|
TYPO3 API
SVNRelease
|
00001 <?php 00002 /*************************************************************** 00003 * Copyright notice 00004 * 00005 * (c) 1999-2011 Kasper Skårhøj (kasperYYYY@typo3.com) 00006 * All rights reserved 00007 * 00008 * This script is part of the TYPO3 project. The TYPO3 project is 00009 * free software; you can redistribute it and/or modify 00010 * it under the terms of the GNU General Public License as published by 00011 * the Free Software Foundation; either version 2 of the License, or 00012 * (at your option) any later version. 00013 * 00014 * The GNU General Public License can be found at 00015 * http://www.gnu.org/copyleft/gpl.html. 00016 * A copy is found in the textfile GPL.txt and important notices to the license 00017 * from the author is found in LICENSE.txt distributed with these scripts. 00018 * 00019 * 00020 * This script is distributed in the hope that it will be useful, 00021 * but WITHOUT ANY WARRANTY; without even the implied warranty of 00022 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 00023 * GNU General Public License for more details. 00024 * 00025 * This copyright notice MUST APPEAR in all copies of the script! 00026 ***************************************************************/ 00027 /** 00028 * Class for TYPO3 backend user authentication in the TSFE frontend 00029 * 00030 * $Id: class.t3lib_tsfebeuserauth.php 10664 2011-02-28 19:37:41Z lolli $ 00031 * Revised for TYPO3 3.6 July/2003 by Kasper Skårhøj 00032 * XHTML compliant 00033 * 00034 * @author Kasper Skårhøj <kasperYYYY@typo3.com> 00035 */ 00036 /** 00037 * [CLASS/FUNCTION INDEX of SCRIPT] 00038 * 00039 * 00040 * 00041 * 103: class t3lib_tsfeBeUserAuth extends t3lib_beUserAuth 00042 * 129: function extInitFeAdmin() 00043 * 154: function extPrintFeAdminDialog() 00044 * 00045 * SECTION: Creating sections of the Admin Panel 00046 * 250: function extGetCategory_preview($out='') 00047 * 283: function extGetCategory_cache($out='') 00048 * 321: function extGetCategory_publish($out='') 00049 * 356: function extGetCategory_edit($out='') 00050 * 400: function extGetCategory_tsdebug($out='') 00051 * 433: function extGetCategory_info($out='') 00052 * 00053 * SECTION: Admin Panel Layout Helper functions 00054 * 506: function extGetHead($pre) 00055 * 526: function extItemLink($pre,$str) 00056 * 542: function extGetItem($pre,$element) 00057 * 559: function extFw($str) 00058 * 568: function ext_makeToolBar() 00059 * 00060 * SECTION: TSFE BE user Access Functions 00061 * 637: function checkBackendAccessSettingsFromInitPhp() 00062 * 682: function extPageReadAccess($pageRec) 00063 * 693: function extAdmModuleEnabled($key) 00064 * 709: function extSaveFeAdminConfig() 00065 * 741: function extGetFeAdminValue($pre,$val='') 00066 * 783: function extIsAdmMenuOpen($pre) 00067 * 00068 * SECTION: TSFE BE user Access Functions 00069 * 818: function extGetTreeList($id,$depth,$begin=0,$perms_clause) 00070 * 849: function extGetNumberOfCachedPages($page_id) 00071 * 00072 * SECTION: Localization handling 00073 * 888: function extGetLL($key) 00074 * 00075 * SECTION: Frontend Editing 00076 * 932: function extIsEditAction() 00077 * 954: function extIsFormShown() 00078 * 970: function extEditAction() 00079 * 00080 * TOTAL FUNCTIONS: 25 00081 * (This index is automatically created/updated by the extension "extdeveval") 00082 * 00083 */ 00084 00085 00086 /** 00087 * TYPO3 backend user authentication in the TSFE frontend. 