Public Member Functions | |
| trackBeUser ($flag) | |
| If flag is set and the extensions 'beuser_tracking' is loaded, this will insert a table row with the REQUEST_URI of current script - thus tracking the scripts the backend users uses... | |
| checkLockToIP () | |
| If TYPO3_CONF_VARS['BE']['enabledBeUserIPLock'] is enabled and an IP-list is found in the User TSconfig objString "options.lockToIP", then make an IP comparison with REMOTE_ADDR and return the outcome (true/false). | |
| backendCheckLogin () | |
| Check if user is logged in and if so, call ->fetchGroupData() to load group information and access lists of all kind, further check IP, set the ->uc array and send login-notification email if required. | |
| checkCLIuser () | |
| If the backend script is in CLI mode, it will try to load a backend user named by the CLI module name (in lowercase). | |
| backendSetUC () | |
| Initialize the internal ->uc array for the backend user Will make the overrides if necessary, and write the UC back to the be_users record if changes has happend. | |
| overrideUC () | |
| Override: Call this function every time the uc is updated. | |
| resetUC () | |
| Clears the user[uc] and ->uc to blank strings. | |
| emailAtLogin () | |
| Will send an email notification to warning_email_address/the login users email address when a login session is just started. | |
| veriCode () | |
| VeriCode returns 10 first chars of a md5 hash of the session cookie AND the encryptionKey from TYPO3_CONF_VARS. | |
Public Attributes | |
| $session_table = 'be_sessions' | |
| $name = 'be_typo_user' | |
| $user_table = 'be_users' | |
| $username_column = 'username' | |
| $userident_column = 'password' | |
| $userid_column = 'uid' | |
| $lastLogin_column = 'lastlogin' | |
| $notifyHeader = 'From: TYPO3 Login notify <no_reply@no_reply.no_reply>' | |
| $enablecolumns | |
| $formfield_uname = 'username' | |
| $formfield_uident = 'userident' | |
| $formfield_chalvalue = 'challenge' | |
| $formfield_status = 'login_status' | |
| $security_level = 'challenged' | |
| $writeStdLog = 1 | |
| $writeAttemptLog = 1 | |
| $auth_include = '' | |
| $auth_timeout_field = 6000 | |
| $lifetime = 0 | |
| $uc | |
| $uc_default | |
|
|
Check if user is logged in and if so, call ->fetchGroupData() to load group information and access lists of all kind, further check IP, set the ->uc array and send login-notification email if required. If no user is logged in the default behaviour is to exit with an error message, but this will happen ONLY if the constant TYPO3_PROCEED_IF_NO_USER is set true. This function is called right after ->start() in fx. init.php
Definition at line 189 of file class.t3lib_beuserauth.php. References backendSetUC(), checkLockToIP(), emailAtLogin(), error(), t3lib_userAuthGroup::fetchGroupData(), t3lib_userAuthGroup::isAdmin(), TYPO3_PROCEED_IF_NO_USER, and typo3PrintError(). 00189 {
00190 if (!$this->user['uid']) {
00191 if (!defined('TYPO3_PROCEED_IF_NO_USER') || !TYPO3_PROCEED_IF_NO_USER) {
00192 t3lib_BEfunc::typo3PrintError ('Login-error','No user logged in! Sorry, I can\'t proceed then!<br /><br />(You must have cookies enabled!)',0);
00193 exit;
00194 }
00195 } else { // ...and if that's the case, call these functions
00196 $this->fetchGroupData(); // The groups are fetched and ready for permission checking in this initialization. Tables.php must be read before this because stuff like the modules has impact in this
00197 if ($this->checkLockToIP()) {
00198 if (!$GLOBALS['TYPO3_CONF_VARS']['BE']['adminOnly'] || $this->isAdmin()) {
00199 $this->backendSetUC(); // Setting the UC array. It's needed with fetchGroupData first, due to default/overriding of values.
00200 $this->emailAtLogin(); // email at login - if option set.
