Documentation TYPO3 par Ameos |
00001 <?php 00002 /*************************************************************** 00003 * Copyright notice 00004 * 00005 * (c) 1999-2005 Kasper Skaarhoj (kasperYYYY@typo3.com) 00006 * All rights reserved 00007 * 00008 * This script is part of the TYPO3 project. The TYPO3 project is 00009 * free software; you can redistribute it and/or modify 00010 * it under the terms of the GNU General Public License as published by 00011 * the Free Software Foundation; either version 2 of the License, or 00012 * (at your option) any later version. 00013 * 00014 * The GNU General Public License can be found at 00015 * http://www.gnu.org/copyleft/gpl.html. 00016 * A copy is found in the textfile GPL.txt and important notices to the license 00017 * from the author is found in LICENSE.txt distributed with these scripts. 00018 * 00019 * 00020 * This script is distributed in the hope that it will be useful, 00021 * but WITHOUT ANY WARRANTY; without even the implied warranty of 00022 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 00023 * GNU General Public License for more details. 00024 * 00025 * This copyright notice MUST APPEAR in all copies of the script! 00026 ***************************************************************/ 00079 class tslib_feUserAuth extends t3lib_userAuth { 00080 var $session_table = 'fe_sessions'; // Table to use for session data. 00081 var $name = 'fe_typo_user'; // Session/Cookie name 00082 var $get_name = 'ftu'; // Session/GET-var name 00083 00084 var $user_table = 'fe_users'; // Table in database with userdata 00085 var $username_column = 'username'; // Column for login-name 00086 var $userident_column = 'password'; // Column for password 00087 var $userid_column = 'uid'; // Column for user-id 00088 var $lastLogin_column = 'lastlogin'; 00089 00090 var $enablecolumns = Array ( 00091 'deleted' => 'deleted', 00092 'disabled' => 'disable', 00093 'starttime' => 'starttime', 00094 'endtime' => 'endtime' 00095 ); 00096 var $formfield_uname = 'user'; // formfield with login-name 00097 var $formfield_uident = 'pass'; // formfield with password 00098 var $formfield_chalvalue = 'challenge'; // formfield with a unique value which is used to encrypt the password and username 00099 var $formfield_status = 'logintype'; // formfield with status: *'login', 'logout' 00100 var $security_level = ''; // sets the level of security. *'normal' = clear-text. 'challenged' = hashed password/username from form in $formfield_uident. 'superchallenged' = hashed password hashed again with username. 00101 00102 var $auth_include = ''; // this is the name of the include-file containing the login form. If not set, login CAN be anonymous. If set login IS needed. 00103 00104 var $auth_timeout_field = 6000; // if > 0 : session-timeout in seconds. if false/<0 : no timeout. if string: The string is fieldname from the usertable where the timeout can be found. 00105 00106 var $lifetime = 0; // 0 = Session-cookies. If session-cookies, the browser will stop session when the browser is closed. Else it keeps the session for $lifetime seconds. 00107 var $sendNoCacheHeaders = 0; 00108 var $getFallBack = 1; // If this is set, authentication is also accepted by the _GET. Notice that the identification is NOT 128bit MD5 hash but reduced. This is done in order to minimize the size for mobile-devices, such as WAP-phones 00109 var $hash_length = 10; 00110 var $getMethodEnabled = 1; // Login may be supplied by url. 00111 00112 var $usergroup_column = 'usergroup'; 00113 var $usergroup_table = 'fe_groups'; 00114 var $groupData = Array( 00115 'title' =>Array(), 00116 'uid' =>Array(), 00117 'pid' =>Array() 00118 ); 00119 var $TSdataArray=array(); // Used to accumulate the TSconfig data of the user 00120 var $userTS = array(); 00121 var $userTSUpdated=0; 00122 var $showHiddenRecords=0; 00123 00124 // Session and user data: 00125 /* 00126 There are two types of data that can be stored: UserData and Session-Data. Userdata is for the login-user, and session-data for anyone viewing the pages. 