['uid'] && ($this->isLoginInProgress() || $this->loginRefresh || !$this->interfaceSelector)) {
 
                                // If no cookie has been set previously we tell people that this is a problem. This assumes that a cookie-setting script (like this one) has been hit at least once prior to this instance.
-                       if (!$_COOKIE[$BE_USER->name])  {
-                               if ($this->commandLI=='setCookie') {
+                       if (!$_COOKIE[t3lib_beUserAuth::getCookieName()]) {
+                               if ($this->commandLI == 'setCookie') {
                                                // we tried it a second time but still no cookie
                                                // 26/4 2005: This does not work anymore, because the saving of challenge values in $_SESSION means the system will act as if the password was wrong.
-                                       t3lib_BEfunc::typo3PrintError ('Login-error',"Yeah, that's a classic. No cookies, no TYPO3.<br /><br />Please accept cookies from TYPO3 - otherwise you'll not be able to use the system.",0);
-                                       exit;
+                                       throw new RuntimeException('Login-error: Yeah, that\'s a classic. No cookies, no TYPO3.<br /><br />Please accept cookies from TYPO3 - otherwise you\'ll not be able to use the system.', 1294586846);
                                } else {
                                                // try it once again - that might be needed for auto login
                                        $this->redirectToURL = 'index.php?commandLI=setCookie';
                                }
                        }
 
-                       if ($redirectToURL = (string)$BE_USER->getTSConfigVal('auth.BE.redirectToURL')) {
+                       if (($redirectToURL = (string)$GLOBALS['BE_USER']->getTSConfigVal('auth.BE.redirectToURL'))) {
                                $this->redirectToURL = $redirectToURL;
                                $this->GPinterface = '';
-                       }
+                       }
 
                                // store interface
-                       $BE_USER->uc['interfaceSetup'] = $this->GPinterface;
-                       $BE_USER->writeUC();
+                       $GLOBALS['BE_USER']->uc['interfaceSetup'] = $this->GPinterface;
+                       $GLOBALS['BE_USER']->writeUC();
 
                                // Based on specific setting of interface we set the redirect script:
-                       switch ($this->GPinterface)     {
+                       switch ($this->GPinterface) {
                                case 'backend':
-                                       $this->redirectToURL = 'backend.php';
-                               break;
                                case 'backend_old':
-                                       $this->redirectToURL = 'alt_main.php';
+                                       $this->redirectToURL = 'backend.php';
                                break;
                                case 'frontend':
                                        $this->redirectToURL = '../';
                                break;
                        }
 
+                       /** @var $formProtection t3lib_formprotection_BackendFormProtection */
+                       $formProtection = t3lib_formprotection_Factory::get();
                                // If there is a redirect URL AND if loginRefresh is not set...
-                       if (!$this->loginRefresh)       {
-                               header('Location: '.t3lib_div::locationHeaderUrl($this->redirectToURL));
-                               exit;
+                       if (!$this->loginRefresh) {
+                               $formProtection->storeSessionTokenInRegistry();
+                               t3lib_utility_Http::redirect($this->redirectToURL);
                        } else {
-                               $TBE_TEMPLATE->JScode.=$TBE_TEMPLATE->wrapScriptTags('
-                                       if (parent.opener && parent.opener.busy)        {
-                                               parent.opener.busy.loginRefreshed();
+                               $formProtection->setSessionTokenFromRegistry();
+                               $formProtection->persistSessionToken();
+                               $GLOBALS['TBE_TEMPLATE']->JScode.=$GLOBALS['TBE_TEMPLATE']->wrapScriptTags('
+                                       if (parent.opener && (parent.opener.busy || parent.opener.TYPO3.loginRefresh)) {
+                                               if (parent.opener.TYPO3.loginRefresh) {
+                                                       parent.opener.TYPO3.loginRefresh.startTimer();
+                                               } else {
+                                                       parent.opener.busy.loginRefreshed();
+                                               }
                                                parent.close();
                                        }
                                ');
                        }
-
-               } elseif (!$BE_USER->user['uid'] && $this->commandLI) {
-                       sleep(5);       // Wrong password, wait for 5 seconds
+               } elseif (!$GLOBALS['BE_USER']->user['uid'] && $this->isLoginInProgress()) {
+                               // Wrong password, wait for 5 seconds
+                       sleep(5);
                }
        }
 
