TYPO3 CMS  TYPO3_8-7
ToolController.php
Go to the documentation of this file.
1 <?php
3 
4 /*
5  * This file is part of the TYPO3 CMS project.
6  *
7  * It is free software; you can redistribute it and/or modify it under
8  * the terms of the GNU General Public License, either version 2
9  * of the License, or any later version.
10  *
11  * For the full copyright and license information, please read the
12  * LICENSE.txt file that was distributed with this source code.
13  *
14  * The TYPO3 project - inspiring people to share!
15  */
16 
19 
27 {
31  protected $authenticationActions = [
32  'importantActions',
33  'systemEnvironment',
34  'configuration',
35  'folderStructure',
36  'testSetup',
37  'upgradeWizard',
38  'upgradeAnalysis',
39  'allConfiguration',
40  'cleanUp',
41  'loadExtensions',
42  'about',
43  ];
44 
48  public function execute()
49  {
50  $this->loadBaseExtensions();
51 
52  // Warning: Order of these methods is security relevant and interferes with different access
53  // conditions (new/existing installation). See the single method comments for details.
54  $this->outputInstallToolNotEnabledMessageIfNeeded();
55  $this->outputInstallToolPasswordNotSetMessageIfNeeded();
56  $this->initializeSession();
57  $this->checkSessionToken();
58  $this->checkSessionLifetime();
59  $this->logoutIfRequested();
60  $this->loginIfRequested();
63  $this->dispatchAuthenticationActions();
64  }
65 
69  protected function logoutIfRequested()
70  {
71  $action = $this->getAction();
72  if ($action === 'logout') {
75  }
76 
79  \TYPO3\CMS\Core\FormProtection\InstallToolFormProtection::class
80  );
81  $formProtection->clean();
82  $this->session->destroySession();
83  $this->redirect();
84  }
85  }
86 
93  {
94  register_shutdown_function(function () {
95  $error = error_get_last();
96  if ($error !== null) {
97  $errorType = $error['type'];
98 
99  if ($errorType & (E_ERROR | E_PARSE | E_CORE_ERROR | E_COMPILE_ERROR | E_USER_ERROR | E_RECOVERABLE_ERROR)) {
100  $getPostValues = \TYPO3\CMS\Core\Utility\GeneralUtility::_GP('install');
101 
102  $parameters = [];
103 
104  // Add context parameter in case this script was called within backend scope
105  $context = 'install[context]=standalone';
106  if (isset($getPostValues['context']) && $getPostValues['context'] === 'backend') {
107  $context = 'install[context]=backend';
108  }
109  $parameters[] = $context;
110 
111  // Add controller parameter
112  $parameters[] = 'install[controller]=tool';
113 
114  // Add action if specified
115  $parameters[] = 'install[action]=loadExtensions';
116 
117  // Add error to display a message what triggered the check
118  $errorEncoded = json_encode($error);
119  $parameters[] = 'install[lastError]=' . rawurlencode($errorEncoded);
120  // We do not use GeneralUtility here to be sure that hash generation works even if that class might not exist any more.
121  $parameters[] = 'install[lastErrorHash]=' . hash_hmac('sha1', $errorEncoded, $GLOBALS['TYPO3_CONF_VARS']['SYS']['encryptionKey'] . 'InstallToolError');
122 
123  $redirectLocation = GeneralUtility::getIndpEnv('TYPO3_REQUEST_SCRIPT') . '?' . implode('&', $parameters);
124 
125  if (!headers_sent()) {
127  $redirectLocation,
128  \TYPO3\CMS\Core\Utility\HttpUtility::HTTP_STATUS_303
129  );
130  } else {
131  echo '
132 <p><strong>
133  The system detected a fatal error during script execution.
134  Please use the <a href="' . $redirectLocation . '">extension check tool</a> to find incompatible extensions.
135 </strong></p>';
136  }
137  }
138  }
139  });
140  }
141 
147  protected function getLastError()
148  {
149  $getVars = \TYPO3\CMS\Core\Utility\GeneralUtility::_GET('install');
150  $lastError = [];
151  if (isset($getVars['lastError']) && isset($getVars['lastErrorHash']) && !empty($GLOBALS['TYPO3_CONF_VARS']['SYS']['encryptionKey'])) {
152  $calculatedHash = hash_hmac('sha1', $getVars['lastError'], $GLOBALS['TYPO3_CONF_VARS']['SYS']['encryptionKey'] . 'InstallToolError');
153  if ($calculatedHash === $getVars['lastErrorHash']) {
154  $lastError = json_decode($getVars['lastError'], true);
155  }
156  }
157  return $lastError;
158  }
159 
166  protected function dispatchAuthenticationActions()
167  {
168  $action = $this->getAction();
169  if ($action === '') {
170  $action = 'importantActions';
171  }
172  $this->validateAuthenticationAction($action);
173  $actionClass = ucfirst($action);
175  $toolAction = \TYPO3\CMS\Core\Utility\GeneralUtility::makeInstance('TYPO3\\CMS\\Install\\Controller\\Action\\Tool\\' . $actionClass);
176  if (!($toolAction instanceof Action\ActionInterface)) {
177  throw new Exception(
178  $action . ' does not implement ActionInterface',
179  1369474309
180  );
181  }
182  $toolAction->setController('tool');
183  $toolAction->setAction($action);
184  $toolAction->setToken($this->generateTokenForAction($action));
185  $toolAction->setPostValues($this->getPostValues());
186  $toolAction->setLastError($this->getLastError());
187  $this->output($toolAction->handle());
188  }
189 }
static makeInstance($className,... $constructorArguments)
static get($classNameOrType='default',... $constructorArguments)
static redirect($url, $httpStatus=self::HTTP_STATUS_303)
if(TYPO3_MODE==='BE') $GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['t3lib/class.t3lib_tsfebeuserauth.php']['frontendEditingController']['default']