/**
  * Execute task
  *
  * @return void
  */
 public function execute()
 {
     $processedAllRecords = TRUE;
     // For frontend and backend
     foreach ($this->userRecordPointer as $mode => $pointer) {
         // If saltedpasswords is active for frontend / backend
         if (tx_saltedpasswords_div::isUsageEnabled($mode)) {
             $usersToUpdate = $this->findUsersToUpdate($mode);
             $numberOfRows = count($usersToUpdate);
             if ($numberOfRows > 0) {
                 $processedAllRecords = FALSE;
                 $this->incrementUserRecordPointer($mode, $numberOfRows);
                 $this->convertPasswords($mode, $usersToUpdate);
             }
         }
     }
     // Determine if task should disable itself
     if ($this->canDeactivateSelf && $processedAllRecords) {
         $this->deactivateSelf();
     }
     // Use save() of parent class tx_scheduler_Task to persist
     // changed task variables: $this->userRecordPointer and $this->disabled
     $this->save();
     return TRUE;
 }
 /**
  * Sets the storage security level
  *
  * @return	void
  */
 protected function setStorageSecurityLevel()
 {
     $this->storageSecurityLevel = 'normal';
     if (t3lib_extMgm::isLoaded('saltedpasswords') && tx_saltedpasswords_div::isUsageEnabled('FE')) {
         $this->storageSecurityLevel = 'salted';
     }
 }
 /**
  * Replaces password with salted hash of passwort
  * extends tx_srfeuserregister_data->parseOutgoingData
  *
  * @param	array		$dataArray: array with user data to be modified
  * @param	array		$origArray
  *
  * @return	array		parsed array
  */
 function parseOutgoingData(&$dataArray, $origArray)
 {
     $parsedArray = parent::parseOutgoingData($dataArray, $origArray);
     if (t3lib_extMgm::isLoaded('saltedpasswords') && tx_saltedpasswords_div::isUsageEnabled()) {
         $objPHPass = t3lib_div::makeInstance(tx_saltedpasswords_div::getDefaultSaltingHashingMethod());
         $updatedPassword = $objPHPass->getHashedPassword($parsedArray['password']);
         $parsedArray['password'] = $parsedArray['password_again'] = $updatedPassword;
     }
     return $parsedArray;
 }
Example #4
0
 /**
  * Encrypts the new password before storing in database
  * 
  * @param string $string
  * @return string
  */
 public static function salt($string)
 {
     if (t3lib_extMgm::isLoaded('saltedpasswords')) {
         if (tx_saltedpasswords_div::isUsageEnabled('FE')) {
             $saltingInstance = tx_saltedpasswords_salts_factory::getSaltingInstance();
             $string = $saltingInstance->getHashedPassword($string);
         }
     } else {
         if (t3lib_extMgm::isLoaded('t3sec_saltedpw')) {
             require_once t3lib_extMgm::extPath('t3sec_saltedpw') . 'res/staticlib/class.tx_t3secsaltedpw_div.php';
             if (tx_t3secsaltedpw_div::isUsageEnabled()) {
                 require_once t3lib_extMgm::extPath('t3sec_saltedpw') . 'res/lib/class.tx_t3secsaltedpw_phpass.php';
                 $objPHPass = t3lib_div::makeInstance('tx_t3secsaltedpw_phpass');
                 $string = $objPHPass->getHashedPassword($string);
             }
         }
     }
     return $string;
 }
 /**
  * Function uses Portable PHP Hashing Framework to create a proper password string if needed
  *
  * @param	mixed		$value: The value that has to be checked.
  * @param	string		$is_in: Is-In String
  * @param	integer		$set: Determines if the field can be set (value correct) or not, e.g. if input is required but the value is empty, then $set should be set to FALSE. (PASSED BY REFERENCE!)
  * @return	The new value of the field
  */
 function evaluateFieldValue($value, $is_in, &$set)
 {
     $isEnabled = $this->mode ? tx_saltedpasswords_div::isUsageEnabled($this->mode) : tx_saltedpasswords_div::isUsageEnabled();
     if ($isEnabled) {
         $set = FALSE;
         $isMD5 = preg_match('/[0-9abcdef]{32,32}/', $value);
         $isSaltedHash = t3lib_div::inList('$1$,$2$,$2a,$P$', substr($value, 0, 3));
         $this->objInstanceSaltedPW = tx_saltedpasswords_salts_factory::getSaltingInstance(NULL, $this->mode);
         if ($isMD5) {
             $set = TRUE;
             $value = 'M' . $this->objInstanceSaltedPW->getHashedPassword($value);
         } else {
             if (!$isSaltedHash) {
                 $set = TRUE;
                 $value = $this->objInstanceSaltedPW->getHashedPassword($value);
             }
         }
     }
     return $value;
 }
 /**
  * Obtains a salting hashing method instance.