00088 * This includes mainly functions related to the Admin Panel 00089 * 00090 * @author Kasper Skårhøj <kasperYYYY@typo3.com> 00091 * @package TYPO3 00092 * @subpackage t3lib 00093 */ 00094 class t3lib_tsfeBeUserAuth extends t3lib_beUserAuth { 00095 /** 00096 * Form field with login name. 00097 * 00098 * @var string 00099 */ 00100 public $formfield_uname = ''; 00101 00102 /** 00103 * Form field with password. 00104 * 00105 * @var string 00106 */ 00107 public $formfield_uident = ''; 00108 00109 /** 00110 * Form field with a unique value which is used to encrypt the password and username. 00111 * 00112 * @var string 00113 */ 00114 public $formfield_chalvalue = ''; 00115 00116 /** 00117 * Sets the level of security. *'normal' = clear-text. 'challenged' = hashed password/username. 00118 * from form in $formfield_uident. 'superchallenged' = hashed password hashed again with username. 00119 * 00120 * @var string 00121 */ 00122 public $security_level = ''; 00123 00124 /** 00125 * Decides if the writelog() function is called at login and logout. 00126 * 00127 * @var boolean 00128 */ 00129 public $writeStdLog = FALSE; 00130 00131 /** 00132 * If the writelog() functions is called if a login-attempt has be tried without success. 00133 * 00134 * @var boolean 00135 */ 00136 public $writeAttemptLog = FALSE; 00137 00138 /** 00139 * Array of page related information (uid, title, depth). 00140 * 00141 * @var array 00142 */ 00143 public $extPageInTreeInfo = array(); 00144 00145 /** 00146 * General flag which is set if the adminpanel should be displayed at all. 00147 * 00148 * @var boolean 00149 */ 00150 public $extAdmEnabled = FALSE; 00151 00152 /** 00153 * Instance of the admin panel 00154 * 00155 * @var tslib_AdminPanel 00156 */ 00157 public $adminPanel = NULL; 00158 00159 /** 00160 * Class for frontend editing. 00161 * 00162 * @var t3lib_frontendedit 00163 */ 00164 public $frontendEdit = NULL; 00165 00166 /** 00167 * Initializes the admin panel. 00168 * 00169 * @return void 00170 */ 00171 public function initializeAdminPanel() { 00172 $this->extAdminConfig = $this->getTSConfigProp('admPanel'); 00173 00174 if (isset($this->extAdminConfig['enable.'])) { 00175 foreach ($this->extAdminConfig['enable.'] as $key => $value) { 00176 if ($value) { 00177 $this->adminPanel = t3lib_div::makeInstance('tslib_AdminPanel'); 00178 $this->extAdmEnabled = TRUE; 00179 00180 break; 00181 } 00182 } 00183 } 00184 } 00185 00186 /** 00187 * Initializes frontend editing. 00188 * 00189 * @return void 00190 */ 00191 public function initializeFrontendEdit() { 00192 if (isset($this->extAdminConfig['enable.']) && $this->isFrontendEditingActive()) { 00193 foreach ($this->extAdminConfig['enable.'] as $key => $value) { 00194 if ($value) { 00195 if ($GLOBALS['TSFE'] instanceof tslib_fe) { 00196 // Grab the Page TSConfig property that determines which controller to use. 00197 $pageTSConfig = $GLOBALS['TSFE']->getPagesTSconfig(); 00198 $controllerKey = isset($pageTSConfig['TSFE.']['frontendEditingController']) ? $pageTSConfig['TSFE.']['frontendEditingController'] : 'default'; 00199 } else { 00200 $controllerKey = 'default'; 00201 } 00202 00203 $controllerClass = $GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['t3lib/class.t3lib_tsfebeuserauth.php']['frontendEditingController'][$controllerKey]; 00204 if ($controllerClass) { 00205 $this->frontendEdit = t3lib_div::getUserObj($controllerClass, FALSE); 00206 } 00207 00208 break; 00209 } 00210 } 00211 } 00212 } 00213 00214 /** 00215 * Determines whether frontend editing is currently active. 