index.php 20.8 KB
Newer Older
Kasper Skårhøj's avatar
Kasper Skårhøj committed
1
2
3
<?php
/***************************************************************
*  Copyright notice
4
*
5
*  (c) 1999-2004 Kasper Skaarhoj (kasper@typo3.com)
Kasper Skårhøj's avatar
Kasper Skårhøj committed
6
7
*  All rights reserved
*
8
*  This script is part of the TYPO3 project. The TYPO3 project is
Kasper Skårhøj's avatar
Kasper Skårhøj committed
9
10
11
12
*  free software; you can redistribute it and/or modify
*  it under the terms of the GNU General Public License as published by
*  the Free Software Foundation; either version 2 of the License, or
*  (at your option) any later version.
13
*
Kasper Skårhøj's avatar
Kasper Skårhøj committed
14
15
*  The GNU General Public License can be found at
*  http://www.gnu.org/copyleft/gpl.html.
16
*  A copy is found in the textfile GPL.txt and important notices to the license
Kasper Skårhøj's avatar
Kasper Skårhøj committed
17
18
*  from the author is found in LICENSE.txt distributed with these scripts.
*
19
*
Kasper Skårhøj's avatar
Kasper Skårhøj committed
20
21
22
23
24
25
26
*  This script is distributed in the hope that it will be useful,
*  but WITHOUT ANY WARRANTY; without even the implied warranty of
*  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
*  GNU General Public License for more details.
*
*  This copyright notice MUST APPEAR in all copies of the script!
***************************************************************/
27
/**
Kasper Skårhøj's avatar
Kasper Skårhøj committed
28
 * Login-screen of TYPO3.
29
 *
30
 * $Id$
31
32
 * Revised for TYPO3 3.6 December/2003 by Kasper Skaarhoj
 * XHTML compliant
33
34
35
36
37
38
39
40
 *
 * @author	Kasper Skaarhoj <kasper@typo3.com>
 */
/**
 * [CLASS/FUNCTION INDEX of SCRIPT]
 *
 *
 *
41
42
43
44
 *   87: class SC_index
 *  120:     function init()
 *  151:     function main()
 *  237:     function printContent()
45
 *
46
 *              SECTION: Various functions
47
48
49
50
51
52
53
54
 *  261:     function makeLoginForm()
 *  304:     function makeLogoutForm()
 *  346:     function wrapLoginForm($content)
 *  406:     function checkRedirect()
 *  449:     function makeInterfaceSelectorBox()
 *  503:     function makeCopyrightNotice()
 *  536:     function makeLoginBoxImage()
 *  575:     function makeLoginNews()
55
56
 *
 * TOTAL FUNCTIONS: 11
57
 * (This index is automatically created/updated by the extension "extdeveval")
Kasper Skårhøj's avatar
Kasper Skårhøj committed
58
 *
59
 */
60
61


62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
define('TYPO3_PROCEED_IF_NO_USER', 1);
require ('init.php');
require ('template.php');















/**
81
 * Script Class for rendering the login form
82
 *
83
 * @author	Kasper Skaarhoj <kasper@typo3.com>
Kasper Skårhøj's avatar
Kasper Skårhøj committed
84
85
86
87
 * @package TYPO3
 * @subpackage core
 */
class SC_index {
88

89
90
91
92
93
94
95
96
		// Internal, GPvars:
	var $redirect_url;			// GPvar: redirect_url; The URL to redirect to after login.
	var $GPinterface;			// GPvar: Defines which interface to load (from interface selector)
	var $u;						// GPvar: preset username
	var $p;						// GPvar: preset password
	var $L;						// GPvar: If "L" is "OUT", then any logged in used is logged out. If redirect_url is given, we redirect to it
	var $loginRefresh;			// Login-refresh boolean; The backend will call this script with this value set when the login is close to being expired and the form needs to be redrawn.
	var $commandLI;				// Value of forms submit button for login.
97

98
99
100
		// Internal, static:
	var $redirectToURL;			// Set to the redirect URL of the form (may be redirect_url or "alt_main.php")
	var $L_vars;				// Set to the labels used for the login screen.
101

102
103
104
105
106
107
108
109
110
111
112
		// Internal, dynamic:
	var $content;				// Content accumulation

	var $interfaceSelector;			// A selector box for selecting value for "interface" may be rendered into this variable
	var $interfaceSelector_jump;	// A selector box for selecting value for "interface" may be rendered into this variable - this will have an onchange action which will redirect the user to the selected interface right away
	var $interfaceSelector_hidden;	// A hidden field, if the interface is not set.