00201 } else {
00202 t3lib_BEfunc::typo3PrintError ('Login-error','TYPO3 is in maintenance mode at the moment. Only administrators are allowed access.',0);
00203 exit;
00204 }
00205 } else {
00206 t3lib_BEfunc::typo3PrintError ('Login-error','IP locking prevented you from being authorized. Can\'t proceed, sorry.',0);
00207 exit;
00208 }
00209 }
00210 }
|
|
|
Initialize the internal ->uc array for the backend user Will make the overrides if necessary, and write the UC back to the be_users record if changes has happend.
Definition at line 241 of file class.t3lib_beuserauth.php. References overrideUC(), t3lib_userAuth::unpack_uc(), and t3lib_userAuth::writeUC(). Referenced by backendCheckLogin(), and resetUC(). 00241 {
00242
00243 // UC - user configuration is a serialized array inside the userobject
00244 $temp_theSavedUC=unserialize($this->user['uc']); // if there is a saved uc we implement that instead of the default one.
00245 if (is_array($temp_theSavedUC)) {
00246 $this->unpack_uc($temp_theSavedUC);
00247 }
00248 // Setting defaults if uc is empty
00249 if (!is_array($this->uc)) {
00250 $this->uc = array_merge($this->uc_default, (array)$TYPO3_CONF_VARS['BE']['defaultUC'], (array)$this->getTSConfigProp('setup.default')); // Candidate for t3lib_div::array_merge() if integer-keys will some day make trouble...
00251 $this->overrideUC();
00252 $U=1;
00253 }
00254 // If TSconfig is updated, update the defaultUC.
00255 if ($this->userTSUpdated) {
00256 $this->overrideUC();
00257 $U=1;
00258 }
00259 // Setting default lang from be_user record.
00260 if (!isset($this->uc['lang'])) {
00261 $this->uc['lang']=$this->user['lang'];
00262 $U=1;
00263 }
00264 // Saving if updated.
00265 if ($U) {
00266 $this->writeUC(); // Method from the t3lib_userauth class.
00267 }
00268 }
|
|
|
If the backend script is in CLI mode, it will try to load a backend user named by the CLI module name (in lowercase).
Definition at line 217 of file class.t3lib_beuserauth.php. References t3lib_userAuthGroup::isAdmin(), and t3lib_userAuth::setBeUserByName(). 00217 {
00218 // First, check if cliMode is enabled:
00219 if (defined('TYPO3_cliMode') && TYPO3_cliMode) {
00220 if (!$this->user['uid']) {
00221 if (substr($GLOBALS['MCONF']['name'],0,5)=='_CLI_') {
00222 $userName = strtolower($GLOBALS['MCONF']['name']);
00223 $this->setBeUserByName($userName);
00224 if ($this->user['uid']) {
00225 if (!$this->isAdmin()) {
00226 return TRUE;
00227 } else die('ERROR: CLI backend user "'.$userName.'" was ADMIN which is not allowed!'.chr(10).chr(10));
00228 } else die('ERROR: No backend user named "'.$userName.'" was found!'.chr(10).chr(10));
00229 } else die('ERROR: Module name, "'.$GLOBALS['MCONF']['name'].'", was not prefixed with "_CLI_"'.chr(10).chr(10));
00230 } else die('ERROR: Another user was already loaded which is impossible in CLI mode!'.chr(10).chr(10));
00231 }
00232 }
|
|
|
If TYPO3_CONF_VARS['BE']['enabledBeUserIPLock'] is enabled and an IP-list is found in the User TSconfig objString "options.lockToIP", then make an IP comparison with REMOTE_ADDR and return the outcome (true/false).
Definition at line 169 of file class.t3lib_beuserauth.php. References $out, $TYPO3_CONF_VARS, and t3lib_userAuthGroup::getTSConfigVal(). Referenced by backendCheckLogin(). 00169 {
00170 global $TYPO3_CONF_VARS;
00171 $out = 1;
00172 if ($TYPO3_CONF_VARS['BE']['enabledBeUserIPLock']) {
00173 $IPList = $this->getTSConfigVal('options.lockToIP');
00174 if (trim($IPList)) {
00175 $baseIP = t3lib_div::getIndpEnv('REMOTE_ADDR');
00176 $out = t3lib_div::cmpIP($baseIP, $IPList);
00177 }
00178 }
00179 return $out;
00180 }
|
|
|
Will send an email notification to warning_email_address/the login users email address when a login session is just started. Depends on various parameters whether mails are send and to whom.
