TYPO3 CMS  TYPO3_8-7
FrontendBackendUserAuthentication.php
Go to the documentation of this file.
1 <?php
2 namespace TYPO3\CMS\Backend;
3 
4 /*
5  * This file is part of the TYPO3 CMS project.
6  *
7  * It is free software; you can redistribute it and/or modify it under
8  * the terms of the GNU General Public License, either version 2
9  * of the License, or any later version.
10  *
11  * For the full copyright and license information, please read the
12  * LICENSE.txt file that was distributed with this source code.
13  *
14  * The TYPO3 project - inspiring people to share!
15  */
16 
17 use TYPO3\CMS\Core\Authentication\BackendUserAuthentication;
18 use TYPO3\CMS\Core\Cache\Frontend\FrontendInterface;
19 use TYPO3\CMS\Core\Database\ConnectionPool;
20 use TYPO3\CMS\Core\Database\Query\QueryBuilder;
21 use TYPO3\CMS\Core\Database\Query\QueryHelper;
22 use TYPO3\CMS\Core\Database\Query\Restriction\DeletedRestriction;
23 use TYPO3\CMS\Core\Type\Bitmask\Permission;
24 use TYPO3\CMS\Core\Utility\GeneralUtility;
25 use TYPO3\CMS\Lang\LanguageService;
26 
31 class FrontendBackendUserAuthentication extends BackendUserAuthentication
32 {
38  public $formfield_uname = '';
39 
45  public $formfield_uident = '';
46 
53  public $formfield_status = '';
54 
60  public $writeStdLog = false;
61 
67  public $writeAttemptLog = false;
68 
74  public $extPageInTreeInfo = [];
75 
81  public $extAdmEnabled = false;
82 
86  public $adminPanel = null;
87 
91  public $frontendEdit = null;
92 
96  public $extAdminConfig = [];
97 
101  public function initializeAdminPanel()
102  {
103  $this->extAdminConfig = $this->getTSConfigProp('admPanel');
104  if (isset($this->extAdminConfig['enable.'])) {
105  foreach ($this->extAdminConfig['enable.'] as $value) {
106  if ($value) {
107  $this->adminPanel = GeneralUtility::makeInstance(\TYPO3\CMS\Frontend\View\AdminPanelView::class);
108  $this->extAdmEnabled = true;
109  break;
110  }
111  }
112  }
113  }
114 
118  public function initializeFrontendEdit()
119  {
120  if (isset($this->extAdminConfig['enable.']) && $this->isFrontendEditingActive()) {
121  foreach ($this->extAdminConfig['enable.'] as $value) {
122  if ($value) {
123  if ($GLOBALS['TSFE'] instanceof \TYPO3\CMS\Frontend\Controller\TypoScriptFrontendController) {
124  // Grab the Page TSConfig property that determines which controller to use.
125  $pageTSConfig = $GLOBALS['TSFE']->getPagesTSconfig();
126  $controllerKey = isset($pageTSConfig['TSFE.']['frontendEditingController'])
127  ? $pageTSConfig['TSFE.']['frontendEditingController']
128  : 'default';
129  } else {
130  $controllerKey = 'default';
131  }
132  $controllerClass = $GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['t3lib/class.t3lib_tsfebeuserauth.php']['frontendEditingController'][$controllerKey];
133  if ($controllerClass) {
134  $this->frontendEdit = GeneralUtility::getUserObj($controllerClass);
135  }
136  break;
137  }
138  }
139  }
140  }
141 
147  public function isFrontendEditingActive()
148  {
149  return $this->extAdmEnabled && (
150  $this->adminPanel->isAdminModuleEnabled('edit') ||
151  (int)$GLOBALS['TSFE']->displayEditIcons === 1 ||
152  (int)$GLOBALS['TSFE']->displayFieldEditIcons === 1
153  );
154  }
155 
161  public function displayAdminPanel()
162  {
163  return $this->adminPanel->display();
164  }
165 
171  public function isAdminPanelVisible()
172  {
173  return $this->extAdmEnabled && !$this->extAdminConfig['hide'] && $GLOBALS['TSFE']->config['config']['admPanel'];
174  }
175 
176  /*****************************************************
177  *
178  * TSFE BE user Access Functions
179  *
180  ****************************************************/
187  public function checkBackendAccessSettingsFromInitPhp()
188  {
189  // Check Hardcoded lock on BE