Kasper Skårhøj's avatar
Kasper Skårhøj committed
113
114
115

	/**
	 * Initialize the login box. Will also react on a &L=OUT flag and exit.
116
117
	 *
	 * @return	void
118
	 */
Kasper Skårhøj's avatar
Kasper Skårhøj committed
119
120
	function init()	{
		global $BE_USER,$TYPO3_CONF_VARS;
121

122
			// GPvars:
Kasper Skårhøj's avatar
Kasper Skårhøj committed
123
124
125
126
127
		$this->redirect_url = t3lib_div::_GP('redirect_url');
		$this->GPinterface = t3lib_div::_GP('interface');
		$this->u = t3lib_div::_GP('u');							// preset username
		$this->p = t3lib_div::_GP('p');							// preset password
		$this->L = t3lib_div::_GP('L');							// If "L" is "OUT", then any logged in used is logged out. If redirect_url is given, we redirect to it
128
		$this->loginRefresh = t3lib_div::_GP('loginRefresh');		// Login
Kasper Skårhøj's avatar
Kasper Skårhøj committed
129
		$this->commandLI = t3lib_div::_GP('commandLI');			// Value of "Login" button. If set, the login button was pressed.
130
131
132
133
134

			// Getting login labels:
		$this->L_vars = explode('|',$TYPO3_CONF_VARS['BE']['loginLabels']);

			// Setting the redirect URL to "alt_main.php" if no alternative input is given:
135
136
		$this->redirectToURL = $this->redirect_url ? $this->redirect_url : 'alt_main.php';

137
138
			// Logout?
		if ($this->L=='OUT' && is_object($BE_USER))	{
Kasper Skårhøj's avatar
Kasper Skårhøj committed
139
			$BE_USER->logoff();
140
			if ($this->redirect_url)	header('Location: '.t3lib_div::locationHeaderUrl($this->redirect_url));
Kasper Skårhøj's avatar
Kasper Skårhøj committed
141
142
143
144
145
			exit;
		}
	}

	/**
146
	 * Main function - creating the login/logout form
147
148
	 *
	 * @return	void
Kasper Skårhøj's avatar
Kasper Skårhøj committed
149
150
	 */
	function main()	{
151
152
153
154
155
156
157
158
159
		global $TBE_TEMPLATE, $TYPO3_CONF_VARS, $BE_USER;

			// Initialize template object:
		$TBE_TEMPLATE->docType='xhtml_trans';

			// Set JavaScript for creating a MD5 hash of the password:
		$TBE_TEMPLATE->JScode.='
			<script type="text/javascript" src="md5.js"></script>
			'.$TBE_TEMPLATE->wrapScriptTags('
160
				function doChallengeResponse() {	//
161
162
163
164
165
166
167
168
					password = document.loginform.p_field.value;
					if (password)	{
						password = MD5(password);	// this makes it superchallenged!!
						str = document.loginform.username.value+":"+password+":"+document.loginform.challenge.value;
						document.loginform.userident.value = MD5(str);
						document.loginform.p_field.value = "";
						return true;
					}
Kasper Skårhøj's avatar
Kasper Skårhøj committed
169
				}
170
			');
Kasper Skårhøj's avatar
Kasper Skårhøj committed
171

172
173
174
175

			// Checking, if we should make a redirect.
			// Might set JavaScript in the header to close window.
		$this->checkRedirect();
Kasper Skårhøj's avatar
Kasper Skårhøj committed
176

177
			// Initialize interface selectors:
Kasper Skårhøj's avatar
Kasper Skårhøj committed
178
		$this->makeInterfaceSelectorBox();
179
180

