TYPO3 CMS  TYPO3_6-2
AbstractUserAuthentication.php
Go to the documentation of this file.
1 <?php
2 namespace TYPO3\CMS\Core\Authentication;
3 
17 use TYPO3\CMS\Core\Database\DatabaseConnection;
18 use TYPO3\CMS\Core\Utility\GeneralUtility;
19 
32 abstract class AbstractUserAuthentication {
33 
39  public $global_database = '';
40 
46  public $session_table = '';
47 
53  public $name = '';
54 
60  public $get_name = '';
61 
67  public $user_table = '';
68 
73  public $usergroup_table = '';
74 
80  public $username_column = '';
81 
87  public $userident_column = '';
88 
94  public $userid_column = '';
95 
100  public $usergroup_column = '';
101 
107  public $lastLogin_column = '';
108 
114  public $enablecolumns = array(
115  'rootLevel' => '',
116  // Boolean: If TRUE, 'AND pid=0' will be a part of the query...
117  'disabled' => '',
118  'starttime' => '',
119  'endtime' => '',
120  'deleted' => ''
121  );
122 
126  public $showHiddenRecords = FALSE;
127 
133  public $formfield_uname = '';
134 
140  public $formfield_uident = '';
141 
147  public $formfield_chalvalue = '';
148 
154  public $formfield_status = '';
155 
164  public $auth_timeout_field = 0;
165 
174  public $lifetime = 0;
175 
183  public $gc_time = 0;
184 
190  public $gc_probability = 1;
191 
197  public $writeStdLog = FALSE;
198 
204  public $writeAttemptLog = FALSE;
205 
211  public $sendNoCacheHeaders = TRUE;
212 
220  public $getFallBack = FALSE;
221 
231  public $hash_length = 32;
232 
239  public $getMethodEnabled = FALSE;
240 
247  public $lockIP = 4;
248 
256  public $lockHashKeyWords = 'useragent';
257 
262  public $warningEmail = '';
263 
269  public $warningPeriod = 3600;
270 
276  public $warningMax = 3;
277 
283  public $checkPid = TRUE;
284 
290  public $checkPid_value = 0;
291 
298  public $id;
299 
308  public $cookieId;
309 
315  public $loginFailure = FALSE;
316 
322  public $loginSessionStarted = FALSE;
323 
329  public $user = NULL;
330 
338  public $get_URL_ID = '';
339 
345  public $newSessionID = FALSE;
346 
352  public $forceSetCookie = FALSE;
353 
359  public $dontSetCookie = FALSE;
360 
364  protected $cookieWasSetOnCurrentRequest = FALSE;
365 
372  public $challengeStoredInCookie = FALSE;
373 
379  public $loginType = '';
380 
386  public $svConfig = array();
387 
393  public $writeDevLog = FALSE;
394 
398  public $uc;
399 
403  protected $db = NULL;
404 
408  public function __construct() {
409  $this->db = $this->getDatabaseConnection();
410  }
411 
425  public function start() {
426  // Backend or frontend login - used for auth services
427  if (empty($this->loginType)) {
428  throw new \TYPO3\CMS\Core\Exception('No loginType defined, should be set explicitly by subclass');
429  }
430  // Enable dev logging if set
431  if ($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['t3lib/class.t3lib_userauth.php']['writeDevLog']) {
432  $this->writeDevLog = TRUE;
433  }
434  if ($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['t3lib/class.t3lib_userauth.php']['writeDevLog' . $this->loginType]) {
435  $this->writeDevLog = TRUE;
436  }
437  if (TYPO3_DLOG) {
438  $this->writeDevLog = TRUE;
439  }
440  if ($this->writeDevLog) {
441  GeneralUtility::devLog('## Beginning of auth logging.', 'TYPO3\\CMS\\Core\\Authentication\\AbstractUserAuthentication');
442  }
443  // Init vars.
444  $mode = '';
445  $this->newSessionID = FALSE;
446  // $id is set to ses_id if cookie is present. Else set to FALSE, which will start a new session
447  $id = $this->getCookie($this->name);
448  $this->svConfig = $GLOBALS['TYPO3_CONF_VARS']['SVCONF']['auth'];
449 
450  // If fallback to get mode....
451  if (!$id && $this->getFallBack && $this->get_name) {
452  $id = isset($_GET[$this->get_name]) ? GeneralUtility::_GET($this->get_name) : '';
453  if (strlen($id) != $this->hash_length) {
454  $id = '';
455  }
456  $mode = 'get';
457  }
458 
459  // If new session or client tries to fix session...
460  if (!$id || !$this->isExistingSessionRecord($id)) {
461  // New random session-$id is made
462  $id = $this->createSessionId();
463  // New session
464  $this->newSessionID = TRUE;
465  }
466  // Internal var 'id' is set
467  $this->id = $id;
468  // If fallback to get mode....
469  if ($mode == 'get' && $this->getFallBack && $this->get_name) {
470  $this->get_URL_ID = '&' . $this->get_name . '=' . $id;
471  }
472  // Set session hashKey lock keywords from configuration; currently only 'useragent' can be used.
473  $this->lockHashKeyWords = $GLOBALS['TYPO3_CONF_VARS'][$this->loginType]['lockHashKeyWords'];
474  // Make certain that NO user is set initially
475  $this->user = NULL;
476  // Set all possible headers that could ensure that the script is not cached on the client-side
477  if ($this->sendNoCacheHeaders && !(TYPO3_REQUESTTYPE & TYPO3_REQUESTTYPE_CLI)) {
478  header('Expires: 0');
479  header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
480  $cacheControlHeader = 'no-cache, must-revalidate';
481  $pragmaHeader = 'no-cache';
482  // Prevent error message in IE when using a https connection
483  // see http://forge.typo3.org/issues/24125
484  $clientInfo = GeneralUtility::clientInfo();
485  if ($clientInfo['BROWSER'] === 'msie' && GeneralUtility::getIndpEnv('TYPO3_SSL')) {
486  // Some IEs can not handle no-cache
487  // see http://support.microsoft.com/kb/323308/en-us
488  $cacheControlHeader = 'must-revalidate';
489  // IE needs "Pragma: private" if SSL connection
490  $pragmaHeader = 'private';
491  }
492  header('Cache-Control: ' . $cacheControlHeader);
493  header('Pragma: ' . $pragmaHeader);
494  }
495  // Load user session, check to see if anyone has submitted login-information and if so authenticate
496  // the user with the session. $this->user[uid] may be used to write log...