190  if ($GLOBALS['TYPO3_CONF_VARS']['BE']['adminOnly'] < 0) {
191  return false;
192  }
193  // Check IP
194  if (trim($GLOBALS['TYPO3_CONF_VARS']['BE']['IPmaskList'])) {
195  if (!GeneralUtility::cmpIP(GeneralUtility::getIndpEnv('REMOTE_ADDR'), $GLOBALS['TYPO3_CONF_VARS']['BE']['IPmaskList'])) {
196  return false;
197  }
198  }
199  // Check IP mask based on TSconfig
200  if (!$this->checkLockToIP()) {
201  return false;
202  }
203  // Check SSL (https)
204  if ((bool)$GLOBALS['TYPO3_CONF_VARS']['BE']['lockSSL'] && !GeneralUtility::getIndpEnv('TYPO3_SSL')) {
205  return false;
206  }
207  // Finally a check as in BackendUserAuthentication::backendCheckLogin()
208  return $this->isUserAllowedToLogin();
209  }
210 
223  public function extPageReadAccess($pageRec)
224  {
225  return $this->isInWebMount($pageRec['uid']) && $this->doesUserHaveAccess($pageRec, Permission::PAGE_SHOW);
226  }
227 
228  /*****************************************************
229  *
230  * TSFE BE user Access Functions
231  *
232  ****************************************************/
243  public function extGetTreeList($id, $depth, $begin = 0, $perms_clause)
244  {
246  $queryBuilder = GeneralUtility::makeInstance(ConnectionPool::class)
247  ->getQueryBuilderForTable('pages');
248 
249  $queryBuilder->getRestrictions()
250  ->removeAll()
251  ->add(GeneralUtility::makeInstance(DeletedRestriction::class));
252 
253  $depth = (int)$depth;
254  $begin = (int)$begin;
255  $id = (int)$id;
256  $theList = '';
257  if ($id && $depth > 0) {
258  $result = $queryBuilder
259  ->select('uid', 'title')
260  ->from('pages')
261  ->where(
262  $queryBuilder->expr()->eq('pid', $queryBuilder->createNamedParameter($id, \PDO::PARAM_INT)),
263  $queryBuilder->expr()->in(
264  'doktype',
265  $queryBuilder->createNamedParameter(
266  $GLOBALS['TYPO3_CONF_VARS']['FE']['content_doktypes'],
267  \PDO::PARAM_INT
268  )
269  ),
270  QueryHelper::stripLogicalOperatorPrefix($perms_clause)
271  )
272  ->execute();
273  while ($row = $result->fetch()) {
274  if ($begin <= 0) {
275  $theList .= $row['uid'] . ',';
276  $this->extPageInTreeInfo[] = [$row['uid'], htmlspecialchars($row['title'], $depth)];
277  }
278  if ($depth > 1) {
279  $theList .= $this->extGetTreeList($row['uid'], $depth - 1, $begin - 1, $perms_clause);
280  }
281  }
282  }
283  return $theList;
284  }
285 
292  public function extGetNumberOfCachedPages($pageId)
293  {
295  $pageCache = GeneralUtility::makeInstance(\TYPO3\CMS\Core\Cache\CacheManager::class)->getCache('cache_pages');
296  $pageCacheEntries = $pageCache->getByTag('pageId_' . (int)$pageId);
297  return count($pageCacheEntries);
298  }
299 
300  /*****************************************************
301  *
302  * Localization handling
303  *
304  ****************************************************/
315  public function extGetLL($key)
316  {
317  if (!is_array($GLOBALS['LOCAL_LANG'])) {
318  $this->getLanguageService()->includeLLFile('EXT:lang/Resources/Private/Language/locallang_tsfe.xlf');
319  if (!is_array($GLOBALS['LOCAL_LANG'])) {
320  $GLOBALS['LOCAL_LANG'] = [];
321  }
322  }
323  return htmlspecialchars($this->getLanguageService()->getLL($key));
324  }
325 
329  protected function getLanguageService()
330  {
331  return $GLOBALS['LANG'];
332  }
333 }
TYPO3\CMS\Core\Utility\GeneralUtility\makeInstance
static makeInstance($className,... $constructorArguments)
Definition: GeneralUtility.php:3945
TYPO3\CMS\Core\Database\Query\QueryHelper\stripLogicalOperatorPrefix
static stripLogicalOperatorPrefix(string $constraint)
Definition: QueryHelper.php:161
$GLOBALS
if(TYPO3_MODE==='BE') $GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['t3lib/class.t3lib_tsfebeuserauth.php']['frontendEditingController']['default']
Definition: ext_localconf.php:38