        /**
         * Making interface selector:
         *
-        * @return      void
+        * @return void
         */
-       function makeInterfaceSelectorBox()     {
-               global $TYPO3_CONF_VARS;
-
+       function makeInterfaceSelectorBox() {
                        // Reset variables:
                $this->interfaceSelector = '';
                $this->interfaceSelector_hidden='';
                $this->interfaceSelector_jump = '';
 
                        // If interfaces are defined AND no input redirect URL in GET vars:
-               if ($TYPO3_CONF_VARS['BE']['interfaces'] && ($this->commandLI || !$this->redirect_url)) {
-                       $parts = t3lib_div::trimExplode(',',$TYPO3_CONF_VARS['BE']['interfaces']);
-                       if (count($parts)>1)    {       // Only if more than one interface is defined will we show the selector:
+               if ($GLOBALS['TYPO3_CONF_VARS']['BE']['interfaces'] && ($this->isLoginInProgress() || !$this->redirect_url)) {
+                       $parts = t3lib_div::trimExplode(',', $GLOBALS['TYPO3_CONF_VARS']['BE']['interfaces']);
+                               // Only if more than one interface is defined will we show the selector:
+                       if (count($parts) > 1) {
 
                                        // Initialize:
-                               $tempLabels=explode(',', $this->L_vars[5]);
-                               $labels=array();
+                               $labels = array();
 
-                               $labels['backend']     = $tempLabels[0];
-                               $labels['backend_old'] = $tempLabels[2];
-                               $labels['frontend']    = $tempLabels[1];
+                               $labels['backend']     = $GLOBALS['LANG']->getLL('interface.backend');
+                               $labels['backend_old'] = $GLOBALS['LANG']->getLL('interface.backend_old');
+                               $labels['frontend']    = $GLOBALS['LANG']->getLL('interface.frontend');
 
-                               $jumpScript=array();
+                               $jumpScript = array();
                                $jumpScript['backend']     = 'backend.php';
-                               $jumpScript['backend_old'] = 'alt_main.php';
+                               $jumpScript['backend_old'] = 'backend.php';
                                $jumpScript['frontend']    = '../';
 
                                        // Traverse the interface keys:
-                               foreach($parts as $valueStr)    {
+                               foreach ($parts as $valueStr) {
                                        $this->interfaceSelector.='
                                                        <option value="'.htmlspecialchars($valueStr).'"'.(t3lib_div::_GP('interface')==htmlspecialchars($valueStr) ? ' selected="selected"' : '').'>'.htmlspecialchars($labels[$valueStr]).'</option>';
                                        $this->interfaceSelector_jump.='
                                                        <option value="'.htmlspecialchars($jumpScript[$valueStr]).'">'.htmlspecialchars($labels[$valueStr]).'</option>';
                                }
                                $this->interfaceSelector='
-                                               <select id="interfaceselector" name="interface" class="c-interfaceselector">'.$this->interfaceSelector.'
+                                               <select id="t3-interfaceselector" name="interface" class="c-interfaceselector" tabindex="3">'.$this->interfaceSelector.'
                                                </select>';
                                $this->interfaceSelector_jump='
-                                               <select id="interfaceselector" name="interface" class="c-interfaceselector" onchange="window.location.href=this.options[this.selectedIndex].value;">'.$this->interfaceSelector_jump.'
+                                               <select id="t3-interfaceselector" name="interface" class="c-interfaceselector" tabindex="3" onchange="window.location.href=this.options[this.selectedIndex].value;">'.$this->interfaceSelector_jump.'
                                                </select>';
 
