00001 <?php
00002
00003
00004
00005
00006
00007
00008
00009
00010
00011
00012
00013
00014
00015
00016
00017
00018
00019
00020
00021
00022
00023
00024
00025
00026
00062 define('TYPO3_PROCEED_IF_NO_USER', 1);
00063 require ('init.php');
00064 require ('template.php');
00065
00066
00067
00068
00069
00070
00071
00072
00073
00074
00075
00076
00077
00078
00079
00087 class SC_index {
00088
00089
00090 var $redirect_url;
00091 var $GPinterface;
00092 var $u;
00093 var $p;
00094 var $L;
00095 var $loginRefresh;
00096 var $commandLI;
00097
00098
00099 var $redirectToURL;
00100 var $L_vars;
00101
00102
00103 var $content;
00104
00105 var $interfaceSelector;
00106 var $interfaceSelector_jump;
00107 var $interfaceSelector_hidden;
00108
00109
00110 var $loginSecurityLevel = 'superchallenged';
00111
00112
00113
00114
00120 function init() {
00121 global $BE_USER,$TYPO3_CONF_VARS;
00122
00123
00124 $this->redirect_url = t3lib_div::_GP('redirect_url');
00125 $this->GPinterface = t3lib_div::_GP('interface');
00126
00127 if(t3lib_div::getIndpEnv('TYPO3_SSL')) {
00128 $this->u = t3lib_div::_GP('u');
00129 $this->p = t3lib_div::_GP('p');
00130 }
00131 $this->L = t3lib_div::_GP('L');
00132 $this->loginRefresh = t3lib_div::_GP('loginRefresh');
00133 $this->commandLI = t3lib_div::_GP('commandLI');
00134
00135
00136 if ($TYPO3_CONF_VARS['BE']['loginSecurityLevel']) {
00137 $this->loginSecurityLevel = $TYPO3_CONF_VARS['BE']['loginSecurityLevel'];
00138 }
00139
00140
00141 $this->L_vars = explode('|',$TYPO3_CONF_VARS['BE']['loginLabels']);
00142
00143
00144 $this->redirectToURL = $this->redirect_url ? $this->redirect_url : 'alt_main.php';
00145
00146
00147 if ($this->L=='OUT' && is_object($BE_USER)) {
00148 $BE_USER->logoff();
00149 if ($this->redirect_url) header('Location: '.t3lib_div::locationHeaderUrl($this->redirect_url));
00150 exit;
00151 }
00152 }
00153
00159 function main() {
00160 global $TBE_TEMPLATE, $TYPO3_CONF_VARS, $BE_USER;
00161
00162
00163 $TBE_TEMPLATE->docType='xhtml_trans';
00164
00165
00166 $TBE_TEMPLATE->JScode.='
00167 <script type="text/javascript" src="md5.js"></script>
00168 '.$TBE_TEMPLATE->wrapScriptTags('
00169 function doChallengeResponse(superchallenged) {
00170 password = document.loginform.p_field.value;
00171 if (password) {
00172 if (superchallenged) {
00173 password = MD5(password);
00174 }
00175 str = document.loginform.username.value+":"+password+":"+document.loginform.challenge.value;
00176 document.loginform.userident.value = MD5(str);
00177 document.loginform.p_field.value = "";
00178 return true;
00179 }
00180 }
00181 ');
00182
00183
00184
00185
00186 $this->checkRedirect();
00187
00188
00189 $this->makeInterfaceSelectorBox();
00190
00191
00192 $this->L_vars[6] = str_replace("###SITENAME###",$TYPO3_CONF_VARS['SYS']['sitename'],$this->L_vars[6]);
00193
00194
00195 if (!$BE_USER->user['uid']) {
00196
00197 if ($this->loginSecurityLevel == 'challenged') {
00198 $TBE_TEMPLATE->form = '
00199 <form action="index.php" method="post" name="loginform" onsubmit="doChallengeResponse(0);">
00200 ';
00201 } elseif ($this->loginSecurityLevel == 'normal') {
00202 $TBE_TEMPLATE->form = '
00203 <form action="index.php" method="post" name="loginform" onsubmit="document.loginform.userident.value=document.loginform.p_field.value;document.loginform.p_field.value=\'\';return true;">