			// Creating form based on whether there is a login or not:
181
182
183
184
185
186
		if (!$BE_USER->user['uid'])	{
			$TBE_TEMPLATE->form = '
				<form action="index.php" method="post" name="loginform" onsubmit="doChallengeResponse();">
				<input type="hidden" name="login_status" value="login" />
				';
			$loginForm = $this->makeLoginForm();
Kasper Skårhøj's avatar
Kasper Skårhøj committed
187
		} else {
188
189
190
191
192
			$TBE_TEMPLATE->form = '
				<form action="index.php" method="post" name="loginform">
				<input type="hidden" name="login_status" value="logout" />
				';
			$loginForm = $this->makeLogoutForm();
Kasper Skårhøj's avatar
Kasper Skårhøj committed
193
		}
194
195


196
			// Starting page:
197
		$this->content.=$TBE_TEMPLATE->startPage('TYPO3 Login: '.$TYPO3_CONF_VARS['SYS']['sitename']);
198

199
200
201
202
203
204
205
206
207
208
209
210
211
212
			// Add login form:
		$this->content.=$this->wrapLoginForm($loginForm);

			// Ending form:
		$this->content.= '
			<input type="hidden" name="userident" value="" />
			<input type="hidden" name="challenge" value="'.md5(uniqid('')).'" />
			<input type="hidden" name="redirect_url" value="'.htmlspecialchars($this->redirectToURL).'" />
			<input type="hidden" name="loginRefresh" value="'.htmlspecialchars($this->loginRefresh).'" />
			'.$this->interfaceSelector_hidden.'
			';

			// This moves focus to the right input field:
		$this->content.=$TBE_TEMPLATE->wrapScriptTags('
213

214
				// If the login screen is shown in the login_frameset window for re-login, then try to get the username of the current/former login from opening windows main frame:
Kasper Skårhøj's avatar
Kasper Skårhøj committed
215
			if (parent.opener && parent.opener.TS && parent.opener.TS.username && document.loginform && document.loginform.username)	{
216
				document.loginform.username.value = parent.opener.TS.username;
Kasper Skårhøj's avatar
Kasper Skårhøj committed
217
			}
218
219
220
221

				// If for some reason there already is a username in the username for field, move focus to the password field:
			if (document.loginform.username && document.loginform.username.value == "") {
				document.loginform.username.focus();
Kasper Skårhøj's avatar
Kasper Skårhøj committed
222
			} else if (document.loginform.p_field && document.loginform.p_field.type!="hidden") {
223
				document.loginform.p_field.focus();
Kasper Skårhøj's avatar
Kasper Skårhøj committed
224
			}
225
226
227
228
229
		');

			// End page:
		$this->content.=$TBE_TEMPLATE->endPage();
	}
230

231
232
	/**
	 * Outputting the accumulated content to screen
233
234
	 *
	 * @return	void
235
236
237
238
239
	 */
	function printContent()	{

		echo $this->content;
	}
240
241
242
243
244





245
246


Kasper Skårhøj's avatar
Kasper Skårhøj committed
247

248
249
250
251
252
253
254
255
256
	/*****************************
	 *
	 * Various functions
	 *
	 ******************************/

	/**
	 * Creates the login form
	 * This is drawn when NO login exists.
257
	 *
258
259
260
261
262
	 * @return	string		HTML output
	 */
	function makeLoginForm()	{

		$content.='
263
264

							<!--
265
266
267
268
269
								Login form:
							-->
							<table cellspacing="0" cellpadding="0" border="0" id="logintable">
									<tr>
										<td colspan="2"><h2>'.htmlspecialchars($this->L_vars[6]).'</h2></td>
Kasper Skårhøj's avatar
   