  *
  * This function will return an instance of a class that implements
  * tx_saltedpasswords_abstract_salts.
  *
  * Use parameter NULL to reset the factory!
  *
  * @param	string		$saltedHash: (optional) salted hashed password to determine the type of used method from or NULL to reset the factory
  * @param	string		$mode: (optional) The TYPO3 mode (FE or BE) saltedpasswords shall be used for
  * @return	tx_saltedpasswords_abstract_salts	an instance of salting hashing method object
  */
 public static function getSaltingInstance($saltedHash = '', $mode = TYPO3_MODE)
 {
     // creating new instance when
     // * no instance existing
     // * a salted hash given to determine salted hashing method from
     // * a NULL parameter given to reset instance back to default method
     if (!is_object(self::$instance) || !empty($saltedHash) || is_NULL($saltedHash)) {
         // determine method by checking the given hash
         if (!empty($saltedHash)) {
             $result = self::determineSaltingHashingMethod($saltedHash);
             if (!$result) {
                 self::$instance = NULL;
             }
         } else {
             $classNameToUse = tx_saltedpasswords_div::getDefaultSaltingHashingMethod($mode);
             $availableClasses = $GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['ext/saltedpasswords']['saltMethods'];
             self::$instance = t3lib_div::getUserObj($availableClasses[$classNameToUse], 'tx_');
         }
     }
     return self::$instance;
 }
 /**
  * @test
  */
 public function doesReturnExtConfReturnMergedSettingsIfExtensionConfigurationIsFound()
 {
     $setting = array('setting' => 1);
     $GLOBALS['TYPO3_CONF_VARS']['EXT']['extConf']['saltedpasswords'] = serialize(array('TEST_MODE.' => $setting));
     $this->assertEquals(array_merge(tx_saltedpasswords_div::returnExtConfDefaults(), $setting), tx_saltedpasswords_div::returnExtConf('TEST_MODE'));
 }
 /**
  * Check whether salted passwords are enabled in front end
  *
  * @return	tx_reports_reports_status_Status
  */
 protected function checkIfSaltedPasswordsAreEnabledInFrontEnd()
 {
     $title = $GLOBALS['LANG']->sL('LLL:EXT:' . SR_FEUSER_REGISTER_EXT . '/hooks/statusreport/locallang.xlf:Salted_passwords_in_front_end');
     if (!t3lib_extMgm::isLoaded('saltedpasswords') || !tx_saltedpasswords_div::isUsageEnabled('FE')) {
         $value = $GLOBALS['LANG']->sL('LLL:EXT:' . SR_FEUSER_REGISTER_EXT . '/hooks/statusreport/locallang.xlf:disabled');
         $message = $GLOBALS['LANG']->sL('LLL:EXT:' . SR_FEUSER_REGISTER_EXT . '/hooks/statusreport/locallang.xlf:salted_passwords_must_be_enabled');
         $status = tx_reports_reports_status_Status::ERROR;
     } else {
         $value = $GLOBALS['LANG']->sL('LLL:EXT:' . SR_FEUSER_REGISTER_EXT . '/hooks/statusreport/locallang.xlf:enabled');
         $message = '';
         $status = tx_reports_reports_status_Status::OK;
     }
     return t3lib_div::makeInstance('tx_reports_reports_status_Status', $title, $value, $message, $status);
 }
Example #9
0
    /**
     * Generates the module content.
