|
TYPO3 API
SVNRelease
|
00001 <?php 00002 /*************************************************************** 00003 * Copyright notice 00004 * 00005 * (c) Marcus Krause (marcus#exp2009@t3sec.info) 00006 * (c) Steffen Ritter (info@rs-websystems.de) 00007 * All rights reserved 00008 * 00009 * This script is part of the TYPO3 project. The TYPO3 project is 00010 * free software; you can redistribute it and/or modify 00011 * it under the terms of the GNU General Public License as published by 00012 * the Free Software Foundation; either version 2 of the License, or 00013 * (at your option) any later version. 00014 * 00015 * The GNU General Public License can be found at 00016 * http://www.gnu.org/copyleft/gpl.html. 00017 * A copy is found in the textfile GPL.txt and important notices to the license 00018 * from the author is found in LICENSE.txt distributed with these scripts. 00019 * 00020 * 00021 * This script is distributed in the hope that it will be useful, 00022 * but WITHOUT ANY WARRANTY; without even the implied warranty of 00023 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 00024 * GNU General Public License for more details. 00025 * 00026 * This copyright notice MUST APPEAR in all copies of the script! 00027 ***************************************************************/ 00028 /** 00029 * Contains class "tx_saltedpasswords_div" 00030 * that provides various helper functions. 00031 * 00032 * $Id: class.tx_saltedpasswords_div.php 6536 2009-11-25 14:07:18Z stucki $ 00033 */ 00034 00035 /** 00036 * General library class. 00037 * 00038 * @author Marcus Krause <marcus#exp2009@t3sec.info> 00039 * @author Steffen Ritter <info@rs-websystems.de> 00040 * 00041 * @since 2009-06-14 00042 * @package TYPO3 00043 * @subpackage tx_saltedpasswords 00044 */ 00045 class tx_saltedpasswords_div { 00046 /** 00047 * Keeps this extension's key. 00048 */ 00049 const EXTKEY = 'saltedpasswords'; 00050 00051 00052 /** 00053 * Returns extension configuration data from $TYPO3_CONF_VARS (configurable in Extension Manager) 00054 * 00055 * @author Rainer Kuhn <kuhn@punkt.de> 00056 * @author Marcus Krause <marcus#exp2009@t3sec.info> 00057 * 00058 * @param string TYPO3_MODE, wether Configuration for Frontend or Backend should be delivered 00059 * @return array extension configuration data 00060 */ 00061 public static function returnExtConf($mode = TYPO3_MODE) { 00062 $currentConfiguration = self::returnExtConfDefaults(); 00063 00064 if (isset($GLOBALS['TYPO3_CONF_VARS']['EXT']['extConf']['saltedpasswords'])) { 00065 $extensionConfiguration = unserialize($GLOBALS['TYPO3_CONF_VARS']['EXT']['extConf']['saltedpasswords']); 00066 00067 // Merge default configuration with modified configuration: 00068 if (isset($extensionConfiguration[$mode . '.'])) { 00069 $currentConfiguration = array_merge( 00070 $currentConfiguration, 00071 $extensionConfiguration[$mode . '.'] 00072 ); 00073 } 00074 } 00075 00076 return $currentConfiguration; 00077 } 00078 00079 /** 00080 * Hook function for felogin "forgotPassword" functionality 00081 * encrypts the new password before storing in database 00082 * 00083 * @param array $params: Parameter the hook delivers 00084 * @param tx_felogin_pi1 $pObj: Parent Object from which the hook is called 00085 * @return void 00086 * 00087 */ 00088 public function feloginForgotPasswordHook(array &$params, tx_felogin_pi1 $pObj) { 00089 if (self::isUsageEnabled('FE')) { 00090 $this->objInstanceSaltedPW = tx_saltedpasswords_salts_factory::getSaltingInstance(); 00091 $params['newPassword'] = $this->objInstanceSaltedPW->getHashedPassword($params['newPassword']); 00092 } 00093 } 00094 00095 /** 00096 * Returns default configuration of this extension. 00097 * 00098 * @return array default extension configuration data for localconf.php 00099 */ 00100 public static function returnExtConfDefaults() { 00101 return array( 00102 'onlyAuthService' => '0', 00103 'forceSalted' => '0', 00104 'updatePasswd' => '1', 00105 'saltedPWHashingMethod' => 'tx_saltedpasswords_salts_phpass', 00106 'enabled' => '1', 00107 ); 00108 } 00109 00110 /** 00111 * Function determines the default(=configured) type of 00112 * salted hashing method to be used. 00113 * 00114 * @param string $mode: (optional) The TYPO3 mode (FE or BE) saltedpasswords shall be used for 00115 * @return string classname of object to be used 00116 */ 00117 public static function getDefaultSaltingHashingMethod($mode = TYPO3_MODE) { 00118 00119 $extConf = self::returnExtConf($mode); 00120 $classNameToUse = 'tx_saltedpasswords_salts_md5'; 00121 if (in_array($extConf['saltedPWHashingMethod'], array_keys($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['ext/saltedpasswords']['saltMethods']))) { 00122 $classNameToUse = $extConf['saltedPWHashingMethod']; 00123 } 00124 00125 return $classNameToUse; 00126 } 00127 00128 /** 00129 * Returns information if salted password hashes are 00130 * indeed used in the TYPO3_MODE. 00131 * 00132 * @param string $mode: (optional) The TYPO3 mode (FE or BE) saltedpasswords shall be used for 00133 * @return boolean TRUE, if salted password hashes are used in the TYPO3_MODE, otherwise FALSE 00134 */ 00135 public static function isUsageEnabled($mode = TYPO3_MODE) { 00136 // Login Security Level Recognition 00137 $extConf = self::returnExtConf($mode); 00138 $securityLevel = $GLOBALS['TYPO3_CONF_VARS'][$mode]['loginSecurityLevel']; 00139 if ($mode == 'BE' && $extConf['enabled']) { 00140 return (($securityLevel =='normal' && $GLOBALS['TYPO3_CONF_VARS']['BE']['lockSSL'] > 0) || $securityLevel == 'rsa'); 00141 } else if ($mode =='FE' && $extConf['enabled']) { 00142 return t3lib_div::inList('normal,rsa', $securityLevel); 00143 } 00144 00145 return FALSE; 00146 } 00147 } 00148 00149 ?>
1.8.0