Kasper Skårhøj committed
270
271
272
273
									</tr>'.($this->commandLI ? '
									<tr class="c-wrong">
										<td colspan="2"><p class="c-wrong">'.htmlspecialchars($this->L_vars[9]).'</p></td>
									</tr>' : '').'
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
									<tr class="c-username">
										<td><p class="c-username">'.htmlspecialchars($this->L_vars[0]).':</p></td>
										<td><input type="text" name="username" value="'.htmlspecialchars($this->u).'" class="c-username" /></td>
									</tr>
									<tr class="c-password">
										<td><p class="c-password">'.htmlspecialchars($this->L_vars[1]).':</p></td>
										<td><input type="password" name="p_field" value="'.htmlspecialchars($this->p).'" class="c-password" /></td>
									</tr>'.($this->interfaceSelector && !$this->loginRefresh ? '
									<tr class="c-interfaceselector">
										<td><p class="c-interfaceselector">'.htmlspecialchars($this->L_vars[2]).':</p></td>
										<td>'.$this->interfaceSelector.'</td>
									</tr>' : '' ).'
									<tr class="c-submit">
										<td></td>
										<td><input type="submit" name="commandLI" value="'.htmlspecialchars($this->L_vars[3]).'" class="c-submit" /></td>
									</tr>
									<tr class="c-info">
										<td></td>
										<td><p class="c-info">'.htmlspecialchars($this->L_vars[7]).'</p></td>
									</tr>
								</table>';
295

296
297
			// Return content:
		return $content;
298
299
	}

300
301
302
	/**
	 * Creates the logout form
	 * This is drawn if a user login already exists.
303
	 *
304
305
306
307
	 * @return	string		HTML output
	 */
	function makeLogoutForm()	{
		global $BE_USER;
308

309
310

		$content.='
311
312

							<!--
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
								Login form:
							-->
							<table cellspacing="0" cellpadding="0" border="0" id="logintable">
									<tr>
										<td></td>
										<td><h2>'.htmlspecialchars($this->L_vars[6]).'</h2></td>
									</tr>
									<tr class="c-username">
										<td><p class="c-username">'.htmlspecialchars($this->L_vars[0]).':</p></td>
										<td><p class="c-username-current">'.htmlspecialchars($BE_USER->user['username']).'</p></td>
									</tr>'.($this->interfaceSelector_jump ? '
									<tr class="c-interfaceselector">
										<td><p class="c-interfaceselector">'.htmlspecialchars($this->L_vars[2]).':</p></td>
										<td>'.$this->interfaceSelector_jump.'</td>
									</tr>' : '' ).'
									<tr class="c-submit">
										<td><input type="hidden" name="p_field" value="" /></td>
										<td><input type="submit" name="commandLO" value="'.htmlspecialchars($this->L_vars[4]).'" class="c-submit" /></td>
									</tr>
									<tr class="c-info">
										<td></td>
										<td><p class="c-info">'.htmlspecialchars($this->L_vars[7]).'</p></td>
									</tr>
								</table>';
337
338
339

			// Return content:
		return $content;
340
341
342
343
	}

	/**
	 * Wrapping the login form table in another set of tables etc:
344
	 *
345
346
347
348
	 * @param	string		HTML content for the login form
	 * @return	string		The HTML for the page.
	 */
	function wrapLoginForm($content)	{
349

350
			// Logo:
351
352
		$logo = $GLOBALS['TBE_STYLES']['logo_login'] ?
					'<img src="'.htmlspecialchars($GLOBALS['BACK_PATH'].$GLOBALS['TBE_STYLES']['logo_login']).'" alt="" />' :
353
					'<img'.t3lib_iconWorks::skinImg($GLOBALS['BACK_PATH'],'gfx/typo3logo.gif','width="333" height="43"').' alt="" />';
354

355
356
357
358
359
			// Login box image:
		$loginboxImage = $this->makeLoginBoxImage();

			// Compile the page content:
		$content='
360

361
362
363
364
365
366
		<!--
			Wrapper table for the login form:
		-->
		<table cellspacing="0" cellpadding="0" border="0" id="wrapper">
			<tr>
				<td class="c-wrappercell" align="center">
367

368
369
370
371
372
					<!--
						Login form image:
					-->
					<div id="loginimage">
											'.$logo.'
373
374
					</div>

375
376
377
378
379
380
381
382
383
384
385
					<!--
						Login form wrapper:
					-->
					<table cellspacing="0" cellpadding="0" border="0" id="loginwrapper">
						<tr>
							<td>'.$loginboxImage.'</td>
							<td>
								'.$content.'
							</td>
						</tr>
					</table>
386

387
388
389
390
391
392
					<!--
						Copy right notice:
					-->
					<div id="copyrightnotice">
						'.$this->makeCopyrightNotice().'
					</div>
393

394
395
396
397
398
					'.$this->makeLoginNews().'
				</td>
			</tr>
		</table>';

