TYPO3CMS  8
 All Classes Namespaces Files Functions Variables Pages
SaltedPasswordsUtility.php
Go to the documentation of this file.
1 <?php
2 namespace TYPO3\CMS\Saltedpasswords\Utility;
3 
4 /*
5  * This file is part of the TYPO3 CMS project.
6  *
7  * It is free software; you can redistribute it and/or modify it under
8  * the terms of the GNU General Public License, either version 2
9  * of the License, or any later version.
10  *
11  * For the full copyright and license information, please read the
12  * LICENSE.txt file that was distributed with this source code.
13  *
14  * The TYPO3 project - inspiring people to share!
15  */
16 
19 
24 {
28  const EXTKEY = 'saltedpasswords';
29 
36  {
37  $queryBuilder = GeneralUtility::makeInstance(ConnectionPool::class)->getQueryBuilderForTable('be_users');
38  $queryBuilder->getRestrictions()->removeAll();
39 
40  $userCount = $queryBuilder
41  ->count('*')
42  ->from('be_users')
43  ->where(
44  $queryBuilder->expr()->neq('password', $queryBuilder->createNamedParameter('', \PDO::PARAM_STR)),
45  $queryBuilder->expr()->notLike('password', $queryBuilder->createNamedParameter('$%', \PDO::PARAM_STR)),
46  $queryBuilder->expr()->notLike('password', $queryBuilder->createNamedParameter('M$%', \PDO::PARAM_STR))
47  )
48  ->execute()
49  ->fetchColumn();
50 
51  return $userCount;
52  }
53 
59  public static function returnExtConf($mode = TYPO3_MODE)
60  {
61  $currentConfiguration = self::returnExtConfDefaults();
62  if (isset($GLOBALS['TYPO3_CONF_VARS']['EXT']['extConf']['saltedpasswords'])) {
63  $extensionConfiguration = unserialize($GLOBALS['TYPO3_CONF_VARS']['EXT']['extConf']['saltedpasswords'], ['allowed_classes' => false]);
64  // Merge default configuration with modified configuration:
65  if (isset($extensionConfiguration[$mode . '.'])) {
66  $currentConfiguration = array_merge($currentConfiguration, $extensionConfiguration[$mode . '.']);
67  }
68  }
69  return $currentConfiguration;
70  }
71 
80  public function feloginForgotPasswordHook(array &$params, \TYPO3\CMS\Felogin\Controller\FrontendLoginController $pObj)
81  {
82  if (self::isUsageEnabled('FE')) {
84  $params['newPassword'] = $objInstanceSaltedPW->getHashedPassword($params['newPassword']);
85  }
86  }
87 
93  public static function returnExtConfDefaults()
94  {
95  return [
96  'onlyAuthService' => '0',
97  'forceSalted' => '0',
98  'updatePasswd' => '1',
99  'saltedPWHashingMethod' => \TYPO3\CMS\Saltedpasswords\Salt\PhpassSalt::class,
100  'enabled' => '1'
101  ];
102  }
103 
111  public static function getDefaultSaltingHashingMethod($mode = TYPO3_MODE)
112  {
113  $extConf = self::returnExtConf($mode);
114  $classNameToUse = \TYPO3\CMS\Saltedpasswords\Salt\Md5Salt::class;
115  if (in_array($extConf['saltedPWHashingMethod'], array_keys(\TYPO3\CMS\Saltedpasswords\Salt\SaltFactory::getRegisteredSaltedHashingMethods()))) {
116  $classNameToUse = $extConf['saltedPWHashingMethod'];
117  }
118  return $classNameToUse;
119  }
120 
128  public static function isUsageEnabled($mode = TYPO3_MODE)
129  {
130  // Login Security Level Recognition
131  $extConf = self::returnExtConf($mode);
132  $securityLevel = trim($GLOBALS['TYPO3_CONF_VARS'][$mode]['loginSecurityLevel']) ?: 'normal';
133  if ($mode === 'BE') {
134  return true;
135  } elseif ($mode === 'FE' && $extConf['enabled']) {
136  return $securityLevel === 'normal' || $securityLevel === 'rsa';
137  }
138  return false;
139  }
140 }
feloginForgotPasswordHook(array &$params,\TYPO3\CMS\Felogin\Controller\FrontendLoginController $pObj)
static getSaltingInstance($saltedHash= '', $mode=TYPO3_MODE)
Definition: SaltFactory.php:83
if(TYPO3_MODE=== 'BE') $GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['t3lib/class.t3lib_tsfebeuserauth.php']['frontendEditingController']['default']
static makeInstance($className,...$constructorArguments)