-                       } else {        // If there is only ONE interface value set:
-
-                               $this->interfaceSelector_hidden='<input type="hidden" name="interface" value="'.trim($TYPO3_CONF_VARS['BE']['interfaces']).'" />';
+                       } elseif (!$this->redirect_url) {
+                                       // If there is only ONE interface value set and no redirect_url is present:
+                               $this->interfaceSelector_hidden='<input type="hidden" name="interface" value="'.trim($GLOBALS['TYPO3_CONF_VARS']['BE']['interfaces']).'" />';
                        }
                }
        }
@@ -501,9 +461,9 @@ class SC_index {
         * According to the GPL license an interactive application must show such a notice on start-up ('If the program is interactive, make it output a short notice... ' - see GPL.txt)
         * Therefore preventing this notice from being properly shown is a violation of the license, regardless of whether you remove it or use a stylesheet to obstruct the display.
         *
-        * @return      string          Text/Image (HTML) for copyright notice.
+        * @return string Text/Image (HTML) for copyright notice.
         */
-       function makeCopyrightNotice()  {
+       function makeCopyrightNotice() {
 
                        // Get values from TYPO3_CONF_VARS:
                $loginCopyrightWarrantyProvider = strip_tags(trim($GLOBALS['TYPO3_CONF_VARS']['SYS']['loginCopyrightWarrantyProvider']));
@@ -511,22 +471,22 @@ class SC_index {
                $loginImageSmall = (trim($GLOBALS['TBE_STYLES']['loginBoxImageSmall'])) ? trim($GLOBALS['TBE_STYLES']['loginBoxImageSmall']) : 'gfx/loginlogo_transp.gif';
 
                        // Make warranty note:
-               if (strlen($loginCopyrightWarrantyProvider)>=2 && strlen($loginCopyrightWarrantyURL)>=10)       {
-                       $warrantyNote='Warranty is supplied by '.htmlspecialchars($loginCopyrightWarrantyProvider).'; <a href="'.htmlspecialchars($loginCopyrightWarrantyURL).'" target="_blank">click for details.</a>';
+               if (strlen($loginCopyrightWarrantyProvider)>=2 && strlen($loginCopyrightWarrantyURL)>=10) {
+                       $warrantyNote = sprintf($GLOBALS['LANG']->getLL('warranty.by'), htmlspecialchars($loginCopyrightWarrantyProvider), '<a href="' . htmlspecialchars($loginCopyrightWarrantyURL) . '" target="_blank">', '</a>');
                } else {
-                       $warrantyNote='TYPO3 comes with ABSOLUTELY NO WARRANTY; <a href="http://typo3.com/1316.0.html" target="_blank">click for details.</a>';
+                       $warrantyNote = sprintf($GLOBALS['LANG']->getLL('no.warranty'), '<a href="' . TYPO3_URL_LICENSE . '" target="_blank">', '</a>');
                }
 
                        // Compile full copyright notice:
-               $copyrightNotice = '<a href="http://typo3.com/" target="_blank">'.
-                                       '<img src="'.$loginImageSmall.'" alt="TYPO3 logo" align="left" />'.
-                                       'TYPO3 CMS'.($GLOBALS['TYPO3_CONF_VARS']['SYS']['loginCopyrightShowVersion']?' ver. '.htmlspecialchars($GLOBALS['TYPO_VERSION']):'').
-                                       '</a>. '.
-                                       'Copyright &copy; '.TYPO3_copyright_year.' Kasper Sk&#229;rh&#248;j. Extensions are copyright of their respective owners. '.
-                                       'Go to <a href="http://typo3.com/" target="_blank">http://typo3.com/</a> for details. '.
-                                       $warrantyNote.' '.
-                                       'This is free software, and you are welcome to redistribute it under certain conditions; <a href="http://typo3.com/1316.0.html" target="_blank">click for details</a>. '.
-                                       'Obstructing the appearance of this notice is prohibited by law.';
+               $copyrightNotice = '<a href="' . TYPO3_URL_GENERAL . '" target="_blank">' .
+                                       '<img src="' . $loginImageSmall . '" alt="' . $GLOBALS['LANG']->getLL('typo3.logo') . '" align="left" />' .
+                                       $GLOBALS['LANG']->getLL('typo3.cms') . ($GLOBALS['TYPO3_CONF_VARS']['SYS']['loginCopyrightShowVersion']?' ' . $GLOBALS['LANG']->getLL('version.short') . ' ' . htmlspecialchars(TYPO3_version):'') .
+                                       '</a>. ' .
+                                       $GLOBALS['LANG']->getLL('copyright') . ' &copy; ' . TYPO3_copyright_year . ' Kasper Sk&#229;rh&#248;j. ' . $GLOBALS['LANG']->getLL('extension.copyright') . ' ' .
+                                       sprintf($GLOBALS['LANG']->getLL('details.link'), '<a href="' . TYPO3_URL_GENERAL . '" target="_blank">' . TYPO3_URL_GENERAL . '</a>') . '<br /> ' .
+                                       $warrantyNote . ' ' .
+                                       sprintf($GLOBALS['LANG']->getLL('free.software'), '<a href="' . TYPO3_URL_LICENSE . '" target="_blank">', '</a> ') .
+                                       $GLOBALS['LANG']->getLL('keep.notice');
 