Definition at line 300 of file class.t3lib_beuserauth.php. References t3lib_userAuthGroup::isAdmin(). Referenced by backendCheckLogin(). 00300 {
00301 if ($this->loginSessionStarted) {
00302 // Send notify-mail
00303 $subject = 'At "'.$GLOBALS['TYPO3_CONF_VARS']['SYS']['sitename'].'"'.
00304 ' from '.t3lib_div::getIndpEnv('REMOTE_ADDR').
00305 (t3lib_div::getIndpEnv('REMOTE_HOST') ? ' ('.t3lib_div::getIndpEnv('REMOTE_HOST').')' : '');
00306 $msg = sprintf ('User "%s" logged in from %s (%s) at "%s" (%s)',
00307 $this->user['username'],
00308 t3lib_div::getIndpEnv('REMOTE_ADDR'),
00309 t3lib_div::getIndpEnv('REMOTE_HOST'),
00310 $GLOBALS['TYPO3_CONF_VARS']['SYS']['sitename'],
00311 t3lib_div::getIndpEnv('HTTP_HOST')
00312 );
00313
00314 // Warning email address
00315 if ($GLOBALS['TYPO3_CONF_VARS']['BE']['warning_email_addr']) {
00316 $warn=0;
00317 $prefix='';
00318 if (intval($GLOBALS['TYPO3_CONF_VARS']['BE']['warning_mode']) & 1) { // first bit: All logins
00319 $warn=1;
00320 $prefix= $this->isAdmin() ? '[AdminLoginWarning]' : '[LoginWarning]';
00321 }
00322 if ($this->isAdmin() && (intval($GLOBALS['TYPO3_CONF_VARS']['BE']['warning_mode']) & 2)) { // second bit: Only admin-logins
00323 $warn=1;
00324 $prefix='[AdminLoginWarning]';
00325 }
00326 if ($warn) {
00327 mail($GLOBALS['TYPO3_CONF_VARS']['BE']['warning_email_addr'],
00328 $prefix.' '.$subject,
00329 $msg,
00330 $this->notifyHeader
00331 );
00332 }
00333 }
00334
00335 // If An email should be sent to the current user, do that:
00336 if ($this->uc['emailMeAtLogin'] && strstr($this->user['email'],'@')) {
00337 mail($this->user['email'],
00338 $subject,
00339 $msg,
00340 $this->notifyHeader
00341 );
00342 }
00343 }
00344 }
|
|
|
Override: Call this function every time the uc is updated. That is 1) by reverting to default values, 2) in the setup-module, 3) userTS changes (userauthgroup)
Definition at line 277 of file class.t3lib_beuserauth.php. Referenced by backendSetUC(). 00277 {
00278 $this->uc = array_merge((array)$this->uc, (array)$this->getTSConfigProp('setup.override')); // Candidate for t3lib_div::array_merge() if integer-keys will some day make trouble...
00279 }
|
|
|
Clears the user[uc] and ->uc to blank strings. Then calls ->backendSetUC() to fill it again with reset contents
Definition at line 287 of file class.t3lib_beuserauth.php. References backendSetUC(). 00287 {
00288 $this->user['uc']='';
00289 $this->uc='';
00290 $this->backendSetUC();
00291 }
|
|
|
If flag is set and the extensions 'beuser_tracking' is loaded, this will insert a table row with the REQUEST_URI of current script - thus tracking the scripts the backend users uses... This function works ONLY with the "beuser_tracking" extension and is depreciated since it does nothing useful.
Definition at line 151 of file class.t3lib_beuserauth.php. References t3lib_extMgm::isLoaded(). 00151 {
00152 if ($flag && t3lib_extMgm::isLoaded('beuser_tracking')) {
00153 $insertFields = array(
00154 'userid' => intval($this->user['uid']),
00155 'tstamp' => time(),
00156 'script' => t3lib_div::getIndpEnv('REQUEST_URI')
00157 );
00158
00159 $GLOBALS['TYPO3_DB']->exec_INSERTquery('sys_trackbeuser', $insertFields);
00160 }
00161 }
|
|
|
VeriCode returns 10 first chars of a md5 hash of the session cookie AND the encryptionKey from TYPO3_CONF_VARS. This code is used as an alternative verification when the JavaScript interface executes cmd's to tce_db.php from eg. MSIE 5.0 because the proper referer is not passed with this browser...