00216 * 00217 * @return boolean Wheter frontend editing is active 00218 */ 00219 public function isFrontendEditingActive() { 00220 return ($this->extAdmEnabled 00221 && ($this->adminPanel->isAdminModuleEnabled('edit') && $this->adminPanel->isAdminModuleOpen('edit') 00222 || $GLOBALS['TSFE']->displayEditIcons == 1) 00223 ); 00224 } 00225 00226 /** 00227 * Delegates to the appropriate view and renders the admin panel content. 00228 * 00229 * @return string. 00230 */ 00231 public function displayAdminPanel() { 00232 $content = $this->adminPanel->display(); 00233 00234 return $content; 00235 } 00236 00237 /** 00238 * Determines whether the admin panel is enabled and visible. 00239 * 00240 * @return boolean Whether the admin panel is enabled and visible 00241 */ 00242 public function isAdminPanelVisible() { 00243 return ($this->extAdmEnabled && !$this->extAdminConfig['hide'] && $GLOBALS['TSFE']->config['config']['admPanel']); 00244 } 00245 00246 /***************************************************** 00247 * 00248 * TSFE BE user Access Functions 00249 * 00250 ****************************************************/ 00251 00252 /** 00253 * Implementing the access checks that the typo3/init.php script does before a user is ever logged in. 00254 * Used in the frontend. 00255 * 00256 * @return boolean Returns true if access is OK 00257 * @see typo3/init.php, t3lib_beuserauth::backendCheckLogin() 00258 */ 00259 public function checkBackendAccessSettingsFromInitPhp() { 00260 global $TYPO3_CONF_VARS; 00261 00262 // ********************** 00263 // Check Hardcoded lock on BE: 00264 // ********************** 00265 if ($TYPO3_CONF_VARS['BE']['adminOnly'] < 0) { 00266 return FALSE; 00267 } 00268 00269 // ********************** 00270 // Check IP 00271 // ********************** 00272 if (trim($TYPO3_CONF_VARS['BE']['IPmaskList'])) { 00273 if (!t3lib_div::cmpIP(t3lib_div::getIndpEnv('REMOTE_ADDR'), $TYPO3_CONF_VARS['BE']['IPmaskList'])) { 00274 return FALSE; 00275 } 00276 } 00277 00278 00279 // ********************** 00280 // Check SSL (https) 00281 // ********************** 00282 if (intval($TYPO3_CONF_VARS['BE']['lockSSL']) && $TYPO3_CONF_VARS['BE']['lockSSL'] != 3) { 00283 if (!t3lib_div::getIndpEnv('TYPO3_SSL')) { 00284 return FALSE; 00285 } 00286 } 00287 00288 // Finally a check from t3lib_beuserauth::backendCheckLogin() 00289 if ($this->isUserAllowedToLogin()) { 00290 return TRUE; 00291 } else { 00292 return FALSE; 00293 } 00294 } 00295 00296 00297 /** 00298 * Evaluates if the Backend User has read access to the input page record. 00299 * The evaluation is based on both read-permission and whether the page is found in one of the users webmounts. Only if both conditions are true will the function return true. 00300 * Read access means that previewing is allowed etc. 00301 * Used in index_ts.php 00302 * 00303 * @param array The page record to evaluate for 00304 * @return boolean True if read access 00305 */ 00306 public function extPageReadAccess($pageRec) { 00307 return $this->isInWebMount($pageRec['uid']) && $this->doesUserHaveAccess($pageRec, 1); 00308 } 00309 00310 /***************************************************** 00311 * 00312 * TSFE BE user Access Functions 00313 * 00314 ****************************************************/ 00315 00316 /** 00317 * Generates a list of Page-uid's from $id. List does not include $id itself 00318 * The only pages excluded from the list are deleted pages. 00319 * 00320 * @param integer Start page id 00321 * @param integer Depth to traverse down the page tree. 00322 * @param integer $begin is an optional integer that determines at which level in the tree to start collecting uid's. Zero means 'start right away', 1 = 'next level and out' 00323 * @param string Perms clause 00324 * @return string Returns the list with a comma in the end (if any pages selected!) 00325 */ 00326 public function extGetTreeList($id, $depth, $begin = 0, $perms_clause) { 00327 $depth = intval($depth); 00328 $begin = intval($begin); 00329 $id = intval($id); 00330 $theList = ''; 00331 00332 if ($id && $depth > 0) { 00333 $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery( 00334 'uid,title', 00335 'pages', 00336 'pid=' . $id . ' AND doktype IN (' . $GLOBALS['TYPO3_CONF_VARS']['FE']['content_doktypes'] . ') AND deleted=0 AND ' . $perms_clause 00337 ); 00338 while ($row = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res)) { 00339 if ($begin <= 0) { 00340 $theList .= $row['uid'] . ','; 00341 $this->extPageInTreeInfo[] = array($row['uid'], htmlspecialchars($row['title'], $depth)); 00342 } 00343 if ($depth > 1) { 00344 $theList .= $this->extGetTreeList($row['uid'], $depth - 1, $begin - 1, $perms_clause); 00345 } 00346 } 00347 } 00348 return $theList; 00349 } 00350 00351 /** 00352 * Returns the number of cached pages for a page id. 00353 * 00354 * @param integer The page id. 00355 * @return integer The number of pages for this page in the table "cache_pages" 00356 */ 00357 public function extGetNumberOfCachedPages($pageId) { 00358 if (TYPO3_UseCachingFramework) { 00359 $pageCache = $GLOBALS['typo3CacheManager']->getCache('cache_pages'); 00360 $pageCacheEntries = $pageCache->getByTag('pageId_' . (int) $pageId); 00361 $count = count($pageCacheEntries); 00362 } else { 00363 $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('count(*)', 'cache_pages', 'page_id=' . intval($pageId)); 00364 list($count) = $GLOBALS['TYPO3_DB']->sql_fetch_row($res); 00365 } 00366 return $count; 00367 } 00368 00369 00370 /***************************************************** 00371 * 00372 * Localization handling 00373 * 00374 ****************************************************/ 00375 00376 /** 00377 * Returns the label for key, $key. If a translation for the language set in $this->uc['lang'] is found that is returned, otherwise the default value. 00378 * IF the global variable $LOCAL_LANG is NOT an array (yet) then this function loads the global $LOCAL_LANG array with the content of "sysext/lang/locallang_tsfe.php" so that the values therein can be used for labels in the Admin Panel 00379 * 00380 * @param string Key for a label in the $LOCAL_LANG array of "sysext/lang/locallang_tsfe.php" 00381 * @return string The value for the $key 00382 */ 00383 public function extGetLL($key) { 00384 global $LOCAL_LANG; 00385 if (!is_array($LOCAL_LANG)) { 00386 $GLOBALS['LANG']->includeLLFile('EXT:lang/locallang_tsfe.php'); 00387 #include('./'.TYPO3_mainDir.'sysext/lang/locallang_tsfe.php'); 00388 if (!is_array($LOCAL_LANG)) { 00389 $LOCAL_LANG = array(); 00390 } 00391 } 00392 00393 $labelStr = htmlspecialchars($GLOBALS['LANG']->getLL($key)); // Label string in the default backend output charset. 00394 00395 // Convert to utf-8, then to entities: 00396 if ($GLOBALS['LANG']->charSet != 'utf-8') { 00397 $labelStr = $GLOBALS['LANG']->csConvObj->utf8_encode($labelStr, $GLOBALS['LANG']->charSet); 00398 } 00399 $labelStr = $GLOBALS['LANG']->csConvObj->utf8_to_entities($labelStr); 00400 00401 // Return the result: 00402 return $labelStr; 00403 } 00404 00405 } 00406 00407 00408 if (defined('TYPO3_MODE') && isset($GLOBALS['TYPO3_CONF_VARS'][TYPO3_MODE]['XCLASS']['t3lib/class.t3lib_tsfebeuserauth.php'])) { 00409 include_once($GLOBALS['TYPO3_CONF_VARS'][TYPO3_MODE]['XCLASS']['t3lib/class.t3lib_tsfebeuserauth.php']); 00410 } 00411 00412 ?>
1.8.0