00204 ';
00205 } else {
00206 $TBE_TEMPLATE->form = '
00207 <form action="index.php" method="post" name="loginform" onsubmit="doChallengeResponse(1);">
00208 ';
00209 }
00210
00211 $TBE_TEMPLATE->form.= '
00212 <input type="hidden" name="login_status" value="login" />
00213 ';
00214 $loginForm = $this->makeLoginForm();
00215 } else {
00216 $TBE_TEMPLATE->form = '
00217 <form action="index.php" method="post" name="loginform">
00218 <input type="hidden" name="login_status" value="logout" />
00219 ';
00220 $loginForm = $this->makeLogoutForm();
00221 }
00222
00223
00224
00225 $this->content.=$TBE_TEMPLATE->startPage('TYPO3 Login: '.$TYPO3_CONF_VARS['SYS']['sitename']);
00226
00227
00228 $this->content.=$this->wrapLoginForm($loginForm);
00229
00230
00231 $this->content.= '
00232 <input type="hidden" name="userident" value="" />
00233 <input type="hidden" name="challenge" value="'.($challenge = md5(uniqid('').getmypid())).'" />
00234 <input type="hidden" name="redirect_url" value="'.htmlspecialchars($this->redirectToURL).'" />
00235 <input type="hidden" name="loginRefresh" value="'.htmlspecialchars($this->loginRefresh).'" />
00236 '.$this->interfaceSelector_hidden.'
00237 ';
00238
00239
00240 session_start();
00241 $_SESSION['login_challenge'] = $challenge;
00242
00243
00244 $this->content.=$TBE_TEMPLATE->wrapScriptTags('
00245
00246
00247 if (parent.opener && parent.opener.TS && parent.opener.TS.username && document.loginform && document.loginform.username) {
00248 document.loginform.username.value = parent.opener.TS.username;
00249 }
00250
00251
00252 if (document.loginform.username && document.loginform.username.value == "") {
00253 document.loginform.username.focus();
00254 } else if (document.loginform.p_field && document.loginform.p_field.type!="hidden") {
00255 document.loginform.p_field.focus();
00256 }
00257 ');
00258
00259
00260 $this->content.=$TBE_TEMPLATE->endPage();
00261 }
00262
00268 function printContent() {
00269
00270 echo $this->content;
00271 }
00272
00273
00274
00275
00276
00277
00278
00279
00280
00281
00282
00283
00284
00285
00292 function makeLoginForm() {
00293
00294
00295 $content.= '<!--
00296 Login form:
00297 --><table cellspacing="0" cellpadding="0" border="0" id="logintable">
00298 <tr>
00299 <td colspan="2"><h2>'.htmlspecialchars($this->L_vars[6]).'</h2></td>
00300 </tr>'.($this->commandLI ? '
00301 <tr class="c-wrong">
00302 <td colspan="2"><p class="c-wrong">'.htmlspecialchars($this->L_vars[9]).'</p></td>
00303 </tr>' : '').'
00304 <tr class="c-username">
00305 <td><p class="c-username">'.htmlspecialchars($this->L_vars[0]).':</p></td>
00306 <td><input type="text" name="username" value="'.htmlspecialchars($this->u).'" class="c-username" /></td>
00307 </tr>
00308 <tr class="c-password">
00309 <td><p class="c-password">'.htmlspecialchars($this->L_vars[1]).':</p></td>
00310 <td><input type="password" name="p_field" value="'.htmlspecialchars($this->p).'" class="c-password" /></td>
00311 </tr>'.($this->interfaceSelector && !$this->loginRefresh ? '
00312 <tr class="c-interfaceselector">
00313 <td><p class="c-interfaceselector">'.htmlspecialchars($this->L_vars[2]).':</p></td>
00314 <td>'.$this->interfaceSelector.'</td>
00315 </tr>' : '' ).'