497  $this->checkAuthentication();
498  // Setting cookies
499  if (!$this->dontSetCookie) {
500  $this->setSessionCookie();
501  }
502  // Hook for alternative ways of filling the $this->user array (is used by the "timtaw" extension)
503  if (is_array($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['t3lib/class.t3lib_userauth.php']['postUserLookUp'])) {
504  foreach ($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['t3lib/class.t3lib_userauth.php']['postUserLookUp'] as $funcName) {
505  $_params = array(
506  'pObj' => &$this
507  );
508  GeneralUtility::callUserFunction($funcName, $_params, $this);
509  }
510  }
511  // Set $this->gc_time if not explicitely specified
512  if ($this->gc_time == 0) {
513  // Default to 1 day if $this->auth_timeout_field is 0
514  $this->gc_time = $this->auth_timeout_field == 0 ? 86400 : $this->auth_timeout_field;
515  }
516  // If we're lucky we'll get to clean up old sessions....
517  if (rand() % 100 <= $this->gc_probability) {
518  $this->gc();
519  }
520  }
521 
528  protected function setSessionCookie() {
529  $isSetSessionCookie = $this->isSetSessionCookie();
530  $isRefreshTimeBasedCookie = $this->isRefreshTimeBasedCookie();
531  if ($isSetSessionCookie || $isRefreshTimeBasedCookie) {
532  $settings = $GLOBALS['TYPO3_CONF_VARS']['SYS'];
533  // Get the domain to be used for the cookie (if any):
534  $cookieDomain = $this->getCookieDomain();
535  // If no cookie domain is set, use the base path:
536  $cookiePath = $cookieDomain ? '/' : GeneralUtility::getIndpEnv('TYPO3_SITE_PATH');
537  // If the cookie lifetime is set, use it:
538  $cookieExpire = $isRefreshTimeBasedCookie ? $GLOBALS['EXEC_TIME'] + $this->lifetime : 0;
539  // Use the secure option when the current request is served by a secure connection:
540  $cookieSecure = (bool) $settings['cookieSecure'] && GeneralUtility::getIndpEnv('TYPO3_SSL');
541  // Deliver cookies only via HTTP and prevent possible XSS by JavaScript:
542  $cookieHttpOnly = (bool) $settings['cookieHttpOnly'];
543  // Do not set cookie if cookieSecure is set to "1" (force HTTPS) and no secure channel is used:
544  if ((int)$settings['cookieSecure'] !== 1 || GeneralUtility::getIndpEnv('TYPO3_SSL')) {
545  setcookie($this->name, $this->id, $cookieExpire, $cookiePath, $cookieDomain, $cookieSecure, $cookieHttpOnly);
546  $this->cookieWasSetOnCurrentRequest = TRUE;
547  } else {
548  throw new \TYPO3\CMS\Core\Exception('Cookie was not set since HTTPS was forced in $TYPO3_CONF_VARS[SYS][cookieSecure].', 1254325546);
549  }
550  if ($this->writeDevLog) {
551  $devLogMessage = ($isRefreshTimeBasedCookie ? 'Updated Cookie: ' : 'Set Cookie: ') . $this->id;
552  GeneralUtility::devLog($devLogMessage . ($cookieDomain ? ', ' . $cookieDomain : ''), 'TYPO3\\CMS\\Core\\Authentication\\AbstractUserAuthentication');
553  }
554  }
555  }
556 
563  protected function getCookieDomain() {
564  $result = '';
565  $cookieDomain = $GLOBALS['TYPO3_CONF_VARS']['SYS']['cookieDomain'];
566  // If a specific cookie domain is defined for a given TYPO3_MODE,
567  // use that domain
568  if (!empty($GLOBALS['TYPO3_CONF_VARS'][$this->loginType]['cookieDomain'])) {
569  $cookieDomain = $GLOBALS['TYPO3_CONF_VARS'][$this->loginType]['cookieDomain'];
570  }
571  if ($cookieDomain) {
572  if ($cookieDomain[0] == '/') {
573  $match = array();
574  $matchCnt = @preg_match($cookieDomain, GeneralUtility::getIndpEnv('TYPO3_HOST_ONLY'), $match);
575  if ($matchCnt === FALSE) {
576  GeneralUtility::sysLog('The regular expression for the cookie domain (' . $cookieDomain . ') contains errors. The session is not shared across sub-domains.', 'Core', GeneralUtility::SYSLOG_SEVERITY_ERROR);
577  } elseif ($matchCnt) {
578  $result = $match[0];
579  }
580  } else {
581  $result = $cookieDomain;
582  }
583  }
584  return $result;
585  }
586 
593  protected function getCookie($cookieName) {
594  return isset($_COOKIE[$cookieName]) ? stripslashes($_COOKIE[$cookieName]) : '';
595  }
596 
604  public function isSetSessionCookie() {
605  return ($this->newSessionID || $this->forceSetCookie) && $this->lifetime == 0;
606  }
607 
615  public function isRefreshTimeBasedCookie() {
616  return $this->lifetime > 0;
617  }
618 
627  public function checkAuthentication() {
628  // No user for now - will be searched by service below
629  $tempuserArr = array();
630  $tempuser = FALSE;
631  // User is not authenticated by default
632  $authenticated = FALSE;
633  // User want to login with passed login data (name/password)
634  $activeLogin = FALSE;
635  // Indicates if an active authentication failed (not auto login)
636  $this->loginFailure = FALSE;
637  if ($this->writeDevLog) {
638  GeneralUtility::devLog('Login type: ' . $this->loginType, 'TYPO3\\CMS\\Core\\Authentication\\AbstractUserAuthentication');
639  }
640  // The info array provide additional information for auth services
641  $authInfo = $this->getAuthInfoArray();
642  // Get Login/Logout data submitted by a form or params
643  $loginData = $this->getLoginFormData();
644  if ($this->writeDevLog) {
645  GeneralUtility::devLog('Login data: ' . GeneralUtility::arrayToLogString($loginData), 'TYPO3\\CMS\\Core\\Authentication\\AbstractUserAuthentication');
646  }
647  // Active logout (eg. with "logout" button)
648  if ($loginData['status'] == 'logout') {
649  if ($this->writeStdLog) {
650  // $type,$action,$error,$details_nr,$details,$data,$tablename,$recuid,$recpid
651  $this->writelog(255, 2, 0, 2, 'User %s logged out', array($this->user['username']), '', 0, 0);
652  }
653  // Logout written to log
654  if ($this->writeDevLog) {
655  GeneralUtility::devLog('User logged out. Id: ' . $this->id, 'TYPO3\\CMS\\Core\\Authentication\\AbstractUserAuthentication', -1);
656  }
657  $this->logoff();
658  }
659  // Active login (eg. with login form)
660  if ($loginData['status'] == 'login') {
661  $activeLogin = TRUE;
662  if ($this->writeDevLog) {
663  GeneralUtility::devLog('Active login (eg. with login form)', 'TYPO3\\CMS\\Core\\Authentication\\AbstractUserAuthentication');
664  }
665  // check referer for submitted login values
666  if ($this->formfield_status && $loginData['uident'] && $loginData['uname']) {
667  $httpHost = GeneralUtility::getIndpEnv('TYPO3_HOST_ONLY');
668  if (!$this->getMethodEnabled && ($httpHost != $authInfo['refInfo']['host'] && !$GLOBALS['TYPO3_CONF_VARS']['SYS']['doNotCheckReferer'])) {
669  throw new \RuntimeException('TYPO3 Fatal Error: Error: This host address ("' . $httpHost . '") and the referer host ("' . $authInfo['refInfo']['host'] . '") mismatches!<br />
670  It\'s possible that the environment variable HTTP_REFERER is not passed to the script because of a proxy.<br />
671  The site administrator can disable this check in the "All Configuration" section of the Install Tool (flag: TYPO3_CONF_VARS[SYS][doNotCheckReferer]).', 1270853930);
672  }
673  // Delete old user session if any
674  $this->logoff();
675  }
676  // Refuse login for _CLI users, if not processing a CLI request type
677  // (although we shouldn't be here in case of a CLI request type)
678  if (strtoupper(substr($loginData['uname'], 0, 5)) == '_CLI_' && !(TYPO3_REQUESTTYPE & TYPO3_REQUESTTYPE_CLI)) {
679  throw new \RuntimeException('TYPO3 Fatal Error: You have tried to login using a CLI user. Access prohibited!', 1270853931);
680  }
681  }
682  // The following code makes auto-login possible (if configured). No submitted data needed
683  // Determine whether we need to skip session update.
684  // This is used mainly for checking session timeout without
685  // refreshing the session itself while checking.
686  $skipSessionUpdate = (bool)GeneralUtility::_GP('skipSessionUpdate');
687  $haveSession = FALSE;
688  if (!$this->newSessionID) {
689  // Read user session
690  $authInfo['userSession'] = $this->fetchUserSession($skipSessionUpdate);
691  $haveSession = is_array($authInfo['userSession']) ? TRUE : FALSE;
692  }
693  if ($this->writeDevLog) {
694  if ($haveSession) {
695  GeneralUtility::devLog('User session found: ' . GeneralUtility::arrayToLogString($authInfo['userSession'], array($this->userid_column, $this->username_column)), 'TYPO3\\CMS\\Core\\Authentication\\AbstractUserAuthentication', 0);
696  } else {
697  GeneralUtility::devLog('No user session found.', 'TYPO3\\CMS\\Core\\Authentication\\AbstractUserAuthentication', 2);
698  }
699  if (is_array($this->svConfig['setup'])) {
700  GeneralUtility::devLog('SV setup: ' . GeneralUtility::arrayToLogString($this->svConfig['setup']), 'TYPO3\\CMS\\Core\\Authentication\\AbstractUserAuthentication', 0);
701  }
702  }
703  // Fetch user if ...
704  if (
705  $activeLogin || $this->svConfig['setup'][$this->loginType . '_alwaysFetchUser']
706  || !$haveSession && $this->svConfig['setup'][$this->loginType . '_fetchUserIfNoSession']
707  ) {
708  // Use 'auth' service to find the user
709  // First found user will be used
710  $serviceChain = '';
711  $subType = 'getUser' . $this->loginType;
712  while (is_object($serviceObj = GeneralUtility::makeInstanceService('auth', $subType, $serviceChain))) {
713  $serviceChain .= ',' . $serviceObj->getServiceKey();
714  $serviceObj->initAuth($subType, $loginData, $authInfo, $this);
715  if ($row = $serviceObj->getUser()) {
716  $tempuserArr[] = $row;
717  if ($this->writeDevLog) {
718  GeneralUtility::devLog('User found: ' . GeneralUtility::arrayToLogString($row, array($this->userid_column, $this->username_column)), 'TYPO3\\CMS\\Core\\Authentication\\AbstractUserAuthentication', 0);
719  }
720  // User found, just stop to search for more if not configured to go on
721  if (!$this->svConfig['setup'][($this->loginType . '_fetchAllUsers')]) {
722  break;
723  }
724  }
725  unset($serviceObj);
726  }
727  unset($serviceObj);
728  if ($this->writeDevLog && $this->svConfig['setup'][$this->loginType . '_alwaysFetchUser']) {
729  GeneralUtility::devLog($this->loginType . '_alwaysFetchUser option is enabled', 'TYPO3\\CMS\\Core\\Authentication\\AbstractUserAuthentication');
730  }
731  if ($this->writeDevLog && $serviceChain) {
732  GeneralUtility::devLog($subType . ' auth services called: ' . $serviceChain, 'TYPO3\\CMS\\Core\\Authentication\\AbstractUserAuthentication');
733  }
734  if ($this->writeDevLog && !count($tempuserArr)) {
735  GeneralUtility::devLog('No user found by services', 'TYPO3\\CMS\\Core\\Authentication\\AbstractUserAuthentication');
736  }
737  if ($this->writeDevLog && count($tempuserArr)) {
738  GeneralUtility::devLog(count($tempuserArr) . ' user records found by services', 'TYPO3\\CMS\\Core\\Authentication\\AbstractUserAuthentication');
739  }
740  }
741  // If no new user was set we use the already found user session
742  if (!count($tempuserArr) && $haveSession) {
743  $tempuserArr[] = $authInfo['userSession'];
744  $tempuser = $authInfo['userSession'];
745  // User is authenticated because we found a user session
746  $authenticated = TRUE;
747  if ($this->writeDevLog) {
748  GeneralUtility::devLog('User session used: ' . GeneralUtility::arrayToLogString($authInfo['userSession'], array($this->userid_column, $this->username_column)), 'TYPO3\\CMS\\Core\\Authentication\\AbstractUserAuthentication');
749  }
750  }
751  // Re-auth user when 'auth'-service option is set
752  if ($this->svConfig['setup'][$this->loginType . '_alwaysAuthUser']) {
753  $authenticated = FALSE;
754  if ($this->writeDevLog) {
755  GeneralUtility::devLog('alwaysAuthUser option is enabled', 'TYPO3\\CMS\\Core\\Authentication\\AbstractUserAuthentication');
756  }
757  }
758  // Authenticate the user if needed
759  if (count($tempuserArr) && !$authenticated) {
760  foreach ($tempuserArr as $tempuser) {
761  // Use 'auth' service to authenticate the user
762  // If one service returns FALSE then authentication failed
763  // a service might return 100 which means there's no reason to stop but the user can't be authenticated by that service
764  if ($this->writeDevLog) {
765  GeneralUtility::devLog('Auth user: ' . GeneralUtility::arrayToLogString($tempuser), 'TYPO3\\CMS\\Core\\Authentication\\AbstractUserAuthentication');
766  }
767  $serviceChain = '';
768  $subType = 'authUser' . $this->loginType;
769  while (is_object($serviceObj = GeneralUtility::makeInstanceService('auth', $subType, $serviceChain))) {
770  $serviceChain .= ',' . $serviceObj->getServiceKey();
771  $serviceObj->initAuth($subType, $loginData, $authInfo, $this);
772  if (($ret = $serviceObj->authUser($tempuser)) > 0) {
773  // If the service returns >=200 then no more checking is needed - useful for IP checking without password
774  if ((int)$ret >= 200) {
775  $authenticated = TRUE;
776  break;
777  } elseif ((int)$ret >= 100) {
778 
779  } else {
780  $authenticated = TRUE;
781  }
782  } else {
783  $authenticated = FALSE;
784  break;
785  }
786  unset($serviceObj);
787  }
788  unset($serviceObj);
789  if ($this->writeDevLog && $serviceChain) {
790  GeneralUtility::devLog($subType . ' auth services called: ' . $serviceChain, 'TYPO3\\CMS\\Core\\Authentication\\AbstractUserAuthentication');
791  }
792  if ($authenticated) {
793  // Leave foreach() because a user is authenticated
794  break;
795  }
796  }
797  }
798  // If user is authenticated a valid user is in $tempuser
799  if ($authenticated) {
800  // Reset failure flag
801  $this->loginFailure = FALSE;
802  // Insert session record if needed:
803  if (!($haveSession && ($tempuser['ses_id'] == $this->id || $tempuser['uid'] == $authInfo['userSession']['ses_userid']))) {
804  $sessionData = $this->createUserSession($tempuser);
805  if ($sessionData) {
806  $this->user = array_merge(
807  $tempuser,
808  $sessionData
809  );
810  }
811  // The login session is started.
812  $this->loginSessionStarted = TRUE;
813  if ($this->writeDevLog && is_array($this->user)) {
814  GeneralUtility::devLog('User session finally read: ' . GeneralUtility::arrayToLogString($this->user, array($this->userid_column, $this->username_column)), 'TYPO3\\CMS\\Core\\Authentication\\AbstractUserAuthentication', -1);
815  }
816  } elseif ($haveSession) {
817  $this->user = $authInfo['userSession'];
818  }
819  if ($activeLogin && !$this->newSessionID) {
820  $this->regenerateSessionId();
821  }
822  // User logged in - write that to the log!
823  if ($this->writeStdLog && $activeLogin) {
824  $this->writelog(255, 1, 0, 1, 'User %s logged in from %s (%s)', array($tempuser[$this->username_column], GeneralUtility::getIndpEnv('REMOTE_ADDR'), GeneralUtility::getIndpEnv('REMOTE_HOST')), '', '', '', -1, '', $tempuser['uid']);
825  }
826  if ($this->writeDevLog && $activeLogin) {
827  GeneralUtility::devLog('User ' . $tempuser[$this->username_column] . ' logged in from ' . GeneralUtility::getIndpEnv('REMOTE_ADDR') . ' (' . GeneralUtility::getIndpEnv('REMOTE_HOST') . ')', 'TYPO3\\CMS\\Core\\Authentication\\AbstractUserAuthentication', -1);
828  }
829  if ($this->writeDevLog && !$activeLogin) {
830  GeneralUtility::devLog('User ' . $tempuser[$this->username_column] . ' authenticated from ' . GeneralUtility::getIndpEnv('REMOTE_ADDR') . ' (' . GeneralUtility::getIndpEnv('REMOTE_HOST') . ')', 'TYPO3\\CMS\\Core\\Authentication\\AbstractUserAuthentication', -1);
831  }
832  if ((int)$GLOBALS['TYPO3_CONF_VARS']['BE']['lockSSL'] === 3 && $this->user_table === 'be_users') {
833  $requestStr = substr(GeneralUtility::getIndpEnv('TYPO3_REQUEST_SCRIPT'), strlen(GeneralUtility::getIndpEnv('TYPO3_SITE_URL') . TYPO3_mainDir));
834  $backendScript = \TYPO3\CMS\Backend\Utility\BackendUtility::getBackendScript();
835  if ($requestStr == $backendScript && GeneralUtility::getIndpEnv('TYPO3_SSL')) {
836  list(, $url) = explode('://', GeneralUtility::getIndpEnv('TYPO3_SITE_URL'), 2);
837  list($server, $address) = explode('/', $url, 2);
838  if ((int)$GLOBALS['TYPO3_CONF_VARS']['BE']['lockSSLPort']) {
839  $sslPortSuffix = ':' . (int)$GLOBALS['TYPO3_CONF_VARS']['BE']['lockSSLPort'];
840  // strip port from server
841  $server = str_replace($sslPortSuffix, '', $server);
842  }
843  \TYPO3\CMS\Core\Utility\HttpUtility::redirect('http://' . $server . '/' . $address . TYPO3_mainDir . $backendScript);
844  }
845  }
846  } elseif ($activeLogin || count($tempuserArr)) {
847  $this->loginFailure = TRUE;
848  if ($this->writeDevLog && !count($tempuserArr) && $activeLogin) {
849  GeneralUtility::devLog('Login failed: ' . GeneralUtility::arrayToLogString($loginData), 'TYPO3\\CMS\\Core\\Authentication\\AbstractUserAuthentication', 2);
850  }
851  if ($this->writeDevLog && count($tempuserArr)) {
852  GeneralUtility::devLog('Login failed: ' . GeneralUtility::arrayToLogString($tempuser, array($this->userid_column, $this->username_column)), 'TYPO3\\CMS\\Core\\Authentication\\AbstractUserAuthentication', 2);
853  }
854  }
855  // If there were a login failure, check to see if a warning email should be sent:
856  if ($this->loginFailure && $activeLogin) {
857  if ($this->writeDevLog) {
858  GeneralUtility::devLog('Call checkLogFailures: ' . GeneralUtility::arrayToLogString(array('warningEmail' => $this->warningEmail, 'warningPeriod' => $this->warningPeriod, 'warningMax' => $this->warningMax)), 'TYPO3\\CMS\\Core\\Authentication\\AbstractUserAuthentication', -1);
859  }
860 
861  // Hook to implement login failure tracking methods
862  if (
863  !empty($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['t3lib/class.t3lib_userauth.php']['postLoginFailureProcessing'])
864  && is_array($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['t3lib/class.t3lib_userauth.php']['postLoginFailureProcessing'])
865  ) {
866  $_params = array();
867  foreach ($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['t3lib/class.t3lib_userauth.php']['postLoginFailureProcessing'] as $_funcRef) {
868  GeneralUtility::callUserFunction($_funcRef, $_params, $this);
869  }
870  } else {
871  // If no hook is implemented, wait for 5 seconds
872  sleep(5);
873  }
874 
875  $this->checkLogFailures($this->warningEmail, $this->warningPeriod, $this->warningMax);
876  }
877  }
878 
884  public function createSessionId() {
885  return GeneralUtility::getRandomHexString($this->hash_length);
886  }
887 
893  protected function regenerateSessionId() {
894  $oldSessionId = $this->id;
895  $this->id = $this->createSessionId();
896  // Update session record with new ID
897  $this->db->exec_UPDATEquery(
898  $this->session_table,
899  'ses_id = ' . $this->db->fullQuoteStr($oldSessionId, $this->session_table)
900  . ' AND ses_name = ' . $this->db->fullQuoteStr($this->name, $this->session_table),
901  array('ses_id' => $this->id)
902  );
903  $this->user['ses_id'] = $this->id;
904  $this->newSessionID = TRUE;
905  }
906 
907  /*************************
908  *
909  * User Sessions
910  *
911  *************************/
920  public function createUserSession($tempuser) {
921  if ($this->writeDevLog) {
922  GeneralUtility::devLog('Create session ses_id = ' . $this->id, 'TYPO3\\CMS\\Core\\Authentication\\AbstractUserAuthentication');
923  }
924  // Delete session entry first
925  $this->db->exec_DELETEquery(
926  $this->session_table,
927  'ses_id = ' . $this->db->fullQuoteStr($this->id, $this->session_table)
928  . ' AND ses_name = ' . $this->db->fullQuoteStr($this->name, $this->session_table)
929  );
930  // Re-create session entry
931  $insertFields = $this->getNewSessionRecord($tempuser);
932  $inserted = (boolean) $this->db->exec_INSERTquery($this->session_table, $insertFields);
933  if (!$inserted) {
934  $message = 'Session data could not be written to DB. Error: ' . $this->db->sql_error();
935  GeneralUtility::sysLog($message, 'Core', GeneralUtility::SYSLOG_SEVERITY_WARNING);
936  if ($this->writeDevLog) {
937  GeneralUtility::devLog($message, 'TYPO3\\CMS\\Core\\Authentication\\AbstractUserAuthentication', 2);
938  }
939  }
940  // Updating lastLogin_column carrying information about last login.
941  if ($this->lastLogin_column && $inserted) {
942  $this->db->exec_UPDATEquery(
943  $this->user_table,
944  $this->userid_column . '=' . $this->db->fullQuoteStr($tempuser[$this->userid_column], $this->user_table),
945  array($this->lastLogin_column => $GLOBALS['EXEC_TIME'])
946  );
947  }
948 
949  return $inserted ? $insertFields : array();
950  }
951 
960  public function getNewSessionRecord($tempuser) {
961  return array(
962  'ses_id' => $this->id,
963  'ses_name' => $this->name,
964  'ses_iplock' => $tempuser['disableIPlock'] ? '[DISABLED]' : $this->ipLockClause_remoteIPNumber($this->lockIP),
965  'ses_hashlock' => $this->hashLockClause_getHashInt(),
966  'ses_userid' => $tempuser[$this->userid_column],
967  'ses_tstamp' => $GLOBALS['EXEC_TIME']
968  );
969  }
970 
978  public function fetchUserSession($skipSessionUpdate = FALSE) {
979  $user = FALSE;
980  if ($this->writeDevLog) {
981  GeneralUtility::devLog('Fetch session ses_id = ' . $this->id, 'TYPO3\\CMS\\Core\\Authentication\\AbstractUserAuthentication');
982  }
983 
984  // Fetch the user session from the DB
985  $statement = $this->fetchUserSessionFromDB();
986 
987  if ($statement) {
988  $statement->execute();
989  $user = $statement->fetch();
990  $statement->free();
991  }
992  if ($user) {
993  // A user was found
994  if (\TYPO3\CMS\Core\Utility\MathUtility::canBeInterpretedAsInteger($this->auth_timeout_field)) {
995  // Get timeout from object
996  $timeout = (int)$this->auth_timeout_field;
997  } else {
998  // Get timeout-time from usertable
999  $timeout = (int)$user[$this->auth_timeout_field];
1000  }
1001  // If timeout > 0 (TRUE) and current time has not exceeded the latest sessions-time plus the timeout in seconds then accept user
1002  // Option later on: We could check that last update was at least x seconds ago in order not to update twice in a row if one script redirects to another...
1003  if ($timeout > 0 && $GLOBALS['EXEC_TIME'] < $user['ses_tstamp'] + $timeout) {
1004  if (!$skipSessionUpdate) {
1005  $this->db->exec_UPDATEquery($this->session_table, 'ses_id=' . $this->db->fullQuoteStr($this->id, $this->session_table)
1006  . ' AND ses_name=' . $this->db->fullQuoteStr($this->name, $this->session_table), array('ses_tstamp' => $GLOBALS['EXEC_TIME']));
1007  // Make sure that the timestamp is also updated in the array
1008  $user['ses_tstamp'] = $GLOBALS['EXEC_TIME'];
1009  }
1010  } else {
1011  // Delete any user set...
1012  $this->logoff();
1013  $user = FALSE;
1014  }
1015  }
1016  return $user;
1017  }
1018 
1027  public function logoff() {
1028  if ($this->writeDevLog) {
1029  GeneralUtility::devLog('logoff: ses_id = ' . $this->id, 'TYPO3\\CMS\\Core\\Authentication\\AbstractUserAuthentication');
1030  }
1031  // Release the locked records
1032  \TYPO3\CMS\Backend\Utility\BackendUtility::lockRecords();
1033  // Hook for pre-processing the logoff() method, requested and implemented by andreas.otto@dkd.de:
1034  if (is_array($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['t3lib/class.t3lib_userauth.php']['logoff_pre_processing'])) {
1035  $_params = array();
1036  foreach ($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['t3lib/class.t3lib_userauth.php']['logoff_pre_processing'] as $_funcRef) {
1037  if ($_funcRef) {
1038  GeneralUtility::callUserFunction($_funcRef, $_params, $this);
1039  }
1040  }
1041  }
1042  $this->db->exec_DELETEquery($this->session_table, 'ses_id = ' . $this->db->fullQuoteStr($this->id, $this->session_table) . '
1043  AND ses_name = ' . $this->db->fullQuoteStr($this->name, $this->session_table));
1044  $this->user = NULL;
1045  // Hook for post-processing the logoff() method, requested and implemented by andreas.otto@dkd.de:
1046  if (is_array($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['t3lib/class.t3lib_userauth.php']['logoff_post_processing'])) {
1047  $_params = array();
1048  foreach ($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['t3lib/class.t3lib_userauth.php']['logoff_post_processing'] as $_funcRef) {
1049  if ($_funcRef) {
1050  GeneralUtility::callUserFunction($_funcRef, $_params, $this);
1051  }
1052  }
1053  }
1054  }
1055 
1062  public function removeCookie($cookieName) {
1063  $cookieDomain = $this->getCookieDomain();
1064  // If no cookie domain is set, use the base path
1065  $cookiePath = $cookieDomain ? '/' : GeneralUtility::getIndpEnv('TYPO3_SITE_PATH');
1066  setcookie($cookieName, NULL, -1, $cookiePath, $cookieDomain);
1067  }
1068 
1077  public function isExistingSessionRecord($id) {
1078  $statement = $this->db->prepare_SELECTquery('COUNT(*)', $this->session_table, 'ses_id = :ses_id');
1079  $statement->execute(array(':ses_id' => $id));
1080  $row = $statement->fetch(\TYPO3\CMS\Core\Database\PreparedStatement::FETCH_NUM);
1081  $statement->free();
1082  return $row[0] ? TRUE : FALSE;
1083  }
1084 
1092  public function isCookieSet() {
1093  return $this->cookieWasSetOnCurrentRequest || $this->getCookie($this->name);
1094  }
1095 
1096  /*************************
1097  *
1098  * SQL Functions
1099  *
1100  *************************/
1111  protected function fetchUserSessionFromDB() {
1112  $statement = NULL;
1113  $ipLockClause = $this->ipLockClause();
1114  if ($GLOBALS['CLIENT']['BROWSER'] == 'flash') {
1115  // If on the flash client, the veri code is valid, then the user session is fetched
1116  // from the DB without the hashLock clause
1117  if (GeneralUtility::_GP('vC') == $this->veriCode()) {
1118  $statement = $this->db->prepare_SELECTquery('*', $this->session_table . ',' . $this->user_table, $this->session_table . '.ses_id = :ses_id
1119  AND ' . $this->session_table . '.ses_name = :ses_name
1120  AND ' . $this->session_table . '.ses_userid = ' . $this->user_table . '.' . $this->userid_column . '
1121  ' . $ipLockClause['where'] . '
1122  ' . $this->user_where_clause());
1123  $statement->bindValues(array(
1124  ':ses_id' => $this->id,
1125  ':ses_name' => $this->name
1126  ));
1127  $statement->bindValues($ipLockClause['parameters']);
1128  }
1129  } else {
1130  $statement = $this->db->prepare_SELECTquery('*', $this->session_table . ',' . $this->user_table, $this->session_table . '.ses_id = :ses_id
1131  AND ' . $this->session_table . '.ses_name = :ses_name
1132  AND ' . $this->session_table . '.ses_userid = ' . $this->user_table . '.' . $this->userid_column . '
1133  ' . $ipLockClause['where'] . '
1134  ' . $this->hashLockClause() . '
1135  ' . $this->user_where_clause());
1136  $statement->bindValues(array(
1137  ':ses_id' => $this->id,
1138  ':ses_name' => $this->name
1139  ));
1140  $statement->bindValues($ipLockClause['parameters']);
1141  }
1142  return $statement;
1143  }
1144 
1152  protected function user_where_clause() {
1153  $whereClause = '';
1154  if ($this->enablecolumns['rootLevel']) {
1155  $whereClause .= 'AND ' . $this->user_table . '.pid=0 ';
1156  }
1157  if ($this->enablecolumns['disabled']) {
1158  $whereClause .= ' AND ' . $this->user_table . '.' . $this->enablecolumns['disabled'] . '=0';
1159  }
1160  if ($this->enablecolumns['deleted']) {
1161  $whereClause .= ' AND ' . $this->user_table . '.' . $this->enablecolumns['deleted'] . '=0';
1162  }
1163  if ($this->enablecolumns['starttime']) {
1164  $whereClause .= ' AND (' . $this->user_table . '.' . $this->enablecolumns['starttime'] . '<=' . $GLOBALS['EXEC_TIME'] . ')';
1165  }
1166  if ($this->enablecolumns['endtime']) {
1167  $whereClause .= ' AND (' . $this->user_table . '.' . $this->enablecolumns['endtime'] . '=0 OR '
1168  . $this->user_table . '.' . $this->enablecolumns['endtime'] . '>' . $GLOBALS['EXEC_TIME'] . ')';
1169  }
1170  return $whereClause;
1171  }
1172 
1179  protected function ipLockClause() {
1180  $statementClause = array(
1181  'where' => '',
1182  'parameters' => array()
1183  );
1184  if ($this->lockIP) {
1185  $statementClause['where'] = 'AND (
1186  ' . $this->session_table . '.ses_iplock = :ses_iplock
1187  OR ' . $this->session_table . '.ses_iplock=\'[DISABLED]\'
1188  )';
1189  $statementClause['parameters'] = array(
1190  ':ses_iplock' => $this->ipLockClause_remoteIPNumber($this->lockIP)
1191  );
1192  }
1193  return $statementClause;
1194  }
1195 
1204  protected function ipLockClause_remoteIPNumber($parts) {
1205  $IP = GeneralUtility::getIndpEnv('REMOTE_ADDR');
1206  if ($parts >= 4) {
1207  return $IP;
1208  } else {
1209  $parts = \TYPO3\CMS\Core\Utility\MathUtility::forceIntegerInRange($parts, 1, 3);
1210  $IPparts = explode('.', $IP);
1211  for ($a = 4; $a > $parts; $a--) {
1212  unset($IPparts[$a - 1]);
1213  }
1214  return implode('.', $IPparts);
1215  }
1216  }
1217 
1225  public function veriCode() {
1226  return substr(md5($this->id . $GLOBALS['TYPO3_CONF_VARS']['SYS']['encryptionKey']), 0, 10);
1227  }
1228 
1235  protected function hashLockClause() {
1236  return 'AND ' . $this->session_table . '.ses_hashlock=' . $this->hashLockClause_getHashInt();
1237  }
1238 
1245  protected function hashLockClause_getHashInt() {
1246  $hashStr = '';
1247  if (GeneralUtility::inList($this->lockHashKeyWords, 'useragent')) {
1248  $hashStr .= ':' . GeneralUtility::getIndpEnv('HTTP_USER_AGENT');
1249  }
1250  return GeneralUtility::md5int($hashStr);
1251  }
1252 
1253  /*************************
1254  *
1255  * Session and Configuration Handling
1256  *
1257  *************************/
1267  public function writeUC($variable = '') {
1268  if (is_array($this->user) && $this->user[$this->userid_column]) {
1269  if (!is_array($variable)) {
1270  $variable = $this->uc;
1271  }
1272  if ($this->writeDevLog) {
1273  GeneralUtility::devLog('writeUC: ' . $this->userid_column . '=' . (int)$this->user[$this->userid_column], 'TYPO3\\CMS\\Core\\Authentication\\AbstractUserAuthentication');
1274  }
1275  $this->db->exec_UPDATEquery($this->user_table, $this->userid_column . '=' . (int)$this->user[$this->userid_column], array('uc' => serialize($variable)));
1276  }
1277  }
1278 
1287  public function unpack_uc($theUC = '') {
1288  if (!$theUC && isset($this->user['uc'])) {
1289  $theUC = unserialize($this->user['uc']);
1290  }
1291  if (is_array($theUC)) {
1292  $this->uc = $theUC;
1293  }
1294  }
1295 
1307  public function pushModuleData($module, $data, $noSave = 0) {
1308  $this->uc['moduleData'][$module] = $data;
1309  $this->uc['moduleSessionID'][$module] = $this->id;
1310  if (!$noSave) {
1311  $this->writeUC();
1312  }
1313  }
1314 
1323  public function getModuleData($module, $type = '') {
1324  if ($type != 'ses' || (isset($this->uc['moduleSessionID'][$module]) && $this->uc['moduleSessionID'][$module] == $this->id)) {
1325  return $this->uc['moduleData'][$module];
1326  }
1327  return NULL;
1328  }
1329 
1338  public function getSessionData($key) {
1339  $sesDat = unserialize($this->user['ses_data']);
1340  return $sesDat[$key];
1341  }
1342 
1352  public function setAndSaveSessionData($key, $data) {
1353  $sesDat = unserialize($this->user['ses_data']);
1354  $sesDat[$key] = $data;
1355  $this->user['ses_data'] = serialize($sesDat);
1356  if ($this->writeDevLog) {
1357  GeneralUtility::devLog('setAndSaveSessionData: ses_id = ' . $this->user['ses_id'], 'TYPO3\\CMS\\Core\\Authentication\\AbstractUserAuthentication');
1358  }
1359  $this->db->exec_UPDATEquery($this->session_table, 'ses_id=' . $this->db->fullQuoteStr($this->user['ses_id'], $this->session_table), array('ses_data' => $this->user['ses_data']));
1360  }
1361 
1362  /*************************
1363  *
1364  * Misc
1365  *
1366  *************************/
1374  public function getLoginFormData() {
1375  $loginData = array();
1376  if ($this->getMethodEnabled) {
1377  $loginData['status'] = GeneralUtility::_GP($this->formfield_status);
1378  $loginData['uname'] = GeneralUtility::_GP($this->formfield_uname);
1379  $loginData['uident'] = GeneralUtility::_GP($this->formfield_uident);
1380  $loginData['chalvalue'] = GeneralUtility::_GP($this->formfield_chalvalue);
1381  } else {
1382  $loginData['status'] = GeneralUtility::_POST($this->formfield_status);
1383  $loginData['uname'] = GeneralUtility::_POST($this->formfield_uname);
1384  $loginData['uident'] = GeneralUtility::_POST($this->formfield_uident);
1385  $loginData['chalvalue'] = GeneralUtility::_POST($this->formfield_chalvalue);
1386  }
1387  // Only process the login data if a login is requested
1388  if ($loginData['status'] === 'login') {
1389  $loginData = $this->processLoginData($loginData);
1390  }
1391  return $loginData;
1392  }
1393 
1404  public function processLoginData($loginData, $passwordTransmissionStrategy = '') {
1405  $loginSecurityLevel = $GLOBALS['TYPO3_CONF_VARS'][$this->loginType]['loginSecurityLevel']
1406  ? trim($GLOBALS['TYPO3_CONF_VARS'][$this->loginType]['loginSecurityLevel'])
1407  : 'normal';
1408  $passwordTransmissionStrategy = $passwordTransmissionStrategy ?: $loginSecurityLevel;
1409  if ($this->writeDevLog) {
1410  GeneralUtility::devLog('Login data before processing: ' . GeneralUtility::arrayToLogString($loginData), 'TYPO3\\CMS\\Core\\Authentication\\AbstractUserAuthentication');
1411  }
1412  $serviceChain = '';
1413  $subType = 'processLoginData' . $this->loginType;
1414  $authInfo = $this->getAuthInfoArray();
1415  $isLoginDataProcessed = FALSE;
1416  $processedLoginData = $loginData;
1417  while (is_object($serviceObject = GeneralUtility::makeInstanceService('auth', $subType, $serviceChain))) {
1418  $serviceChain .= ',' . $serviceObject->getServiceKey();
1419  $serviceObject->initAuth($subType, $loginData, $authInfo, $this);
1420  $serviceResult = $serviceObject->processLoginData($processedLoginData, $passwordTransmissionStrategy);
1421  if (!empty($serviceResult)) {
1422  $isLoginDataProcessed = TRUE;
1423  // If the service returns >=200 then no more processing is needed
1424  if ((int)$serviceResult >= 200) {
1425  unset($serviceObject);
1426  break;
1427  }
1428  }
1429  unset($serviceObject);
1430  }
1431  if ($isLoginDataProcessed) {
1432  $loginData = $processedLoginData;
1433  if ($this->writeDevLog) {
1434  GeneralUtility::devLog('Processed login data: ' . GeneralUtility::arrayToLogString($processedLoginData), 'TYPO3\\CMS\\Core\\Authentication\\AbstractUserAuthentication');
1435  }
1436  }
1437  return $loginData;
1438  }
1439 
1447  public function getAuthInfoArray() {
1448  $authInfo = array();
1449  $authInfo['loginType'] = $this->loginType;
1450  $authInfo['refInfo'] = parse_url(GeneralUtility::getIndpEnv('HTTP_REFERER'));
1451  $authInfo['HTTP_HOST'] = GeneralUtility::getIndpEnv('HTTP_HOST');
1452  $authInfo['REMOTE_ADDR'] = GeneralUtility::getIndpEnv('REMOTE_ADDR');
1453  $authInfo['REMOTE_HOST'] = GeneralUtility::getIndpEnv('REMOTE_HOST');
1454  $authInfo['showHiddenRecords'] = $this->showHiddenRecords;
1455  // Can be overidden in localconf by SVCONF:
1456  $authInfo['db_user']['table'] = $this->user_table;
1457  $authInfo['db_user']['userid_column'] = $this->userid_column;
1458  $authInfo['db_user']['username_column'] = $this->username_column;
1459  $authInfo['db_user']['userident_column'] = $this->userident_column;
1460  $authInfo['db_user']['usergroup_column'] = $this->usergroup_column;
1461  $authInfo['db_user']['enable_clause'] = $this->user_where_clause();
1462  if ($this->checkPid && $this->checkPid_value !== NULL) {
1463  $authInfo['db_user']['checkPidList'] = $this->checkPid_value;
1464  $authInfo['db_user']['check_pid_clause'] = ' AND pid IN (' .
1465  $this->db->cleanIntList($this->checkPid_value) . ')';
1466  } else {
1467  $authInfo['db_user']['checkPidList'] = '';
1468  $authInfo['db_user']['check_pid_clause'] = '';
1469  }
1470  $authInfo['db_groups']['table'] = $this->usergroup_table;
1471  return $authInfo;
1472  }
1473 
1483  public function compareUident($user, $loginData, $passwordCompareStrategy = '') {
1484  $OK = FALSE;
1485  switch ($passwordCompareStrategy) {
1486  case 'superchallenged':
1487 
1488  case 'challenged':
1489  // Check challenge stored in cookie:
1490  if ($this->challengeStoredInCookie) {
1491  session_start();
1492  if ($_SESSION['login_challenge'] !== $loginData['chalvalue']) {
1493  if ($this->writeDevLog) {
1494  GeneralUtility::devLog('PHP Session stored challenge "' . $_SESSION['login_challenge'] . '" and submitted challenge "' . $loginData['chalvalue'] . '" did not match, so authentication failed!', 'TYPO3\\CMS\\Core\\Authentication\\AbstractUserAuthentication', 2);
1495  }
1496  $this->logoff();
1497  return FALSE;
1498  }
1499  }
1500  $compareStrategyHash = md5($user[$this->username_column] . ':' . $user[$this->userident_column] . ':' . $loginData['chalvalue']);
1501  if ((string)$loginData[('uident_' . $passwordCompareStrategy)] === $compareStrategyHash) {
1502  $OK = TRUE;
1503  }
1504  break;
1505  default:
1506  // normal
1507  if ((string)$loginData['uident_text'] !== '' && (string)$loginData['uident_text'] === (string)$user[$this->userident_column]) {
1508  $OK = TRUE;
1509  }
1510  }
1511  return $OK;
1512  }
1513 
1521  public function gc() {
1522  $this->db->exec_DELETEquery($this->session_table, 'ses_tstamp < ' . (int)($GLOBALS['EXEC_TIME'] - $this->gc_time) . ' AND ses_name = ' . $this->db->fullQuoteStr($this->name, $this->session_table));
1523  }
1524 
1540  public function writelog($type, $action, $error, $details_nr, $details, $data, $tablename, $recuid, $recpid) {
1541 
1542  }
1543 
1554  public function checkLogFailures($email, $secondsBack, $maxFailures) {
1555 
1556  }
1557 
1572  public function setBeUserByUid($uid) {
1573  $this->user = $this->getRawUserByUid($uid);
1574  }
1575 
1585  public function setBeUserByName($name) {
1586  $this->user = $this->getRawUserByName($name);
1587  }
1588 
1597  public function getRawUserByUid($uid) {
1598  $user = FALSE;
1599  $dbres = $this->db->exec_SELECTquery('*', $this->user_table, 'uid=' . (int)$uid . ' ' . $this->user_where_clause());
1600  if ($dbres) {
1601  $user = $this->db->sql_fetch_assoc($dbres);
1602  $this->db->sql_free_result($dbres);
1603  }
1604  return $user;
1605  }
1606 
1616  public function getRawUserByName($name) {
1617  $user = FALSE;
1618  $dbres = $this->db->exec_SELECTquery('*', $this->user_table, 'username=' . $this->db->fullQuoteStr($name, $this->user_table) . ' ' . $this->user_where_clause());
1619  if ($dbres) {
1620  $user = $this->db->sql_fetch_assoc($dbres);
1621  $this->db->sql_free_result($dbres);
1622  }
1623  return $user;
1624  }
1625 
1626  /*************************
1627  *
1628  * Create/update user - EXPERIMENTAL
1629  *
1630  *************************/
1641  public function fetchUserRecord($dbUser, $username, $extraWhere = '') {
1642  $user = FALSE;
1643  $usernameClause = $username ? $dbUser['username_column'] . '=' . $this->db->fullQuoteStr($username, $dbUser['table']) : '1=1';
1644  if ($username || $extraWhere) {
1645  // Look up the user by the username and/or extraWhere:
1646  $dbres = $this->db->exec_SELECTquery('*', $dbUser['table'], $usernameClause . $dbUser['check_pid_clause'] . $dbUser['enable_clause'] . $extraWhere);
1647  if ($dbres) {
1648  $user = $this->db->sql_fetch_assoc($dbres);
1649  $this->db->sql_free_result($dbres);
1650  }
1651  }
1652  return $user;
1653  }
1654 
1659  protected function getDatabaseConnection() {
1660  return $GLOBALS['TYPO3_DB'];
1661  }
1662 }
TYPO3\CMS\Core\Utility\GeneralUtility\devLog
static devLog($msg, $extKey, $severity=0, $dataVar=FALSE)
Definition: GeneralUtility.php:5167
TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\compareUident
compareUident($user, $loginData, $passwordCompareStrategy='')
Definition: AbstractUserAuthentication.php:1483
TYPO3\CMS\Core\Utility\MathUtility\forceIntegerInRange
static forceIntegerInRange($theInt, $min, $max=2000000000, $defaultValue=0)
Definition: MathUtility.php:32
TYPO3\CMS\Core\Utility\GeneralUtility\arrayToLogString
static arrayToLogString(array $arr, $valueList=array(), $valueLength=20)
Definition: GeneralUtility.php:5271
$uid
$uid
Definition: server.php:36
TYPO3\CMS\Core\Utility\GeneralUtility\makeInstanceService
static makeInstanceService($serviceType, $serviceSubType='', $excludeServiceKeys=array())
Definition: GeneralUtility.php:4705
TYPO3\CMS\Backend\Utility\BackendUtility\lockRecords
static lockRecords($table='', $uid=0, $pid=0)
Definition: BackendUtility.php:3238
TYPO3\CMS\Core\Utility\GeneralUtility\callUserFunction
static callUserFunction($funcName, &$params, &$ref, $checkPrefix='', $errorMode=0)
Definition: GeneralUtility.php:4276
TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\processLoginData
processLoginData($loginData, $passwordTransmissionStrategy='')
Definition: AbstractUserAuthentication.php:1404
$module
$module
Definition: class.tx_openid_eid.php:15
$result
if($list_of_literals) if(!empty($literals)) if(!empty($literals)) $result
Analyse literals to prepend the N char to them if their contents aren&#39;t numeric.
Definition: adodb-mssql_n.inc.php:148
TYPO3\CMS\Core\Utility\HttpUtility\redirect
static redirect($url, $httpStatus=self::HTTP_STATUS_303)
Definition: HttpUtility.php:76
$GLOBALS
if(!defined('TYPO3_MODE')) $GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['t3lib/class.t3lib_userauth.php']['logoff_pre_processing'][]
Definition: ext_localconf.php:5
TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\writelog
writelog($type, $action, $error, $details_nr, $details, $data, $tablename, $recuid, $recpid)
Definition: AbstractUserAuthentication.php:1540