Main Page | Directories | Namespace List | Class Hierarchy | Alphabetical List | Class List | File List | Class Members | File Members | Related Pages | Examples
t3lib

class.t3lib_beuserauth.php

Go to the documentation of this file.
00001 <?php
00002 /***************************************************************
00003 *  Copyright notice
00004 *
00005 *  (c) 1999-2004 Kasper Skaarhoj (kasperYYYY@typo3.com)
00006 *  All rights reserved
00007 *
00008 *  This script is part of the TYPO3 project. The TYPO3 project is
00009 *  free software; you can redistribute it and/or modify
00010 *  it under the terms of the GNU General Public License as published by
00011 *  the Free Software Foundation; either version 2 of the License, or
00012 *  (at your option) any later version.
00013 *
00014 *  The GNU General Public License can be found at
00015 *  http://www.gnu.org/copyleft/gpl.html.
00016 *  A copy is found in the textfile GPL.txt and important notices to the license
00017 *  from the author is found in LICENSE.txt distributed with these scripts.
00018 *
00019 *
00020 *  This script is distributed in the hope that it will be useful,
00021 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
00022 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
00023 *  GNU General Public License for more details.
00024 *
00025 *  This copyright notice MUST APPEAR in all copies of the script!
00026 ***************************************************************/
00076 class t3lib_beUserAuth extends t3lib_userAuthGroup {
00077    var $session_table = 'be_sessions';       // Table to use for session data.
00078    var $name = 'be_typo_user';                 // Session/Cookie name
00079 
00080    var $user_table = 'be_users';                // Table in database with userdata
00081    var $username_column = 'username';        // Column for login-name
00082    var $userident_column = 'password';       // Column for password
00083    var $userid_column = 'uid';               // Column for user-id
00084    var $lastLogin_column = 'lastlogin';
00085    var $notifyHeader = 'From: TYPO3 Login notify <no_reply@no_reply.no_reply>';
00086 
00087    var $enablecolumns = Array (
00088       'rootLevel' => 1,
00089       'deleted' => 'deleted',
00090       'disabled' => 'disable',
00091       'starttime' => 'starttime',
00092       'endtime' => 'endtime'
00093    );
00094 
00095    var $formfield_uname = 'username';        // formfield with login-name
00096    var $formfield_uident = 'userident';      // formfield with password
00097    var $formfield_chalvalue = 'challenge';      // formfield with a unique value which is used to encrypt the password and username
00098    var $formfield_status = 'login_status';   // formfield with status: *'login', 'logout'
00099    var $security_level = 'challenged';          // sets the level of security. *'normal' = clear-text. 'challenged' = hashed password/username from form in $formfield_uident. 'superchallenged' = hashed password hashed again with username.
00100 
00101    var $writeStdLog = 1;               // Decides if the writelog() function is called at login and logout
00102    var $writeAttemptLog = 1;           // If the writelog() functions is called if a login-attempt has be tried without success
00103 
00104    var $auth_include = '';                // this is the name of the include-file containing the login form. If not set, login CAN be anonymous. If set login IS needed.
00105 
00106    var $auth_timeout_field = 6000;           // if > 0 : session-timeout in seconds. if false/<0 : no timeout. if string: The string is fieldname from the usertable where the timeout can be found.
00107    var $lifetime = 0;                        // 0 = Session-cookies. If session-cookies, the browser will stop session when the browser is closed. Else it keeps the session for $lifetime seconds.
00108 
00109 
00110 
00111       // User Config:
00112    var $uc;
00113 
00114       // User Config Default values:
00115       // The array may contain other fields for configuration. For this, see "setup" extension and "TSConfig" document (User TSconfig, "setup.[xxx]....")
00116       /*
00117          Reserved keys for other storage of session data:
00118          moduleData
00119          moduleSessionID
00120       */
00121    var $uc_default = Array (
00122 //    'lang' => 'dk',      // this value will be transferred from $BE_USER->user[lang] if not set...