00127 'Keys' are keys in the internal dataarray of the data. When you get or set a key in one of the data-spaces (user or session) you decide the type of the variable (not object though) 00128 'Reserved' keys are: 00129 - 'recs': Array: Used to 'register' records, eg in a shopping basket. Structure: [recs][tablename][record_uid]=number 00130 - sys: Reserved for TypoScript standard code. 00131 */ 00132 var $sesData = Array(); 00133 var $sesData_change = 0; 00134 var $userData_change = 0; 00135 00136 00143 function fetchGroupData() { 00144 $this->TSdataArray = array(); 00145 $this->userTS = array(); 00146 $this->userTSUpdated = 0; 00147 $this->groupData = Array( 00148 'title' => Array(), 00149 'uid' => Array(), 00150 'pid' => Array() 00151 ); 00152 00153 // Setting default configuration: 00154 $this->TSdataArray[]=$GLOBALS['TYPO3_CONF_VARS']['FE']['defaultUserTSconfig']; 00155 00156 // get the info data for auth services 00157 $authInfo = $this->getAuthInfoArray(); 00158 00159 if ($this->writeDevLog) t3lib_div::devLog('Get usergroups for user: '.t3lib_div::arrayToLogString($this->user, array($this->userid_column,$this->username_column)), 'tslib_feUserAuth'); 00160 00161 $groupDataArr = array(); 00162 00163 // use 'auth' service to find the groups for the user 00164 $serviceChain=''; 00165 $subType = 'getGroups'.$this->loginType; 00166 while (is_object($serviceObj = t3lib_div::makeInstanceService('auth', $subType, $serviceChain))) { 00167 $serviceChain.=','.$serviceObj->getServiceKey(); 00168 $serviceObj->initAuth($subType, array(), $authInfo, $this); 00169 00170 $groupData = $serviceObj->getGroups($this->user, $groupDataArr); 00171 if (is_array($groupData) && count($groupData)) { 00172 $groupDataArr = t3lib_div::array_merge($groupDataArr, $groupData); // Keys in $groupData should be unique ids of the groups (like "uid") so this function will override groups. 00173 } 00174 unset($serviceObj); 00175 } 00176 if ($this->writeDevLog AND $serviceChain) t3lib_div::devLog($subType.' auth services called: '.$serviceChain, 'tslib_feUserAuth'); 00177 if ($this->writeDevLog AND !count($groupDataArr)) t3lib_div::devLog('No usergroups found by services', 'tslib_feUserAuth'); 00178 if ($this->writeDevLog AND count($groupDataArr)) t3lib_div::devLog(count($groupDataArr).' usergroup records found by services', 'tslib_feUserAuth'); 00179 00180 00181 // use 'auth' service to check the usergroups if they are really valid 00182 foreach ($groupDataArr as $groupData) { 00183 // by default a group is valid 00184 $validGroup = TRUE; 00185 00186 $serviceChain=''; 00187 $subType = 'authGroups'.$this->loginType; 00188 while (is_object($serviceObj = t3lib_div::makeInstanceService('auth', $subType, $serviceChain))) { 00189 $serviceChain.=','.$serviceObj->getServiceKey(); 00190 $serviceObj->initAuth($subType, array(), $authInfo, $this); 00191 00192 if (!$serviceObj->authGroup($this->user, $groupData)) { 00193 $validGroup = FALSE; 00194 if ($this->writeDevLog) t3lib_div::devLog($subType.' auth service did not auth group: '.t3lib_div::arrayToLogString($groupData, 'uid,title'), 'tslib_feUserAuth', 2); 00195 00196 break; 00197 } 00198 unset($serviceObj); 00199 } 00200 unset($serviceObj); 00201 00202 if ($validGroup) { 00203 $this->groupData['title'][$groupData['uid']]=$groupData['title']; 00204 $this->groupData['uid'][$groupData['uid']]=$groupData['uid']; 00205 $this->groupData['pid'][$groupData['uid']]=$groupData['pid']; 00206 $this->groupData['TSconfig'][$groupData['uid']]=$groupData['TSconfig']; 00207 } 00208 } 00209 00210 if (count($this->groupData) && count($this->groupData['TSconfig'])) { 00211 // TSconfig: collect it in the order it was collected 00212 foreach($this->groupData['TSconfig'] as $TSdata) { 00213 $this->TSdataArray[]=$TSdata; 00214 } 00215 00216 $this->TSdataArray[]=$this->user['TSconfig']; 00217 00218 // Sort information 00219 ksort($this->groupData['title']); 00220 ksort($this->groupData['uid']); 00221 ksort($this->groupData['pid']); 00222 } 00223 00224 return count($this->groupData['uid']) ? count($this->groupData['uid']) : 0; 00225 } 00226 00233 function getUserTSconf() { 00234 if (!