00316 <tr class="c-submit">
00317 <td></td>
00318 <td><input type="submit" name="commandLI" value="'.htmlspecialchars($this->L_vars[3]).'" class="c-submit" /></td>
00319 </tr>
00320 <tr class="c-info">
00321 <td colspan="2"><p class="c-info">'.htmlspecialchars($this->L_vars[7]).'</p></td>
00322 </tr>
00323 </table>';
00324
00325
00326 return $content;
00327 }
00328
00335 function makeLogoutForm() {
00336 global $BE_USER;
00337
00338
00339 $content.='
00340
00341 <!--
00342 Login form:
00343 -->
00344 <table cellspacing="0" cellpadding="0" border="0" id="logintable">
00345 <tr>
00346 <td></td>
00347 <td><h2>'.htmlspecialchars($this->L_vars[6]).'</h2></td>
00348 </tr>
00349 <tr class="c-username">
00350 <td><p class="c-username">'.htmlspecialchars($this->L_vars[0]).':</p></td>
00351 <td><p class="c-username-current">'.htmlspecialchars($BE_USER->user['username']).'</p></td>
00352 </tr>'.($this->interfaceSelector_jump ? '
00353 <tr class="c-interfaceselector">
00354 <td><p class="c-interfaceselector">'.htmlspecialchars($this->L_vars[2]).':</p></td>
00355 <td>'.$this->interfaceSelector_jump.'</td>
00356 </tr>' : '' ).'
00357 <tr class="c-submit">
00358 <td><input type="hidden" name="p_field" value="" /></td>
00359 <td><input type="submit" name="commandLO" value="'.htmlspecialchars($this->L_vars[4]).'" class="c-submit" /></td>
00360 </tr>
00361 <tr class="c-info">
00362 <td></td>
00363 <td><p class="c-info">'.htmlspecialchars($this->L_vars[7]).'</p></td>
00364 </tr>
00365 </table>';
00366
00367
00368 return $content;
00369 }
00370
00377 function wrapLoginForm($content) {
00378
00379
00380 $logo = $GLOBALS['TBE_STYLES']['logo_login'] ?
00381 '<img src="'.htmlspecialchars($GLOBALS['BACK_PATH'].$GLOBALS['TBE_STYLES']['logo_login']).'" alt="" />' :
00382 '<img'.t3lib_iconWorks::skinImg($GLOBALS['BACK_PATH'],'gfx/typo3logo.gif','width="123" height="34"').' alt="" />';
00383
00384
00385 $loginboxImage = $this->makeLoginBoxImage();
00386
00387
00388 $content='
00389
00390 <!--
00391 Wrapper table for the login form:
00392 -->
00393 <table cellspacing="0" cellpadding="0" border="0" id="wrapper">
00394 <tr>
00395 <td class="c-wrappercell" align="center">
00396
00397 <!--
00398 Login form image:
00399 -->
00400 <div id="loginimage">
00401 '.$logo.'
00402 </div>
00403
00404 <!--
00405 Login form wrapper:
00406 -->
00407 <table cellspacing="0" cellpadding="0" border="0" id="loginwrapper">
00408 <tr>
00409 <td'.($this->commandLI ? ' class="error"' : '').'>'.$loginboxImage.
00410 $content.'
00411 </td>
00412 </tr>
00413 </table>
00414
00415 <!--
00416 Copyright notice:
00417 -->
00418 <div id="copyrightnotice">
00419 '.$this->makeCopyrightNotice().'
00420 </div>
00421
00422 '.$this->makeLoginNews().'
00423 </td>
00424 </tr>
00425 </table>';
00426
00427
00428 return $content;
00429 }
00430
00436 function checkRedirect() {
00437 global $BE_USER,$TBE_TEMPLATE;
00438
00439
00440
00441 if ($BE_USER->user['uid'] && ($this->commandLI || $this->loginRefresh || !$this->interfaceSelector)) {
00442
00443
00444 if (!$_COOKIE[$BE_USER->name]) {
00445 if ($this->commandLI=='setCookie') {
00446
00447
00448 t3lib_BEfunc::typo3PrintError ('Login-error',"Yeah, that's a classic. No cookies, no TYPO3.<br /><br />Please accept cookies from TYPO3 - otherwise you'll not be able to use the system.",0);
00449 exit;
00450 } else {
00451
00452 $this->redirectToURL = 'index.php?commandLI=setCookie';
00453 }
00454 }
00455
00456 if($redirectToURL = (string)$BE_USER->getTSConfigVal('auth.BE.redirectToURL')) {