Definition at line 352 of file class.t3lib_beuserauth.php. 00352 {
00353 return substr(md5($this->id.$GLOBALS['TYPO3_CONF_VARS']['SYS']['encryptionKey']),0,10);
00354 }
|
|
|
Reimplemented from t3lib_userAuth. Definition at line 104 of file class.t3lib_beuserauth.php. |
|
|
Reimplemented from t3lib_userAuth. Definition at line 106 of file class.t3lib_beuserauth.php. |
|
|
Initial value: Array (
'rootLevel' => 1,
'deleted' => 'deleted',
'disabled' => 'disable',
'starttime' => 'starttime',
'endtime' => 'endtime'
)
Reimplemented from t3lib_userAuth. Definition at line 87 of file class.t3lib_beuserauth.php. |
|
|
Reimplemented from t3lib_userAuth. Definition at line 97 of file class.t3lib_beuserauth.php. |
|
|
Reimplemented from t3lib_userAuth. Definition at line 98 of file class.t3lib_beuserauth.php. |
|
|
Reimplemented from t3lib_userAuth. Definition at line 96 of file class.t3lib_beuserauth.php. |
|
|
Reimplemented from t3lib_userAuth. Definition at line 95 of file class.t3lib_beuserauth.php. |
|
|
Reimplemented from t3lib_userAuth. Definition at line 84 of file class.t3lib_beuserauth.php. |
|
|
Reimplemented from t3lib_userAuth. Definition at line 107 of file class.t3lib_beuserauth.php. |
|
|
Reimplemented from t3lib_userAuth. Definition at line 78 of file class.t3lib_beuserauth.php. |
|
|
Definition at line 85 of file class.t3lib_beuserauth.php. |
|
|
Reimplemented from t3lib_userAuth. Definition at line 99 of file class.t3lib_beuserauth.php. |
|
|
Reimplemented from t3lib_userAuth. Definition at line 77 of file class.t3lib_beuserauth.php. |
|
|
Definition at line 112 of file class.t3lib_beuserauth.php. |
|
|
Initial value: Array ( // 'lang' => 'dk', // this value will be transferred from $BE_USER->user[lang] if not set... 'interfaceSetup' => '', // serialized content that is used to store interface pane and menu positions. Set by the logout.php-script 'moduleData' => Array(), // user-data for the modules 'thumbnailsByDefault' => 0, 'emailMeAtLogin' => 0, 'condensedMode' => 0, 'noMenuMode' => 0, 'startInTaskCenter' => 0, 'hideSubmoduleIcons' => 0, 'helpText' => 1, 'titleLen' => 30, 'edit_wideDocument' => '0', 'edit_showFieldHelp' => 'icon', 'edit_RTE' => '1', 'edit_docModuleUpload' => '1', 'disableCMlayers' => 0, 'navFrameWidth' => '', // Default is 245 pixels 'navFrameResizable' => 0, ) Definition at line 121 of file class.t3lib_beuserauth.php. |
|
|
Reimplemented from t3lib_userAuth. Definition at line 80 of file class.t3lib_beuserauth.php. |
|
|
Reimplemented from t3lib_userAuth. Definition at line 83 of file class.t3lib_beuserauth.php. |
|
|
Reimplemented from t3lib_userAuth. Definition at line 82 of file class.t3lib_beuserauth.php. |
|
|
Reimplemented from t3lib_userAuth. Definition at line 81 of file class.t3lib_beuserauth.php. |
|
|
Reimplemented from t3lib_userAuth. Definition at line 102 of file class.t3lib_beuserauth.php. |
|
|
Reimplemented from t3lib_userAuth. Definition at line 101 of file class.t3lib_beuserauth.php. |
1.3.8-20040913