                        // Return notice:
                return $copyrightNotice;
@@ -535,44 +495,47 @@ class SC_index {
        /**
         * Returns the login box image, whether the default or an image from the rotation folder.
         *
-        * @return      string          HTML image tag.
+        * @return string HTML image tag.
         */
-       function makeLoginBoxImage()    {
+       function makeLoginBoxImage() {
                $loginboxImage = '';
-               if ($GLOBALS['TBE_STYLES']['loginBoxImage_rotationFolder'])     {               // Look for rotation image folder:
+                       // Look for rotation image folder:
+               if ($GLOBALS['TBE_STYLES']['loginBoxImage_rotationFolder'])     {
                        $absPath = t3lib_div::resolveBackPath(PATH_typo3.$GLOBALS['TBE_STYLES']['loginBoxImage_rotationFolder']);
 
                                // Get rotation folder:
                        $dir = t3lib_div::getFileAbsFileName($absPath);
-                       if ($dir && @is_dir($dir))      {
+                       if ($dir && @is_dir($dir)) {
 
                                        // Get files for rotation into array:
-                               $files = t3lib_div::getFilesInDir($dir,'png,jpg,gif');
+                               $files = t3lib_div::getFilesInDir($dir, 'png,jpg,gif');
 
                                        // Pick random file:
-                               srand((float) microtime() * 10000000);
                                $randImg = array_rand($files, 1);
 
                                        // Get size of random file:
                                $imgSize = @getimagesize($dir.$files[$randImg]);
 
-                               $imgAuthor = is_array($GLOBALS['TBE_STYLES']['loginBoxImage_author'])&&$GLOBALS['TBE_STYLES']['loginBoxImage_author'][$files[$randImg]] ? htmlspecialchars($GLOBALS['TBE_STYLES']['loginBoxImage_author'][$files[$randImg]]) : '';
+                               $imgAuthor = is_array($GLOBALS['TBE_STYLES']['loginBoxImage_author']) && $GLOBALS['TBE_STYLES']['loginBoxImage_author'][$files[$randImg]] ? htmlspecialchars($GLOBALS['TBE_STYLES']['loginBoxImage_author'][$files[$randImg]]) : '';
 
                                        // Create image tag:
-                               if (is_array($imgSize)) {
-                                       $loginboxImage = '<img src="'.htmlspecialchars($GLOBALS['TBE_STYLES']['loginBoxImage_rotationFolder'].$files[$randImg]).'" '.$imgSize[3].' id="loginbox-image" alt="'.$imgAuthor.'" title="'.$imgAuthor.'" />';
+                               if (is_array($imgSize)) {
+                                       $loginboxImage = '<img src="' . htmlspecialchars($GLOBALS['TBE_STYLES']['loginBoxImage_rotationFolder'] .
+                                               $files[$randImg]) . '" ' . $imgSize[3] . ' id="loginbox-image" alt="' . $imgAuthor . '" title="' .
+                                               $imgAuthor . '" />';
                                }
                        }
                } else {        // If no rotation folder configured, print default image:
-
-                       if (strstr(TYPO3_version,'-dev'))       {       // development version
+                               // Development version
+                       if (strstr(TYPO3_version, '-dev')) {
                                $loginImage = 'loginbox_image_dev.png';
-                               $imagecopy = 'You are running a development version of TYPO3 '.TYPO3_branch;
+                               $imagecopy = 'You are running a development version of TYPO3 ' . TYPO3_branch;
                        } else {
                                $loginImage = 'loginbox_image.jpg';
                                $imagecopy = 'Photo by J.C. Franca (www.digitalphoto.com.br)';
                        }
-                       $loginboxImage = '<img'.t3lib_iconWorks::skinImg($GLOBALS['BACK_PATH'],'gfx/'.$loginImage,'width="200" height="133"').' id="loginbox-image" alt="'.$imagecopy.'" title="'.$imagecopy.'" />';
+                       $loginboxImage = '<img' . t3lib_iconWorks::skinImg($GLOBALS['BACK_PATH'], 'gfx/' . $loginImage, 'width="200" height="133"') .
+                               ' id="loginbox-image" alt="' . $imagecopy . '" title="' . $imagecopy . '" />';
                }
 