00457 $this->redirectToURL = $redirectToURL;
00458 $this->GPinterface = '';
00459 }
00460
00461
00462 switch ($this->GPinterface) {
00463 case 'backend':
00464 $this->redirectToURL = 'alt_main.php';
00465 break;
00466 case 'frontend':
00467 $this->redirectToURL = '../';
00468 break;
00469 }
00470
00471
00472 if (!$this->loginRefresh) {
00473 header('Location: '.t3lib_div::locationHeaderUrl($this->redirectToURL));
00474 exit;
00475 } else {
00476 $TBE_TEMPLATE->JScode.=$TBE_TEMPLATE->wrapScriptTags('
00477 if (parent.opener && parent.opener.busy) {
00478 parent.opener.busy.loginRefreshed();
00479 parent.close();
00480 }
00481 ');
00482 }
00483 } elseif(!$BE_USER->user['uid'] && $this->commandLI) {
00484 sleep(5);
00485 }
00486 }
00487
00493 function makeInterfaceSelectorBox() {
00494 global $TYPO3_CONF_VARS;
00495
00496
00497 $this->interfaceSelector = '';
00498 $this->interfaceSelector_hidden='';
00499 $this->interfaceSelector_jump = '';
00500
00501
00502 if ($TYPO3_CONF_VARS['BE']['interfaces'] && ($this->commandLI || !$this->redirect_url)) {
00503 $parts = t3lib_div::trimExplode(',',$TYPO3_CONF_VARS['BE']['interfaces']);
00504 if (count($parts)>1) {
00505
00506
00507 $tempLabels=explode(',',$this->L_vars[5]);
00508 $labels=array();
00509 $labels['backend']=$tempLabels[0];
00510 $labels['frontend']=$tempLabels[1];
00511
00512 $jumpScript=array();
00513 $jumpScript['backend']='alt_main.php';
00514 $jumpScript['frontend']='../';
00515
00516
00517 foreach($parts as $valueStr) {
00518 $this->interfaceSelector.='
00519 <option value="'.htmlspecialchars($valueStr).'"'.(t3lib_div::_GP('interface')==htmlspecialchars($valueStr) ? ' selected="selected"' : '').'>'.htmlspecialchars($labels[$valueStr]).'</option>';
00520 $this->interfaceSelector_jump.='
00521 <option value="'.htmlspecialchars($jumpScript[$valueStr]).'">'.htmlspecialchars($labels[$valueStr]).'</option>';
00522 }
00523 $this->interfaceSelector='
00524 <select name="interface" class="c-interfaceselector">'.$this->interfaceSelector.'
00525 </select>';
00526 $this->interfaceSelector_jump='
00527 <select name="interface" class="c-interfaceselector" onchange="window.location.href=this.options[this.selectedIndex].value;">'.$this->interfaceSelector_jump.'
00528 </select>';
00529
00530 } else {
00531
00532 $this->interfaceSelector_hidden='<input type="hidden" name="interface" value="'.trim($TYPO3_CONF_VARS['BE']['interfaces']).'" />';
00533 }
00534 }
00535 }
00536
00547 function makeCopyrightNotice() {
00548
00549
00550 $loginCopyrightWarrantyProvider = strip_tags(trim($GLOBALS['TYPO3_CONF_VARS']['SYS']['loginCopyrightWarrantyProvider']));
00551 $loginCopyrightWarrantyURL = strip_tags(trim($GLOBALS['TYPO3_CONF_VARS']['SYS']['loginCopyrightWarrantyURL']));
00552
00553
00554 if (strlen($loginCopyrightWarrantyProvider)>=2 && strlen($loginCopyrightWarrantyURL)>=10) {
00555 $warrantyNote='Warranty is supplied by '.htmlspecialchars($loginCopyrightWarrantyProvider).'; <a href="'.htmlspecialchars($loginCopyrightWarrantyURL).'" target="_blank">click for details.</a>';
00556 } else {
00557 $warrantyNote='TYPO3 comes with ABSOLUTELY NO WARRANTY; <a href="http://typo3.com/1316.0.html" target="_blank">click for details.</a>';
00558 }
00559
00560
00561 $copyrightNotice = '<a href="http://typo3.com/" target="_blank">'.
00562 '<img src="gfx/loginlogo_transp.gif" width="75" height="19" alt="TYPO3 logo" align="left" />'.
00563 'TYPO3 CMS'.($GLOBALS['TYPO3_CONF_VARS']['SYS']['loginCopyrightShowVersion']?' ver. '.htmlspecialchars($GLOBALS['TYPO_VERSION']):'').