     *
     * @return void
     */
    protected function moduleContent()
    {
        switch ((string) $this->MOD_SETTINGS['function']) {
            case 1:
                // Get default project name
                $path = PATH_site . 'fileadmin/templates/';
                $dirs = scandir($path);
                // Filter directories
                foreach ($dirs as $dir) {
                    if ($dir != '.' && $dir != '..' && $dir != 'default' && $dir != 'ts') {
                        $projectDir = $dir;
                    }
                }
                // Form submitted
                if ($_POST['submit_config']) {
                    // No basedomain given
                    if (!$_POST['project_basedomainde']) {
                        $errorMessageContent = '<h3>' . $GLOBALS['LANG']->getLL('noBasedomain') . '</h3>';
                        $errorMessageContent .= '<p>' . $GLOBALS['LANG']->getLL('noBasedomainText') . '</p>';
                        $content = '<div class="alert alert-error">' . $errorMessageContent . '</div>';
                        $this->content .= $this->doc->section($GLOBALS['LANG']->getLL('title'), $content, 0, 1);
                    } else {
                        if (!$_POST['project_email']) {
                            $errorMessageContent = '<h3>' . $GLOBALS['LANG']->getLL('noEmail') . '</h3>';
                            $errorMessageContent .= '<p>' . $GLOBALS['LANG']->getLL('noEmailText') . '</p>';
                            $content = '<div class="alert alert-error">' . $errorMessageContent . '</div>';
                            $this->content .= $this->doc->section($GLOBALS['LANG']->getLL('title'), $content, 0, 1);
                        } else {
                            if (!$this->checkEmail($_POST['project_email'])) {
                                $errorMessageContent = '<h3>' . $GLOBALS['LANG']->getLL('noValidEmail') . '</h3>';
                                $errorMessageContent .= '<p>' . $GLOBALS['LANG']->getLL('noValidEmailText') . '</p>';
                                $content = '<div class="alert alert-error">' . $errorMessageContent . '</div>';
                                $this->content .= $this->doc->section($GLOBALS['LANG']->getLL('title'), $content, 0, 1);
                            } else {
                                if (!$_POST['project_httphost']) {
                                    $errorMessageContent = '<h3>' . $GLOBALS['LANG']->getLL('noHttpHost') . '</h3>';
                                    $errorMessageContent .= '<p>' . $GLOBALS['LANG']->getLL('noHttpHostText') . '</p>';
                                    $content = '<div class="alert alert-error">' . $errorMessageContent . '</div>';
                                    $this->content .= $this->doc->section($GLOBALS['LANG']->getLL('title'), $content, 0, 1);
                                } else {
                                    // Get project name
                                    $projectName = trim(strtolower($_POST['project_name']));
                                    // Check if uppercase
                                    if (ctype_upper($_POST['project_name'])) {
                                        $projectNameUpper = $_POST['project_name'];
                                        $projectDirUpper = strtoupper($projectDir);
                                    } else {
                                        $projectNameUpper = $projectName;
                                        $projectDirUpper = $projectDir;
                                    }
                                    // Rename dir
                                    rename($path . $projectDir, $path . $projectName);
                                    /* Change files BEGIN */
                                    // Files to change
                                    $files = array(PATH_site . 'fileadmin/templates/ts/setup/JavaScriptIncludes_setup.ts', PATH_site . 'fileadmin/templates/ts/TSConfig/Page.ts', PATH_site . 'typo3conf/new_localconf.php');
                                    // Parse files
                                    foreach ($files as $f) {
                                        // Open file
                                        $data = file_get_contents($f);
                                        // Change data
                                        $data = str_replace($projectDir, $projectName, $data);
                                        // Write file
                                        file_put_contents($f, $data);
                                    }
                                    /* Change files END */
                                    /* Change files with uppercase BEGIN */
                                    // Files to change
                                    $files2 = array(PATH_site . 'fileadmin/templates/ts/setup/lib_setup.ts', PATH_site . 'fileadmin/templates/ts/constants/StandardConfig_constants.ts', PATH_site . 'fileadmin/templates/ts/setup/lib_setup.ts');
                                    // Parse files
                                    foreach ($files2 as $f2) {
                                        // Open file
                                        $data2 = file_get_contents($f2);
                                        // Change data
                                        $data2 = str_replace(ucfirst($projectDir), ucfirst($projectNameUpper), $data2);
                                        // Write file
                                        file_put_contents($f2, $data2);
                                    }
                                    /* Change files with uppercase END */
                                    /* Copyright notice BEGIN */