                        // Return image tag:
@@ -580,165 +543,268 @@ class SC_index {
        }
 
        /**
-        * Make login news - renders the HTML content for a list of news shown under the login form. News data is added through $TYPO3_CONF_VARS
+        * Make login news - renders the HTML content for a list of news shown under
+        * the login form. News data is added through $GLOBALS['TYPO3_CONF_VARS']
         *
-        * @return      string          HTML content
-        * @credits                     Idea by Jan-Hendrik Heuing
+        * @return string HTML content
+        * @credits Idea by Jan-Hendrik Heuing
         */
-       function makeLoginNews()        {
+       function makeLoginNews() {
+               $newsContent = '';
 
-                       // Reset output variable:
-               $newsContent= '';
+               $systemNews = $this->getSystemNews();
 
                        // Traverse news array IF there are records in it:
-               if (is_array($GLOBALS['TYPO3_CONF_VARS']['BE']['loginNews']) && count($GLOBALS['TYPO3_CONF_VARS']['BE']['loginNews']))  {
-                       foreach($GLOBALS['TYPO3_CONF_VARS']['BE']['loginNews'] as $newsItem)    {
-                               $newsContent .= '<dt>'.htmlspecialchars($newsItem['header']).' <span>'.htmlspecialchars($newsItem['date']).'</span></dt>';
-                               $newsContent .= '<dd>'.trim($newsItem['content']).'</dd>';
+               if (is_array($systemNews) && count($systemNews) && !t3lib_div::_GP('loginRefresh')) {
+                       /** @var $htmlParser t3lib_parsehtml_proc */
+                       $htmlParser = t3lib_div::makeInstance('t3lib_parsehtml_proc');
+                               // Get the main news template, and replace the subpart after looped through
+                       $newsContent      = t3lib_parsehtml::getSubpart($GLOBALS['TBE_TEMPLATE']->moduleTemplate, '###LOGIN_NEWS###');
+                       $newsItemTemplate = t3lib_parsehtml::getSubpart($newsContent, '###NEWS_ITEM###');
+
+                       $newsItem = '';
+                       $count = 1;
+                       foreach ($systemNews as $newsItemData) {
+                               $additionalClass = '';
+                               if ($count == 1) {
+                                       $additionalClass = ' first-item';
+                               } elseif($count == count($systemNews)) {
+                                       $additionalClass = ' last-item';
+                               }
+
+                               $newsItemContent = $htmlParser->TS_transform_rte($htmlParser->TS_links_rte($newsItemData['content']));
+                               $newsItemMarker = array(
+                                       '###HEADER###'  => htmlspecialchars($newsItemData['header']),
+                                       '###DATE###'    => htmlspecialchars($newsItemData['date']),
+                                       '###CONTENT###' => $newsItemContent,
+                                       '###CLASS###'   => $additionalClass
+                               );
+
+                               $count++;
+                               $newsItem .= t3lib_parsehtml::substituteMarkerArray($newsItemTemplate, $newsItemMarker);
                        }
 