399
			// Return content:
Kasper Skårhøj's avatar
Kasper Skårhøj committed
400
401
		return $content;
	}
402

Kasper Skårhøj's avatar
Kasper Skårhøj committed
403
	/**
404
	 * Checking, if we should perform some sort of redirection OR closing of windows.
405
406
	 *
	 * @return	void
Kasper Skårhøj's avatar
Kasper Skårhøj committed
407
	 */
408
409
410
411
412
413
	function checkRedirect()	{
		global $BE_USER,$TBE_TEMPLATE;

			// Do redirect:
			// If a user is logged in AND a) if either the login is just done (commandLI) or b) a loginRefresh is done or c) the interface-selector is NOT enabled (If it is on the other hand, it should not just load an interface, because people has to choose then...)
		if ($BE_USER->user['uid'] && ($this->commandLI || $this->loginRefresh || !$this->interfaceSelector))	{
Kasper Skårhøj's avatar
Kasper Skårhøj committed
414
415

				// If no cookie has been set previously we tell people that this is a problem. This assumes that a cookie-setting script (like this one) has been hit at least once prior to this instance.
416
417
			if (!$GLOBALS['HTTP_COOKIE_VARS'][$BE_USER->name])	{
				t3lib_BEfunc::typo3PrintError ('Login-error',"Yeah, that's a classic. No cookies, no TYPO3.<br /><br />Please accept cookies from TYPO3 - otherwise you'll not be able to use the system.",0);
Kasper Skårhøj's avatar
Kasper Skårhøj committed
418
419
420
				exit;
			}

421
				// Based on specific setting of interface we set the redirect script:
Kasper Skårhøj's avatar
Kasper Skårhøj committed
422
			switch ($this->GPinterface)	{
423
424
				case 'backend':
					$this->redirectToURL = 'alt_main.php';
Kasper Skårhøj's avatar
Kasper Skårhøj committed
425
				break;
426
427
				case 'frontend':
					$this->redirectToURL = '../';
Kasper Skårhøj's avatar
Kasper Skårhøj committed
428
429
430
431
				break;
			}

				// If there is a redirect URL AND if loginRefresh is not set...
432
433
			if (!$this->loginRefresh)	{
				header('Location: '.t3lib_div::locationHeaderUrl($this->redirectToURL));
Kasper Skårhøj's avatar
Kasper Skårhøj committed
434
435
				exit;
			} else {
436
				$TBE_TEMPLATE->JScode.=$TBE_TEMPLATE->wrapScriptTags('
437
					if (parent.opener && parent.opener.busy)	{
438
						parent.opener.busy.loginRefreshed();
Kasper Skårhøj's avatar
Kasper Skårhøj committed
439
440
						parent.close();
					}
441
442
443
444
445
446
447
				');
			}
		}
	}

	/**
	 * Making interface selector:
448
449
	 *
	 * @return	void
450
451
452
453
454
455
456
457
	 */
	function makeInterfaceSelectorBox()	{
		global $TYPO3_CONF_VARS;

			// Reset variables:
		$this->interfaceSelector = '';
		$this->interfaceSelector_hidden='';
		$this->interfaceSelector_jump = '';
458
#debug($this->redirect_url);
459
460
461
462
			// If interfaces are defined AND no input redirect URL in GET vars:
		if ($TYPO3_CONF_VARS['BE']['interfaces'] && !$this->redirect_url)	{
			$parts = t3lib_div::trimExplode(',',$TYPO3_CONF_VARS['BE']['interfaces']);
			if (count($parts)>1)	{	// Only if more than one interface is defined will we show the selector:
463

464
465
466
467
468
					// Initialize:
				$tempLabels=explode(',',$this->L_vars[5]);
				$labels=array();
				$labels['backend']=$tempLabels[0];
				$labels['frontend']=$tempLabels[1];
469

470
471
472
				$jumpScript=array();
				$jumpScript['backend']='alt_main.php';
				$jumpScript['frontend']='../';
473