                                    $copyrightNotice = $_POST['project_copyright'];
                                    if (!$copyrightNotice) {
                                        $copyrightNotice = $GLOBALS['LANG']->getLL('copyrightDefault');
                                    }
                                    $files3 = array(PATH_site . 'fileadmin/templates/ts/setup/StandardConfig_setup.ts');
                                    foreach ($files3 as $f3) {
                                        // Open file
                                        $data3 = file_get_contents($f3);
                                        // Change data
                                        $data3 = str_replace("headerComment =", "headerComment = " . $copyrightNotice, $data3);
                                        // Write file
                                        file_put_contents($f3, $data3);
                                    }
                                    /* Copyright notice END */
                                    /* Basedomain BEGIN */
                                    $files4 = array(PATH_site . 'fileadmin/templates/ts/constants/StandardConfig_constants.ts');
                                    foreach ($files4 as $f4) {
                                        $basedomainDE = trim($_POST['project_basedomainde'], '/') . '/';
                                        $basedomainEN = trim($_POST['project_basedomainen'], '/') . '/';
                                        $httpHost = trim($_POST['project_httphost'], '/');
                                        $basedomainDEPreview = trim($_POST['preview_basedomainde'], '/') . '/';
                                        $basedomainENPreview = trim($_POST['preview_basedomainen'], '/') . '/';
                                        $httpHostPreview = trim($_POST['preview_httphost'], '/');
                                        $basedomainDELive = trim($_POST['live_basedomainde'], '/') . '/';
                                        $basedomainENLive = trim($_POST['live_basedomainen'], '/') . '/';
                                        $httpHostLive = trim($_POST['live_httphost'], '/');
                                        // Open file
                                        $data4 = file_get_contents($f4);
                                        // Add data
                                        $data4 = "" . $data4 . "\r\n\r\n# # medbootstraptools [BEGIN]\r\n\r\n[globalVar = IENV:HTTP_HOST = " . $httpHost . "]\r\n\r\nt3bootstrap {\r\n\tbasedomain.de = " . $basedomainDE . "\r\n\tbasedomain.en = " . $basedomainEN . "\r\n}\r\n\r\n[globalVar = IENV:HTTP_HOST = " . $httpHostPreview . "]\r\n\r\nt3bootstrap {\r\n\tbasedomain.de = " . $basedomainDEPreview . "\r\n\tbasedomain.en = " . $basedomainENPreview . "\r\n}\r\n\r\n[globalVar = IENV:HTTP_HOST = " . $httpHostLive . "]\r\n\r\nt3bootstrap {\r\n\tbasedomain.de = " . $basedomainDELive . "\r\n\tbasedomain.en = " . $basedomainENLive . "\r\n}\r\n\r\n[global]\r\n\r\n# # medbootstraptools [END]";
                                        // Write file
                                        file_put_contents($f4, $data4);
                                    }
                                    /* Basedomain END */
                                    /* Robots BEGIN */
                                    // Get file
                                    $robotsFile = PATH_site . 'fileadmin/templates/ts/setup/StandardConfig_setup.ts';
                                    // Open file
                                    $robotsFileContent = file_get_contents($robotsFile);
                                    // Add data
                                    $robotsFileContent = "" . $robotsFileContent . "\r\n\r\n# # medbootstraptools [BEGIN]\r\n\r\n[globalVar = IENV:HTTP_HOST = " . $httpHost . "]\r\n\r\npage.meta.robots = noindex, nofollow\r\n\r\n[globalVar = IENV:HTTP_HOST = " . $httpHostPreview . "]\r\n\r\npage.meta.robots = noindex, nofollow\r\n\r\n[globalVar = IENV:HTTP_HOST = " . $httpHostLive . "]\r\n\r\npage.meta.robots = index, follow\r\n\r\n[global]\r\n\r\n# # medbootstraptools [END]";
                                    // Write file
                                    file_put_contents($robotsFile, $robotsFileContent);
                                    /* Robots END */
                                    /* Responsive or not BEGIN */
                                    if ($_POST['project_responsive'] != "on") {
                                        $resp = PATH_site . 'fileadmin/templates/ts/setup/CSSIncludes_setup.ts';
                                        $dataResp = file_get_contents($resp);
                                        $dataResp = str_replace("bootstrap-responsive", "no-responsive", $dataResp);
                                        file_put_contents($resp, $dataResp);
                                        // Rename t3bootstrap responsive
                                        $t3bootstrapResp = PATH_site . 'fileadmin/templates/default/less/t3bootstrap-responsive.less';
                                        rename($t3bootstrapResp, $t3bootstrapResp . '_doNotUse');
                                        // File
                                        $lessConfigFile = PATH_site . 'fileadmin/templates/ts/setup/Extensions_setup.ts';
                                        // Get content
                                        $lessConfigFileContent = file_get_contents($lessConfigFile);
                                        // Remove LESS config for responsive CSS file
                                        $lessConfigFileContent = preg_replace('/t3bootstrap-responsive {[^{}]*}/', '', $lessConfigFileContent);
                                        // Write file