-                       $title = $GLOBALS['TYPO3_CONF_VARS']['BE']['loginNewsTitle'] ? htmlspecialchars($GLOBALS['TYPO3_CONF_VARS']['BE']['loginNewsTitle']) : htmlspecialchars($this->L_vars[8]);
-                               // Wrap
-                       $newsContent = '
-
-                                       <!--
-                                               Login screen news:
-                                       -->
-                                       <h2 id="loginNewsTitle">'.$title.'</h2>
-                                       <dl id="loginNews">
-                                               '.$newsContent.'
-                                       </dl>
-                       ';
+                       $title = ($GLOBALS['TYPO3_CONF_VARS']['BE']['loginNewsTitle'] ? $GLOBALS['TYPO3_CONF_VARS']['BE']['loginNewsTitle'] : $GLOBALS['LANG']->getLL('newsheadline'));
+
+                       $newsContent = t3lib_parsehtml::substituteMarker($newsContent, '###NEWS_HEADLINE###', htmlspecialchars($title));
+                       $newsContent = t3lib_parsehtml::substituteSubpart($newsContent, '###NEWS_ITEM###', $newsItem);
                }
 
-                       // Return content:
                return $newsContent;
        }
 
        /**
-        * Returns the form tag
+        * Gets news from sys_news and converts them into a format suitable for
+        * showing them at the login screen.
         *
-        * @return      string          Opening form tag string
+        * @return array An array of login news.
         */
-       function startForm()    {
-               $output = '';
-
-               if ($this->loginSecurityLevel == 'challenged') {
-                       $output.= '
-                               <form action="index.php" method="post" name="loginform" onsubmit="doChallengeResponse(0);">
-                               ';
-               } elseif ($this->loginSecurityLevel == 'normal') {
-                       $output.= '
-                               <form action="index.php" method="post" name="loginform" onsubmit="document.loginform.userident.value=document.loginform.p_field.value;document.loginform.p_field.value=\'\';return true;">
-                               ';
-               } else { // if ($this->loginSecurityLevel == 'superchallenged') {
-                       $output.= '
-                               <form action="index.php" method="post" name="loginform" onsubmit="doChallengeResponse(1);">
-                               ';
+       protected function getSystemNews() {
+               $systemNewsTable = 'sys_news';
+               $systemNews      = array();
+
+               $systemNewsRecords = $GLOBALS['TYPO3_DB']->exec_SELECTgetRows(
+                       'title, content, crdate',
+                       $systemNewsTable,
+                       '1=1' .
+                               t3lib_BEfunc::BEenableFields($systemNewsTable) .
+                               t3lib_BEfunc::deleteClause($systemNewsTable),
+                       '',
+                       'crdate DESC'
+               );
+
+               foreach ($systemNewsRecords as $systemNewsRecord) {
+                       $systemNews[] = array(
+                               'date'    => date(
+                                       $GLOBALS['TYPO3_CONF_VARS']['SYS']['ddmmyy'],
+                                       $systemNewsRecord['crdate']
+                               ),
+                               'header'  => $systemNewsRecord['title'],
+                               'content' => $systemNewsRecord['content']
+                       );
                }
 
-               $output.= '
-                                       <input type="hidden" name="login_status" value="login" />
-                               ';
-
-               return $output;
+               return $systemNews;
        }
 
        /**
-        * Output some hidden fields at the end of the login form
+        * Returns the form tag
         *
-        * @param       string          The challenge string to be included in the output
-        * @return      string          HTML output
+        * @return string Opening form tag string
         */
-       function getHiddenFields($challenge)    {
-               $output = '
-                       <input type="hidden" name="userident" value="" />
-                       <input type="hidden" name="challenge" value="'.$challenge.'" />
-                       <input type="hidden" name="redirect_url" value="'.htmlspecialchars($this->redirectToURL).'" />
-                       <input type="hidden" name="loginRefresh" value="'.htmlspecialchars($this->loginRefresh).'" />
-                       '.$this->interfaceSelector_hidden.'
-                       '.$this->addFields_hidden.'
-                       ';
+       function startForm() {
+               $output = '';
+
+                       // The form defaults to 'no login'. This prevents plain
+                       // text logins to the Backend. The 'sv' extension changes the form to
+                       // use superchallenged method and rsaauth extension makes rsa authetication.
+               $form = '<form action="index.php" method="post" name="loginform" ' .
+                               'onsubmit="alert(\'No authentication methods available. Please, ' .
+                               'contact your TYPO3 administrator.\');return false">';
+
+                       // Call hooks. If they do not return anything, we fail to login
+               if (is_array($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['typo3/index.php']['loginFormHook'])) {
+                       foreach ($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['typo3/index.php']['loginFormHook'] as $function) {
+                               $params = array();
+                               $formCode = t3lib_div::callUserFunction($function, $params, $this);
+                               if ($formCode) {
+                                       $form = $formCode;
+                                       break;
+                               }
+                       }
+               }
+
+               $output .= $form .
+                       '<input type="hidden" name="login_status" value="login" />' .
+                       '<input type="hidden" name="userident" value="" />' .
+                       '<input type="hidden" name="redirect_url" value="' . htmlspecialchars($this->redirectToURL) . '" />' .
+                       '<input type="hidden" name="loginRefresh" value="' . htmlspecialchars($this->loginRefresh) . '" />' .
+                       $this->interfaceSelector_hidden . $this->addFields_hidden;
 
