TYPO3 CMS  TYPO3_7-6
ToolController.php
Go to the documentation of this file.
1 <?php
3 
4 /*
5  * This file is part of the TYPO3 CMS project.
6  *
7  * It is free software; you can redistribute it and/or modify it under
8  * the terms of the GNU General Public License, either version 2
9  * of the License, or any later version.
10  *
11  * For the full copyright and license information, please read the
12  * LICENSE.txt file that was distributed with this source code.
13  *
14  * The TYPO3 project - inspiring people to share!
15  */
16 
18 
26 {
30  protected $authenticationActions = [
31  'importantActions',
32  'systemEnvironment',
33  'configuration',
34  'folderStructure',
35  'testSetup',
36  'upgradeWizard',
37  'allConfiguration',
38  'cleanUp',
39  'loadExtensions',
40  'about',
41  ];
42 
48  public function execute()
49  {
50  $this->loadBaseExtensions();
51  $this->initializeObjectManager();
52 
53  // Warning: Order of these methods is security relevant and interferes with different access
54  // conditions (new/existing installation). See the single method comments for details.
55  $this->outputInstallToolNotEnabledMessageIfNeeded();
56  $this->outputInstallToolPasswordNotSetMessageIfNeeded();
57  $this->initializeSession();
58  $this->checkSessionToken();
59  $this->checkSessionLifetime();
60  $this->logoutIfRequested();
61  $this->loginIfRequested();
64  $this->dispatchAuthenticationActions();
65  }
66 
72  protected function logoutIfRequested()
73  {
74  $action = $this->getAction();
75  if ($action === 'logout') {
78  }
79 
82  \TYPO3\CMS\Core\FormProtection\InstallToolFormProtection::class
83  );
84  $formProtection->clean();
85  $this->session->destroySession();
86  $this->redirect();
87  }
88  }
89 
98  {
99  register_shutdown_function(function () {
100  $error = error_get_last();
101  if ($error !== null) {
102  $errorType = $error['type'];
103 
104  if ($errorType & (E_ERROR | E_PARSE | E_CORE_ERROR | E_COMPILE_ERROR | E_USER_ERROR | E_RECOVERABLE_ERROR)) {
105  $getPostValues = \TYPO3\CMS\Core\Utility\GeneralUtility::_GP('install');
106 
107  $parameters = [];
108 
109  // Add context parameter in case this script was called within backend scope
110  $context = 'install[context]=standalone';
111  if (isset($getPostValues['context']) && $getPostValues['context'] === 'backend') {
112  $context = 'install[context]=backend';
113  }
114  $parameters[] = $context;
115 
116  // Add controller parameter
117  $parameters[] = 'install[controller]=tool';
118 
119  // Add action if specified
120  $parameters[] = 'install[action]=loadExtensions';
121 
122  // Add error to display a message what triggered the check
123  $errorEncoded = json_encode($error);
124  $parameters[] = 'install[lastError]=' . rawurlencode($errorEncoded);
125  // We do not use GeneralUtility here to be sure that hash generation works even if that class might not exist any more.
126  $parameters[] = 'install[lastErrorHash]=' . hash_hmac('sha1', $errorEncoded, $GLOBALS['TYPO3_CONF_VARS']['SYS']['encryptionKey'] . 'InstallToolError');
127 
128  $redirectLocation = 'Install.php?' . implode('&', $parameters);
129 
130  if (!headers_sent()) {
132  $redirectLocation,
133  \TYPO3\CMS\Core\Utility\HttpUtility::HTTP_STATUS_303
134  );
135  } else {
136  echo '
137 <p><strong>
138  The system detected a fatal error during script execution.
139  Please use the <a href="' . $redirectLocation . '">extension check tool</a> to find incompatible extensions.
140 </strong></p>';
141  }
142  }
143  }
144  });
145  }
146 
152  protected function getLastError()
153  {
154  $getVars = \TYPO3\CMS\Core\Utility\GeneralUtility::_GET('install');
155  $lastError = [];
156  if (isset($getVars['lastError']) && isset($getVars['lastErrorHash']) && !empty($GLOBALS['TYPO3_CONF_VARS']['SYS']['encryptionKey'])) {
157  $calculatedHash = hash_hmac('sha1', $getVars['lastError'], $GLOBALS['TYPO3_CONF_VARS']['SYS']['encryptionKey'] . 'InstallToolError');
158  if ($calculatedHash === $getVars['lastErrorHash']) {
159  $lastError = json_decode($getVars['lastError'], true);
160  }
161  }
162  return $lastError;
163  }
164 
171  protected function dispatchAuthenticationActions()
172  {
173  $action = $this->getAction();
174  if ($action === '') {
175  $action = 'importantActions';
176  }
177  $this->validateAuthenticationAction($action);
178  $actionClass = ucfirst($action);
180  $toolAction = $this->objectManager->get('TYPO3\\CMS\\Install\\Controller\\Action\\Tool\\' . $actionClass);
181  if (!($toolAction instanceof Action\ActionInterface)) {
182  throw new Exception(
183  $action . ' does not implement ActionInterface',
184  1369474309
185  );
186  }
187  $toolAction->setController('tool');
188  $toolAction->setAction($action);
189  $toolAction->setToken($this->generateTokenForAction($action));
190  $toolAction->setPostValues($this->getPostValues());
191  $toolAction->setLastError($this->getLastError());
192  $this->output($toolAction->handle());
193  }
194 }
if(!defined('ADODB_ERROR_HANDLER_TYPE')) define('ADODB_ERROR_HANDLER_TYPE' E_USER_ERROR
static redirect($url, $httpStatus=self::HTTP_STATUS_303)
Definition: HttpUtility.php:76
if(TYPO3_MODE==='BE') $GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['t3lib/class.t3lib_tsfebeuserauth.php']['frontendEditingController']['default']