$this->userTSUpdated) { 00235 // Parsing the user TS (or getting from cache) 00236 $this->TSdataArray = t3lib_TSparser::checkIncludeLines_array($this->TSdataArray); 00237 $userTS = implode(chr(10).'[GLOBAL]'.chr(10),$this->TSdataArray); 00238 $parseObj = t3lib_div::makeInstance('t3lib_TSparser'); 00239 $parseObj->parse($userTS); 00240 $this->userTS = $parseObj->setup; 00241 00242 $this->userTSUpdated=1; 00243 } 00244 return $this->userTS; 00245 } 00246 00247 00248 00249 00250 00251 00252 00253 00254 00255 00256 00257 00258 00259 00260 00261 00262 00263 /***************************************** 00264 * 00265 * Session data management functions 00266 * 00267 ****************************************/ 00268 00278 function fetchSessionData() { 00279 // Gets SesData if any 00280 if ($this->id) { 00281 $dbres = $GLOBALS['TYPO3_DB']->exec_SELECTquery('*', 'fe_session_data', 'hash='.$GLOBALS['TYPO3_DB']->fullQuoteStr($this->id, 'fe_session_data')); 00282 if ($sesDataRow = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($dbres)) { 00283 $this->sesData = unserialize($sesDataRow['content']); 00284 } 00285 } 00286 // delete old data: 00287 if ((rand()%100) <= 1) { // a possibility of 1 % for garbage collection. 00288 $GLOBALS['TYPO3_DB']->exec_DELETEquery('fe_session_data', 'tstamp < '.intval(time()-3600*24)); // all data older than 24 hours are deleted. 00289 } 00290 } 00291 00300 function storeSessionData() { 00301 // Saves UC and SesData if changed. 00302 if ($this->userData_change) { 00303 $this->writeUC(''); 00304 } 00305 if ($this->sesData_change) { 00306 if ($this->id) { 00307 $insertFields = array ( 00308 'hash' => $this->id, 00309 'content' => serialize($this->sesData), 00310 'tstamp' => time() 00311 ); 00312 $GLOBALS['TYPO3_DB']->exec_DELETEquery('fe_session_data', 'hash='.$GLOBALS['TYPO3_DB']->fullQuoteStr($this->id, 'fe_session_data')); 00313 $GLOBALS['TYPO3_DB']->exec_INSERTquery('fe_session_data', $insertFields); 00314 } 00315 } 00316 } 00317 00326 function getKey($type,$key) { 00327 if ($key) { 00328 switch($type) { 00329 case 'user': 00330 return $this->uc[$key]; 00331 break; 00332 case 'ses': 00333 return $this->sesData[$key]; 00334 break; 00335 } 00336 } 00337 } 00338 00351 function setKey($type,$key,$data) { 00352 if ($key) { 00353 switch($type) { 00354 case 'user': 00355 if ($this->user['uid']) { 00356 $this->uc[$key]=$data; 00357 $this->userData_change=1; 00358 } 00359 break; 00360 case 'ses': 00361 $this->sesData[$key]=$data; 00362 $this->sesData_change=1; 00363 break; 00364 } 00365 } 00366 } 00367 00377 function record_registration($recs,$maxSizeOfSessionData=0) { 00378 00379 // Storing value ONLY if there is a confirmed cookie set (->cookieID), otherwise a shellscript could easily be spamming the fe_sessions table with bogus content and thus bloat the database 00380 if (!$maxSizeOfSessionData || $this->cookieId===$this->id) { 00381 if ($recs['clear_all']) { 00382 $this->setKey('ses','recs',''); 00383 } 00384 $change=0; 00385 $recs_array=$this->getKey('ses','recs'); 00386 reset($recs); 00387 while(list($table,$data)=each($recs)) { 00388 if (is_array($data)) { 00389 reset($data); 00390 while(list($rec_id,$value)=each($data)) { 00391 if ($value != $recs_array[$table][$rec_id]) { 00392 $recs_array[$table][$rec_id] = $value; 00393 $change=1; 00394 } 00395 } 00396 } 00397 } 00398 if ($change && (!$maxSizeOfSessionData || strlen(serialize($recs_array))<$maxSizeOfSessionData)) { 00399 $this->setKey('ses','recs',$recs_array); 00400 } 00401 } 00402 } 00403 } 00404 00405 00406 if (defined('TYPO3_MODE') && $TYPO3_CONF_VARS[TYPO3_MODE]['XCLASS']['tslib/class.tslib_feuserauth.php']) { 00407 include_once($TYPO3_CONF_VARS[TYPO3_MODE]['XCLASS']['tslib/class.tslib_feuserauth.php']); 00408 } 00409 ?>