474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
					// Traverse the interface keys:
				foreach($parts as $valueStr)	{
					$this->interfaceSelector.='
							<option value="'.htmlspecialchars($valueStr).'">'.htmlspecialchars($labels[$valueStr]).'</option>';
					$this->interfaceSelector_jump.='
							<option value="'.htmlspecialchars($jumpScript[$valueStr]).'">'.htmlspecialchars($labels[$valueStr]).'</option>';
				}
				$this->interfaceSelector='
						<select name="interface" class="c-interfaceselector">'.$this->interfaceSelector.'
						</select>';
				$this->interfaceSelector_jump='
						<select name="interface" class="c-interfaceselector" onchange="document.location=this.options[this.selectedIndex].value;">'.$this->interfaceSelector_jump.'
						</select>';

			} else {	// If there is only ONE interface value set:

				$this->interfaceSelector_hidden='<input type="hidden" name="interface" value="'.trim($TYPO3_CONF_VARS['BE']['interfaces']).'" />';
Kasper Skårhøj's avatar
Kasper Skårhøj committed
491
492
493
			}
		}
	}
494

Kasper Skårhøj's avatar
Kasper Skårhøj committed
495
	/**
496
	 * COPYRIGHT notice
497
	 *
498
	 * Warning:
499
	 * DO NOT prevent this notice from being shown in ANY WAY.
500
501
	 * According to the GPL license an interactive application must show such a notice on start-up ('If the program is interactive, make it output a short notice... ' - see GPL.txt)
	 * Therefore preventing this notice from being properly shown is a violation of the license, regardless of whether you remove it or use a stylesheet to obstruct the display.
502
	 *
503
	 * @return	string		Text/Image (HTML) for copyright notice.
Kasper Skårhøj's avatar
Kasper Skårhøj committed
504
	 */
505
506
507
508
509
	function makeCopyrightNotice()	{

			// Get values from TYPO3_CONF_VARS:
		$loginCopyrightWarrantyProvider = strip_tags(trim($GLOBALS['TYPO3_CONF_VARS']['SYS']['loginCopyrightWarrantyProvider']));
		$loginCopyrightWarrantyURL = strip_tags(trim($GLOBALS['TYPO3_CONF_VARS']['SYS']['loginCopyrightWarrantyURL']));
510

511
512
513
514
515
			// Make warranty note:
		if (strlen($loginCopyrightWarrantyProvider)>=2 && strlen($loginCopyrightWarrantyURL)>=10)	{
			$warrantyNote='Warranty is supplied by '.htmlspecialchars($loginCopyrightWarrantyProvider).'; <a href="'.htmlspecialchars($loginCopyrightWarrantyURL).'" target="_blank">click for details.</a>';
		} else {
			$warrantyNote='TYPO3 comes with ABSOLUTELY NO WARRANTY; <a href="http://typo3.com/1316.0.html" target="_blank">click for details.</a>';
516
517
		}

518
519
520
521
522
			// Compile full copyright notice:
		$copyrightNotice = '<a href="http://typo3.com/" target="_blank">'.
					'<img src="gfx/loginlogo_transp.gif" width="75" height="19" alt="TYPO3 logo" align="left" />'.
					'TYPO3 CMS'.($GLOBALS['TYPO3_CONF_VARS']['SYS']['loginCopyrightShowVersion']?' ver. '.htmlspecialchars($GLOBALS['TYPO_VERSION']):'').
					'</a>. '.
Kasper Skårhøj's avatar
Kasper Skårhøj committed
523
					'Copyright &copy; 1998-2004 Kasper Sk&#229;rh&#248;j. Extensions are copyright of their respective owners. '.
524
525
526
527
					'Go to <a href="http://typo3.com/" target="_blank">http://typo3.com/</a> for details. '.
					$warrantyNote.' '.
					'This is free software, and you are welcome to redistribute it under certain conditions; <a href="http://typo3.com/1316.0.html" target="_blank">click for details</a>. '.
					'Obstructing the appearance of this notice is prohibited by law.';
528

529
530
531
532
533
534
			// Return notice:
		return $copyrightNotice;
	}

	/**
	 * Returns the login box image, whether the default or an image from the rotation folder.
535
	 *
536
537
538
539
540
541
	 * @return	string		HTML image tag.
	 */
	function makeLoginBoxImage()	{
		$loginboxImage = '';
		if ($GLOBALS['TBE_STYLES']['loginBoxImage_rotationFolder'])	{		// Look for rotation image folder:
			$absPath = t3lib_div::resolveBackPath(PATH_typo3.$GLOBALS['TBE_STYLES']['loginBoxImage_rotationFolder']);
542