00123       'interfaceSetup' => '', // serialized content that is used to store interface pane and menu positions. Set by the logout.php-script
00124       'moduleData' => Array(),   // user-data for the modules
00125       'thumbnailsByDefault' => 0,
00126       'emailMeAtLogin' => 0,
00127       'condensedMode' => 0,
00128       'noMenuMode' => 0,
00129       'startInTaskCenter' => 0,
00130       'hideSubmoduleIcons' => 0,
00131       'helpText' => 1,
00132       'titleLen' => 30,
00133       'edit_wideDocument' => '0',
00134       'edit_showFieldHelp' => 'icon',
00135       'edit_RTE' => '1',
00136       'edit_docModuleUpload' => '1',
00137       'disableCMlayers' => 0,
00138       'navFrameWidth' => '',  // Default is 245 pixels
00139       'navFrameResizable' => 0,
00140    );
00141 
00142 
00151    function trackBeUser($flag)   {
00152       if ($flag && t3lib_extMgm::isLoaded('beuser_tracking'))  {
00153          $insertFields = array(
00154             'userid' => intval($this->user['uid']),
00155             'tstamp' => time(),
00156             'script' => t3lib_div::getIndpEnv('REQUEST_URI')
00157          );
00158 
00159          $GLOBALS['TYPO3_DB']->exec_INSERTquery('sys_trackbeuser', $insertFields);
00160       }
00161    }
00162 
00169    function checkLockToIP()   {
00170       global $TYPO3_CONF_VARS;
00171       $out = 1;
00172       if ($TYPO3_CONF_VARS['BE']['enabledBeUserIPLock']) {
00173          $IPList = $this->getTSConfigVal('options.lockToIP');
00174          if (trim($IPList))   {
00175             $baseIP = t3lib_div::getIndpEnv('REMOTE_ADDR');
00176             $out = t3lib_div::cmpIP($baseIP, $IPList);
00177          }
00178       }
00179       return $out;
00180    }
00181 
00189    function backendCheckLogin()  {
00190       if (!$this->user['uid'])   {
00191          if (!defined('TYPO3_PROCEED_IF_NO_USER') || !TYPO3_PROCEED_IF_NO_USER)  {
00192             t3lib_BEfunc::typo3PrintError ('Login-error','No user logged in! Sorry, I can\'t proceed then!<br /><br />(You must have cookies enabled!)',0);
00193             exit;
00194          }
00195       } else { // ...and if that's the case, call these functions
00196          $this->fetchGroupData();   // The groups are fetched and ready for permission checking in this initialization. Tables.php must be read before this because stuff like the modules has impact in this
00197          if ($this->checkLockToIP())   {
00198             if (!$GLOBALS['TYPO3_CONF_VARS']['BE']['adminOnly'] || $this->isAdmin())   {
00199                $this->backendSetUC();     // Setting the UC array. It's needed with fetchGroupData first, due to default/overriding of values.
00200                $this->emailAtLogin();     // email at login - if option set.
00201             } else {
00202                t3lib_BEfunc::typo3PrintError ('Login-error','TYPO3 is in maintenance mode at the moment. Only administrators are allowed access.',0);
00203                exit;
00204             }
00205          } else {
00206             t3lib_BEfunc::typo3PrintError ('Login-error','IP locking prevented you from being authorized. Can\'t proceed, sorry.',0);
00207             exit;
00208          }
00209       }
00210    }
00211 
00217    function checkCLIuser() {
00218          // First, check if cliMode is enabled:
00219       if (defined('TYPO3_cliMode') && TYPO3_cliMode)  {
00220          if (!$this->user['uid'])   {
00221             if (substr($GLOBALS['MCONF']['name'],0,5)=='_CLI_')   {
00222                $userName = strtolower($GLOBALS['MCONF']['name']);
00223                $this->setBeUserByName($userName);
00224                if ($this->user['uid']) {
00225                   if (!$this->isAdmin())  {
00226                      return TRUE;
00227                   } else die('ERROR: CLI backend user "'.$userName.'" was ADMIN which is not allowed!'.chr(10).chr(10));
00228                } else die('ERROR: No backend user named "'.$userName.'" was found!'.chr(10).chr(10));
00229             } else die('ERROR: Module name, "'.$GLOBALS['MCONF']['name'].'", was not prefixed with "_CLI_"'.chr(10).chr(10));
00230          } else die('ERROR: Another user was already loaded which is impossible in CLI mode!'.chr(10).chr(10));
00231       }
00232    }
00233 
00241    function backendSetUC() {
00242 
00243          // UC - user configuration is a serialized array inside the userobject
00244       $temp_theSavedUC=unserialize($this->user['uc']);      // if there is a saved uc we implement that instead of the default one.
