Fixed bug #14771: Updates for taskcenter, sys_action, impexp (Thanks to Georg Ringer)
[Packages/TYPO3.CMS.git] / t3lib / class.t3lib_beuserauth.php
index cb3cfa3..d8d6fd2 100644 (file)
@@ -2,7 +2,7 @@
 /***************************************************************
 *  Copyright notice
 *
-*  (c) 1999-2009 Kasper Skaarhoj (kasperYYYY@typo3.com)
+*  (c) 1999-2010 Kasper Skaarhoj (kasperYYYY@typo3.com)
 *  All rights reserved
 *
 *  This script is part of the TYPO3 project. The TYPO3 project is
@@ -239,10 +239,10 @@ class t3lib_beUserAuth extends t3lib_userAuthGroup {
                                        if ($this->user['uid']) {
                                                if (!$this->isAdmin())  {
                                                        return TRUE;
-                                               } else die('ERROR: CLI backend user "'.$userName.'" was ADMIN which is not allowed!'.chr(10).chr(10));
-                                       } else die('ERROR: No backend user named "'.$userName.'" was found! [Database: '.TYPO3_db.']'.chr(10).chr(10));
-                               } else die('ERROR: Module name, "'.$GLOBALS['MCONF']['name'].'", was not prefixed with "_CLI_"'.chr(10).chr(10));
-                       } else die('ERROR: Another user was already loaded which is impossible in CLI mode!'.chr(10).chr(10));
+                                               } else die('ERROR: CLI backend user "'.$userName.'" was ADMIN which is not allowed!'.LF.LF);
+                                       } else die('ERROR: No backend user named "'.$userName.'" was found! [Database: '.TYPO3_db.']'.LF.LF);
+                               } else die('ERROR: Module name, "'.$GLOBALS['MCONF']['name'].'", was not prefixed with "_CLI_"'.LF.LF);
+                       } else die('ERROR: Another user was already loaded which is impossible in CLI mode!'.LF.LF);
                }
        }
 
@@ -281,6 +281,11 @@ class t3lib_beUserAuth extends t3lib_userAuthGroup {
                        $this->uc['lang']=$this->user['lang'];
                        $U=1;
                }
+                       // Setting the time of the first login:
+               if (!isset($this->uc['firstLoginTimeStamp'])) {
+                       $this->uc['firstLoginTimeStamp'] = $GLOBALS['EXEC_TIME'];
+                       $U = TRUE;
+               }
 
                        // Saving if updated.
                if ($U) {
@@ -345,7 +350,7 @@ class t3lib_beUserAuth extends t3lib_userAuthGroup {
                                        $prefix='[AdminLoginWarning]';
                                }
                                if ($warn)      {
-                                       mail($GLOBALS['TYPO3_CONF_VARS']['BE']['warning_email_addr'],
+                                       t3lib_utility_Mail::mail($GLOBALS['TYPO3_CONF_VARS']['BE']['warning_email_addr'],
                                                $prefix.' '.$subject,
                                                $msg,
                                                $this->notifyHeader
@@ -355,7 +360,7 @@ class t3lib_beUserAuth extends t3lib_userAuthGroup {
 
                                // If An email should be sent to the current user, do that:
                        if ($this->uc['emailMeAtLogin'] && strstr($this->user['email'],'@'))    {
-                               mail($this->user['email'],
+                               t3lib_utility_Mail::mail($this->user['email'],
                                        $subject,
                                        $msg,
                                        $this->notifyHeader
@@ -365,50 +370,6 @@ class t3lib_beUserAuth extends t3lib_userAuthGroup {
        }
 
        /**
-        * VeriCode returns 10 first chars of a md5 hash of the session cookie AND the encryptionKey from TYPO3_CONF_VARS.
-        * This code is used as an alternative verification when the JavaScript interface executes cmd's to tce_db.php from eg. MSIE 5.0 because the proper referer is not passed with this browser...
-        *
-        * @return      string
-        */
-       function veriCode()     {
-               return substr(md5($this->id.$GLOBALS['TYPO3_CONF_VARS']['SYS']['encryptionKey']),0,10);
-       }
-
-
-       /**
-        * The session_id is used to find user in the database.
-        * Two tables are joined: The session-table with user_id of the session and the usertable with its primary key
-        * if the client is flash (e.g. from a flash application inside TYPO3 that does a server request)
-        * then don't evaluate with the hashLockClause, as the client/browser is included in this hash
-        * and thus, the flash request would be rejected
-        *
-        * @return DB result object or false on error
-        * @access private
-        */
-       protected function fetchUserSessionFromDB() {
-               if ($GLOBALS['CLIENT']['BROWSER'] == 'flash') {
-                       // if on the flash client, the veri code is valid, then the user session is fetched
-                       // from the DB without the hashLock clause
-                       if (t3lib_div::_GP('vC') == $this->veriCode()) {
-                               $dbres = $GLOBALS['TYPO3_DB']->exec_SELECTquery(
-                                               '*',
-                                               $this->session_table.','.$this->user_table,
-                                               $this->session_table.'.ses_id = '.$GLOBALS['TYPO3_DB']->fullQuoteStr($this->id, $this->session_table).'
-                                                       AND '.$this->session_table.'.ses_name = '.$GLOBALS['TYPO3_DB']->fullQuoteStr($this->name, $this->session_table).'
-                                                       AND '.$this->session_table.'.ses_userid = '.$this->user_table.'.'.$this->userid_column.'
-                                                       '.$this->ipLockClause().'
-                                                       '.$this->user_where_clause()
-                               );
-                       } else {
-                               $dbres = false;
-                       }
-               } else {
-                       $dbres = parent::fetchUserSessionFromDB();
-               }
-               return $dbres;
-       }
-
-       /**
         * Determines whether a backend user is allowed to access the backend.
         *
         * The conditions are: