TYPO3 CMS  TYPO3_6-2
All Classes Namespaces Files Functions Variables Pages
BulkUpdateTask.php
Go to the documentation of this file.
1 <?php
2 namespace TYPO3\CMS\Saltedpasswords\Task;
3 
22 class BulkUpdateTask extends \TYPO3\CMS\Scheduler\Task\AbstractTask {
23 
27  protected $canDeactivateSelf = TRUE;
28 
37  protected $numberOfRecords = 250;
38 
42  protected $userRecordPointer = array();
43 
47  public function __construct() {
48  parent::__construct();
49  $this->userRecordPointer = array(
50  'FE' => 0,
51  'BE' => 0
52  );
53  }
54 
60  public function execute() {
61  $processedAllRecords = TRUE;
62  // For frontend and backend
63  foreach ($this->userRecordPointer as $mode => $pointer) {
64  // If saltedpasswords is active for frontend / backend
65  if (\TYPO3\CMS\Saltedpasswords\Utility\SaltedPasswordsUtility::isUsageEnabled($mode)) {
66  $usersToUpdate = $this->findUsersToUpdate($mode);
67  $numberOfRows = count($usersToUpdate);
68  if ($numberOfRows > 0) {
69  $processedAllRecords = FALSE;
70  $this->activateSelf();
71  $this->incrementUserRecordPointer($mode, $numberOfRows);
72  $this->convertPasswords($mode, $usersToUpdate);
73  }
74  }
75  }
76  if ($processedAllRecords) {
77  // Reset the user record pointer
78  $this->userRecordPointer = array(
79  'FE' => 0,
80  'BE' => 0
81  );
82  // Determine if task should disable itself
83  if ($this->canDeactivateSelf) {
84  $this->deactivateSelf();
85  }
86  }
87  // Use save() of parent class \TYPO3\CMS\Scheduler\Task\AbstractTask to persist changed task variables
88  $this->save();
89  return TRUE;
90  }
91 
97  public function getAdditionalInformation() {
98  $information = $GLOBALS['LANG']->sL('LLL:EXT:saltedpasswords/locallang.xlf:ext.saltedpasswords.tasks.bulkupdate.label.additionalinformation.deactivateself') . $this->getCanDeactivateSelf() . '; ' . $GLOBALS['LANG']->sL('LLL:EXT:saltedpasswords/locallang.xlf:ext.saltedpasswords.tasks.bulkupdate.label.additionalinformation.numberofrecords') . $this->getNumberOfRecords();
99  return $information;
100  }
101 
108  protected function findUsersToUpdate($mode) {
109  $usersToUpdate = $GLOBALS['TYPO3_DB']->exec_SELECTgetRows('uid, password', strtolower($mode) . '_users', '1 = 1', '', 'uid ASC', $this->userRecordPointer[$mode] . ', ' . $this->numberOfRecords);
110  return $usersToUpdate;
111  }
112 
120  protected function convertPasswords($mode, array $users) {
121  $updateUsers = array();
122  foreach ($users as $user) {
123  // If a password is already a salted hash it must not be updated
124  if ($this->isSaltedHash($user['password'])) {
125  continue;
126  }
127  $updateUsers[] = $user;
128  }
129  if (count($updateUsers) > 0) {
130  $this->updatePasswords($mode, $updateUsers);
131  }
132  }
133 
141  protected function updatePasswords($mode, array $users) {
143  $saltedpasswordsInstance = \TYPO3\CMS\Saltedpasswords\Salt\SaltFactory::getSaltingInstance(NULL, $mode);
144  foreach ($users as $user) {
145  $newPassword = $saltedpasswordsInstance->getHashedPassword($user['password']);
146  // If a given password is a md5 hash (usually default be_users without saltedpasswords activated),
147  // result of getHashedPassword() is a salted hashed md5 hash.
148  // We prefix those with 'M', saltedpasswords will then update this password
149  // to a usual salted hash upon first login of the user.
150  if ($this->isMd5Password($user['password'])) {
151  $newPassword = 'M' . $newPassword;
152  }
153  // Persist updated password
154  $GLOBALS['TYPO3_DB']->exec_UPDATEquery(strtolower($mode) . '_users', 'uid = ' . $user['uid'], array(
155  'password' => $newPassword
156  ));
157  }
158  }
159 
171  protected function isSaltedHash($password) {
172  $isSaltedHash = FALSE;
173  if (strlen($password) > 2 && (\TYPO3\CMS\Core\Utility\GeneralUtility::isFirstPartOfStr($password, 'C$') || \TYPO3\CMS\Core\Utility\GeneralUtility::isFirstPartOfStr($password, 'M$'))) {
174  // Cut off M or C and test if we have a salted hash
175  $isSaltedHash = \TYPO3\CMS\Saltedpasswords\Salt\SaltFactory::determineSaltingHashingMethod(substr($password, 1));
176  }
177  // Test if given password is a already a usual salted hash
178  if (!$isSaltedHash) {
179  $isSaltedHash = \TYPO3\CMS\Saltedpasswords\Salt\SaltFactory::determineSaltingHashingMethod($password);
180  }
181  return $isSaltedHash;
182  }
183 
190  protected function isMd5Password($password) {
191  return (bool) preg_match('/[0-9abcdef]{32,32}/i', $password);
192  }
193 
201  protected function incrementUserRecordPointer($mode, $number) {
202  $this->userRecordPointer[$mode] += $number;
203  }
204 
211  protected function activateSelf() {
212  $this->setDisabled(FALSE);
213  }
214 
221  protected function deactivateSelf() {
222  $this->setDisabled(TRUE);
223  }
224 
231  public function setCanDeactivateSelf($canDeactivateSelf) {
232  $this->canDeactivateSelf = $canDeactivateSelf;
233  }
234 
240  public function getCanDeactivateSelf() {
241  return $this->canDeactivateSelf;
242  }
243 
250  public function setNumberOfRecords($numberOfRecords) {
251  $this->numberOfRecords = $numberOfRecords;
252  }
253 
259  public function getNumberOfRecords() {
260  return $this->numberOfRecords;
261  }
262 
263 }
TYPO3\CMS\Saltedpasswords\Salt\SaltFactory\determineSaltingHashingMethod
static determineSaltingHashingMethod($saltedHash, $mode=TYPO3_MODE)
Definition: SaltFactory.php:113
TYPO3\CMS\Saltedpasswords\Salt\SaltFactory\getSaltingInstance
static getSaltingInstance($saltedHash='', $mode=TYPO3_MODE)
Definition: SaltFactory.php:83
$GLOBALS
if(!defined('TYPO3_MODE')) $GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['t3lib/class.t3lib_userauth.php']['logoff_pre_processing'][]
Definition: ext_localconf.php:5