00245       if (is_array($temp_theSavedUC))  {
00246          $this->unpack_uc($temp_theSavedUC);
00247       }
00248          // Setting defaults if uc is empty
00249       if (!is_array($this->uc))  {
00250          $this->uc = array_merge($this->uc_default, (array)$TYPO3_CONF_VARS['BE']['defaultUC'], (array)$this->getTSConfigProp('setup.default'));   // Candidate for t3lib_div::array_merge() if integer-keys will some day make trouble...
00251          $this->overrideUC();
00252          $U=1;
00253       }
00254          // If TSconfig is updated, update the defaultUC.
00255       if ($this->userTSUpdated)  {
00256          $this->overrideUC();
00257          $U=1;
00258       }
00259          // Setting default lang from be_user record.
00260       if (!isset($this->uc['lang']))   {
00261          $this->uc['lang']=$this->user['lang'];
00262          $U=1;
00263       }
00264          // Saving if updated.
00265       if ($U)  {
00266          $this->writeUC(); // Method from the t3lib_userauth class.
00267       }
00268    }
00269 
00277    function overrideUC()   {
00278       $this->uc = array_merge((array)$this->uc, (array)$this->getTSConfigProp('setup.override'));  // Candidate for t3lib_div::array_merge() if integer-keys will some day make trouble...
00279    }
00280 
00287    function resetUC()   {
00288       $this->user['uc']='';
00289       $this->uc='';
00290       $this->backendSetUC();
00291    }
00292 
00300    function emailAtLogin() {
00301       if ($this->loginSessionStarted)  {
00302             // Send notify-mail
00303          $subject = 'At "'.$GLOBALS['TYPO3_CONF_VARS']['SYS']['sitename'].'"'.
00304                   ' from '.t3lib_div::getIndpEnv('REMOTE_ADDR').
00305                   (t3lib_div::getIndpEnv('REMOTE_HOST') ? ' ('.t3lib_div::getIndpEnv('REMOTE_HOST').')' : '');
00306          $msg = sprintf ('User "%s" logged in from %s (%s) at "%s" (%s)',
00307             $this->user['username'],
00308             t3lib_div::getIndpEnv('REMOTE_ADDR'),
00309             t3lib_div::getIndpEnv('REMOTE_HOST'),
00310             $GLOBALS['TYPO3_CONF_VARS']['SYS']['sitename'],
00311             t3lib_div::getIndpEnv('HTTP_HOST')
00312          );
00313 
00314             // Warning email address
00315          if ($GLOBALS['TYPO3_CONF_VARS']['BE']['warning_email_addr'])   {
00316             $warn=0;
00317             $prefix='';
00318             if (intval($GLOBALS['TYPO3_CONF_VARS']['BE']['warning_mode']) & 1)   {  // first bit: All logins
00319                $warn=1;
00320                $prefix= $this->isAdmin() ? '[AdminLoginWarning]' : '[LoginWarning]';
00321             }
00322             if ($this->isAdmin() && (intval($GLOBALS['TYPO3_CONF_VARS']['BE']['warning_mode']) & 2))  {  // second bit: Only admin-logins
00323                $warn=1;
00324                $prefix='[AdminLoginWarning]';
00325             }
00326             if ($warn)  {
00327                mail($GLOBALS['TYPO3_CONF_VARS']['BE']['warning_email_addr'],
00328                   $prefix.' '.$subject,
00329                   $msg,
00330                   $this->notifyHeader
00331                );
00332             }
00333          }
00334 
00335             // If An email should be sent to the current user, do that:
00336          if ($this->uc['emailMeAtLogin'] && strstr($this->user['email'],'@')) {
00337             mail($this->user['email'],
00338                $subject,
00339                $msg,
00340                $this->notifyHeader
00341             );
00342          }
00343       }
00344    }
00345 
00352    function veriCode()  {
00353       return substr(md5($this->id.$GLOBALS['TYPO3_CONF_VARS']['SYS']['encryptionKey']),0,10);
00354    }
00355 }
00356 
00357 
00358 
00359 
00360 if (defined('TYPO3_MODE') && $TYPO3_CONF_VARS[TYPO3_MODE]['XCLASS']['t3lib/class.t3lib_beuserauth.php']) {
00361    include_once($TYPO3_CONF_VARS[TYPO3_MODE]['XCLASS']['t3lib/class.t3lib_beuserauth.php']);
00362 }
00363 ?>
Generated on Sun Oct 3 01:05:46 2004 for TYPO3core 3.7.0 dev by  doxygen 1.3.8-20040913