543
544
545
546
547
548
				// Get rotation folder:
			$dir = t3lib_div::getFileAbsFileName($absPath);
			if ($dir && @is_dir($dir))	{

					// Get files for rotation into array:
				$files = t3lib_div::getFilesInDir($dir,'png,jpg,gif');
549

550
551
552
					// Pick random file:
				srand((float) microtime() * 10000000);
				$randImg = array_rand($files, 1);
553

554
555
556
					// Get size of random file:
				$imgSize = @getimagesize($dir.$files[$randImg]);

557
					// Create image tag:
558
559
560
561
562
				if (is_array($imgSize))	{
					$loginboxImage = '<img src="'.htmlspecialchars($GLOBALS['TBE_STYLES']['loginBoxImage_rotationFolder'].$files[$randImg]).'" '.$imgSize[3].' id="loginbox-image" alt="" />';
				}
			}
		} else {	// If no rotation folder configured, print default image:
563
564
			$imagecopy = 'Photo: &copy; 2004 Kasper Sk&#229;rh&#248;j';	// Directly outputted in image attributes...
			$loginboxImage = '<img'.t3lib_iconWorks::skinImg($GLOBALS['BACK_PATH'],'gfx/loginbox_image_360rc2.jpg','width="200" height="133"').' id="loginbox-image" alt="'.$imagecopy.'" title="'.$imagecopy.'" />';
565
		}
566

567
568
569
			// Return image tag:
		return $loginboxImage;
	}
570

571
572
	/**
	 * Make login news - renders the HTML content for a list of news shown under the login form. News data is added through $TYPO3_CONF_VARS
573
	 *
574
575
576
577
	 * @return	string		HTML content
	 * @credits			Idea by Jan-Hendrik Heuing
	 */
	function makeLoginNews()	{
578

579
580
			// Reset output variable:
		$newsContent= '';
581

582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
			// Traverse news array IF there are records in it:
		if (is_array($GLOBALS['TYPO3_CONF_VARS']['BE']['loginNews']) && count($GLOBALS['TYPO3_CONF_VARS']['BE']['loginNews']))	{
			foreach($GLOBALS['TYPO3_CONF_VARS']['BE']['loginNews'] as $newsItem)	{
				$newsContent.='
						<tr>
							<td class="c-date">'.htmlspecialchars($newsItem['date']).'</td>
							<td class="c-header">'.htmlspecialchars($newsItem['header']).'</td>
						</tr>
						<tr>
							<td></td>
							<td class="c-content">'.trim($newsItem['content']).'</td>
						</tr>
						<tr class="c-spacer">
							<td colspan="2"></td>
						</tr>
				';
Kasper Skårhøj's avatar
Kasper Skårhøj committed
598
			}
599

600
601
				// Wrap in a table:
			$newsContent= '
602

603
604
605
606
607
608
609
610
611
612
613
					<!--
						Login screen news:
					-->
					<div id="loginNews">
					<h2>'.htmlspecialchars($this->L_vars[8]).'</h2>
					<table border="0" cellpadding="0" cellspacing="0">
						'.$newsContent.'
					</table>
					</div>
			';
		}
614

615
616
			// Return content:
		return $newsContent;
Kasper Skårhøj's avatar
Kasper Skårhøj committed
617
618
619
620
	}
}

// Include extension?
621
622
if (defined('TYPO3_MODE') && $TYPO3_CONF_VARS[TYPO3_MODE]['XCLASS']['typo3/index.php'])	{
	include_once($TYPO3_CONF_VARS[TYPO3_MODE]['XCLASS']['typo3/index.php']);
Kasper Skårhøj's avatar
Kasper Skårhøj committed
623
624
625
626
627
628
629
630
631
632
633
634
}










// Make instance:
635
$SOBE = t3lib_div::makeInstance('SC_index');
Kasper Skårhøj's avatar
Kasper Skårhøj committed
636
637
638
639
$SOBE->init();
$SOBE->main();
$SOBE->printContent();
?>