                return $output;
        }
 
        /**
-        * Set JavaScript for creating a MD5 hash of the password
+        * Creates JavaScript for the login form
         *
-        * @return      string          JavaScript code
+        * @return string JavaScript code
         */
-       function getJScode()    {
-               global $TBE_TEMPLATE;
-
-               $JScode = '
-                       <script type="text/javascript" src="md5.js"></script>
-                       '.$TBE_TEMPLATE->wrapScriptTags('
-                               function doChallengeResponse(superchallenged) { //
-                                       password = document.loginform.p_field.value;
-                                       if (password)   {
-                                               if (superchallenged)    {
-                                                       password = MD5(password);       // this makes it superchallenged!!
-                                               }
-                                               str = document.loginform.username.value+":"+password+":"+document.loginform.challenge.value;
-                                               document.loginform.userident.value = MD5(str);
-                                               document.loginform.p_field.value = "";
-                                               return true;
-                                       }
+       function getJScode() {
+               $JSCode = '';
+               if (is_array($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['typo3/index.php']['loginScriptHook'])) {
+                       foreach ($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['typo3/index.php']['loginScriptHook'] as $function) {
+                               $params = array();
+                               $JSCode = t3lib_div::callUserFunction($function, $params, $this);
+                               if ($JSCode) {
+                                       break;
                                }
-
-                               function startUp() {
-                                               // If the login screen is shown in the login_frameset window for re-login, then try to get the username of the current/former login from opening windows main frame:
-                                       if (parent.opener && parent.opener.TS && parent.opener.TS.username && document.loginform && document.loginform.username)        {
+                       }
+               }
+               $JSCode .= $GLOBALS['TBE_TEMPLATE']->wrapScriptTags('
+                       function startUp() {
+                                       // If the login screen is shown in the login_frameset window for re-login, then try to get the username of the current/former login from opening windows main frame:
+                               try {
+                                       if (parent.opener && parent.opener.TS && parent.opener.TS.username && document.loginform && document.loginform.username) {
                                                document.loginform.username.value = parent.opener.TS.username;
                                        }
+                               }
+                               catch(error) {
+                                       //continue
+                               }
+
+                                       // Wait a few millisecons before calling checkFocus(). This might be necessary because some browsers need some time to auto-fill in the form fields
+                               window.setTimeout("checkFocus()", 50);
+                       }
 
-                                               // Wait a few millisecons before calling checkFocus(). This might be necessary because some browsers need some time to auto-fill in the form fields
-                                       window.setTimeout("checkFocus()", 50);
+                               // This moves focus to the right input field:
+                       function checkFocus() {
+                                       // If for some reason there already is a username in the username form field, move focus to the password field:
+                               if (document.loginform.username && document.loginform.username.value == "") {
+                                       document.loginform.username.focus();
+                               } else if (document.loginform.p_field && document.loginform.p_field.type!="hidden") {
+                                       document.loginform.p_field.focus();
                                }
+                       }
 