00564 '</a>. '.
00565 'Copyright © 1998-2006 Kasper Skårhøj. Extensions are copyright of their respective owners. '.
00566 'Go to <a href="http://typo3.com/" target="_blank">http:
00567 $warrantyNote.' '.
00568 'This is free software, and you are welcome to redistribute it under certain conditions; <a href="http://typo3.com/1316.0.html" target="_blank">click for details</a>. '.
00569 'Obstructing the appearance of this notice is prohibited by law.';
00570
00571
00572 return $copyrightNotice;
00573 }
00574
00580 function makeLoginBoxImage() {
00581 $loginboxImage = '';
00582 if ($GLOBALS['TBE_STYLES']['loginBoxImage_rotationFolder']) {
00583 $absPath = t3lib_div::resolveBackPath(PATH_typo3.$GLOBALS['TBE_STYLES']['loginBoxImage_rotationFolder']);
00584
00585
00586 $dir = t3lib_div::getFileAbsFileName($absPath);
00587 if ($dir && @is_dir($dir)) {
00588
00589
00590 $files = t3lib_div::getFilesInDir($dir,'png,jpg,gif');
00591
00592
00593 srand((float) microtime() * 10000000);
00594 $randImg = array_rand($files, 1);
00595
00596
00597 $imgSize = @getimagesize($dir.$files[$randImg]);
00598
00599
00600 if (is_array($imgSize)) {
00601 $loginboxImage = '<img src="'.htmlspecialchars($GLOBALS['TBE_STYLES']['loginBoxImage_rotationFolder'].$files[$randImg]).'" '.$imgSize[3].' id="loginbox-image" alt="" />';
00602 }
00603 }
00604 } else {
00605 $loginImage = 'loginbox_image_400.png';
00606 $imagecopy = $loginImage=='loginbox_image_dev.png' ? 'You are running the CVS version of TYPO3 '.$GLOBALS['TYPO_VERSION'] : 'Photo: © 2006 Kasper Skårhøj';
00607 $loginboxImage = '<img'.t3lib_iconWorks::skinImg($GLOBALS['BACK_PATH'],'gfx/'.$loginImage,'width="200" height="133"').' id="loginbox-image" alt="'.$imagecopy.'" title="'.$imagecopy.'" />';
00608 }
00609
00610
00611 return $loginboxImage;
00612 }
00613
00620 function makeLoginNews() {
00621
00622
00623 $newsContent= '';
00624
00625
00626 if (is_array($GLOBALS['TYPO3_CONF_VARS']['BE']['loginNews']) && count($GLOBALS['TYPO3_CONF_VARS']['BE']['loginNews'])) {
00627 foreach($GLOBALS['TYPO3_CONF_VARS']['BE']['loginNews'] as $newsItem) {
00628 $newsContent.='
00629 <tr>
00630 <td class="c-date">'.htmlspecialchars($newsItem['date']).'</td>
00631 <td class="c-header">'.htmlspecialchars($newsItem['header']).'</td>
00632 </tr>
00633 <tr>
00634 <td></td>
00635 <td class="c-content">'.trim($newsItem['content']).'</td>
00636 </tr>
00637 <tr class="c-spacer">
00638 <td colspan="2"></td>
00639 </tr>
00640 ';
00641 }
00642
00643
00644 $newsContent= '
00645
00646 <!--
00647 Login screen news:
00648 -->
00649 <div id="loginNews">
00650 <h2>'.htmlspecialchars($this->L_vars[8]).'</h2>
00651 <table border="0" cellpadding="0" cellspacing="0">
00652 '.$newsContent.'
00653 </table>
00654 </div>
00655 ';
00656 }
00657
00658
00659 return $newsContent;
00660 }
00661 }
00662
00663
00664 if (defined('TYPO3_MODE') && $TYPO3_CONF_VARS[TYPO3_MODE]['XCLASS']['typo3/index.php']) {
00665 include_once($TYPO3_CONF_VARS[TYPO3_MODE]['XCLASS']['typo3/index.php']);
00666 }
00667
00668
00669
00670
00671
00672
00673
00674
00675
00676
00677
00678 $SOBE = t3lib_div::makeInstance('SC_index');
00679 $SOBE->init();
00680 $SOBE->main();
00681 $SOBE->printContent();
00682 ?>