-                                       // This moves focus to the right input field:
-                               function checkFocus() {
-                                               // If for some reason there already is a username in the username form field, move focus to the password field:
-                                       if (document.loginform.username && document.loginform.username.value == "") {
-                                               document.loginform.username.focus();
-                                       } else if (document.loginform.p_field && document.loginform.p_field.type!="hidden") {
-                                               document.loginform.p_field.focus();
-                                       }
+                               // This function shows a warning, if user has capslock enabled
+                               // parameter showWarning: shows warning if TRUE and capslock active, otherwise only hides warning, if capslock gets inactive
+                       function checkCapslock(e, showWarning) {
+                               if (!isCapslock(e)) {
+                                       document.getElementById(\'t3-capslock\').style.display = \'none\';
+                               } else if (showWarning) {
+                                       document.getElementById(\'t3-capslock\').style.display = \'block\';
                                }
+                       }
+
+                               // Checks weather capslock is enabled (returns TRUE if enabled, false otherwise)
+                               // thanks to http://24ways.org/2007/capturing-caps-lock
+
+                       function isCapslock(e) {
+                               var ev = e ? e : window.event;
+                               if (!ev) {
+                                       return;
+                               }
+                               var targ = ev.target ? ev.target : ev.srcElement;
+                               // get key pressed
+                               var which = -1;
+                               if (ev.which) {
+                                       which = ev.which;
+                               } else if (ev.keyCode) {
+                                       which = ev.keyCode;
+                               }
+                               // get shift status
+                               var shift_status = false;
+                               if (ev.shiftKey) {
+                                       shift_status = ev.shiftKey;
+                               } else if (ev.modifiers) {
+                                       shift_status = !!(ev.modifiers & 4);
+                               }
+                               return (((which >= 65 && which <= 90) && !shift_status) ||
+                                       ((which >= 97 && which <= 122) && shift_status));
+                       }
+
+                               // prevent opening the login form in the backend frameset
+                       if (top.location.href != self.location.href) {
+                               top.location.href = self.location.href;
+                       }
+
                        ');
 
-               return $JScode;
+               return $JSCode;
        }
 
        /**
-        * Create a random challenge string
+        * Checks if login credentials are currently submitted
         *
-        * @return      string          Challenge value
+        * @return boolean
         */
-       function getChallenge() {
-               $challenge = md5(uniqid('').getmypid());
-               return $challenge;
+       protected function isLoginInProgress() {
+               $username = t3lib_div::_GP('username');
+               return !(empty($username) && empty($this->commandLI));
        }
-}
-
-// Include extension?
-if (defined('TYPO3_MODE') && $TYPO3_CONF_VARS[TYPO3_MODE]['XCLASS']['typo3/index.php'])        {
-       include_once($TYPO3_CONF_VARS[TYPO3_MODE]['XCLASS']['typo3/index.php']);
-}
-
-
-
-
-
 
+       /**
+        * Emits the render login form signal
+        *
+        * @param array $markers Array with markers for the login form
+        * @return void
+        */
+       protected function emitRenderLoginFormSignal(array &$markers) {
+               $this->getSignalSlotDispatcher()->dispatch(
+                       'SC_index',
+                       self::SIGNAL_RenderLoginForm,
+                       array($this, $markers)
+               );
+       }
 
+       /**
+        * Get the SignalSlot dispatcher
+        *
+        * @return Tx_Extbase_SignalSlot_Dispatcher
+        */
+       protected function getSignalSlotDispatcher() {
+               if (!isset($this->signalSlotDispatcher)) {
+                       $this->signalSlotDispatcher = $this->getObjectManager()->get('Tx_Extbase_SignalSlot_Dispatcher');
+               }
+               return $this->signalSlotDispatcher;
+       }
 
+       /**
+        * Get the ObjectManager
+        *
+        * @return Tx_Extbase_Object_ObjectManager
+        */
+       protected function getObjectManager() {
+               return t3lib_div::makeInstance('Tx_Extbase_Object_ObjectManager');
+       }
 
+}
 
-// Make instance:
+       // Make instance:
+/** @var $SOBE SC_index */
 $SOBE = t3lib_div::makeInstance('SC_index');
 $SOBE->init();
 $SOBE->main();
 $SOBE->printContent();
+
 ?>