                                        file_put_contents($lessConfigFile, $lessConfigFileContent);
                                    }
                                    /* Responsive or not END */
                                    /* Install Tool password BEGIN */
                                    $localconfFile = PATH_site . 'typo3conf/new_localconf.php';
                                    $localconfData = file_get_contents($localconfFile);
                                    $newInstallPassword = $this->generatePW();
                                    $localConfContent = "// Updated by medbootstraptools " . date("d.m.y", time()) . " " . date("H:i:s", time()) . "\n\$TYPO3_CONF_VARS['BE']['installToolPassword'] = '******';";
                                    $localconfData = str_replace("?>", "\n" . $localConfContent . "\n?>", $localconfData);
                                    file_put_contents($localconfFile, $localconfData);
                                    /* Install Tool password END */
                                    /* Update site name BEGIN */
                                    // Get localconf
                                    $data = file_get_contents($localconfFile);
                                    $data = str_replace("\$TYPO3_CONF_VARS['SYS']['sitename'] = '" . ucfirst($projectDir) . "';", "\$TYPO3_CONF_VARS['SYS']['sitename'] = '" . ucfirst($projectNameUpper) . "';", $data);
                                    // Write file
                                    file_put_contents($localconfFile, $data);
                                    /* Update site name END */
                                    /* Settings LIVE/PREVIEW server BEGIN */
                                    // Get file
                                    $settingsFile = PATH_typo3conf . 'settings.php';
                                    // Get settings
                                    $server = $_POST['live_server'];
                                    $host = $_POST['live_host'];
                                    $username = $_POST['live_username'];
                                    $dbPassword = $_POST['live_password'];
                                    $database = $_POST['live_database'];
                                    $imPath = $_POST['live_impath'];
                                    $previewServer = $_POST['preview_server'];
                                    $previewHost = $_POST['preview_host'];
                                    $previewUsername = $_POST['preview_username'];
                                    $previewDbPassword = $_POST['preview_password'];
                                    $previewDatabase = $_POST['preview_database'];
                                    $previewImPath = $_POST['preview_impath'];
                                    // Get content
                                    if (!$server && !$host && !$username && !$dbPassword && !$database && !$previewServer && !$previewHost && !$previewUsername && !$previewDbPassword && !$previewDatabase && !$imPath && !$previewImPath) {
                                        $settingsContent = "<?php\r\n\$TYPO3_CONF_VARS['GFX']['im_path_lzw'] = '/usr/local/bin/';\r\n\$TYPO3_CONF_VARS['GFX']['im_path'] = '/usr/local/bin/';\r\n?>";
                                    } else {
                                        $settingsContent = "<?php\r\n\tif(\$_SERVER['SERVER_NAME'] == '" . $server . "') {\r\n\t\t\$typo_db_username = '******';\r\n\t\t\$typo_db_password = '******';\r\n\t\t\$typo_db_host = '" . $host . "';\r\n\t\t\$typo_db = '" . $database . "';\r\n\t\t\$TYPO3_CONF_VARS['GFX']['im_path_lzw'] = '" . $imPath . "';\r\n\t\t\$TYPO3_CONF_VARS['GFX']['im_path'] = '" . $imPath . "';\r\n\t}\r\n\telse if(\$_SERVER['SERVER_NAME'] == '" . $previewServer . "') {\r\n\t\t\$typo_db_username = '******';\r\n\t\t\$typo_db_password = '******';\r\n\t\t\$typo_db_host = '" . $previewHost . "';\r\n\t\t\$typo_db = '" . $previewDatabase . "';\r\n\t\t\$TYPO3_CONF_VARS['GFX']['im_path_lzw'] = '" . $previewImPath . "';\r\n\t\t\$TYPO3_CONF_VARS['GFX']['im_path'] = '" . $previewImPath . "';\r\n\t}\r\n?>";
                                    }
                                    file_put_contents($settingsFile, $settingsContent);
                                    /* Settings LIVE/PREVIEW server END */
                                    /* Import database BEGIN */
                                    /**
                                     * @todo Replace @mysql_connect, as TYPO3 Backend is already connected; change import script class
                                     */
                                    // Connect to database
                                    $connection = @mysql_connect(TYPO3_db_host, TYPO3_db_username, TYPO3_db_password);
                                    // Get SQL file
                                    $filename = PATH_typo3conf . 'ext/medbootstraptools/mod1/sql/t3bootstrap.sql';
                                    $compress = false;
                                    $dump = new phpMyImporter(TYPO3_db, $connection, $filename, $compress);
                                    $dump->utf8 = true;
                                    // Uses UTF8 connection with MySQL server, default: true
                                    $dump->doImport();
                                    /* Clear sys_log and be_sessions table after import [BEGIN] */
                                    mysql_query("TRUNCATE TABLE sys_log");
                                    //mysql_query("TRUNCATE TABLE be_sessions");
                                    /* Clear sys_log and be_sessions table after import [END] */
                                    /* Import database END */
                                    /* Update contact form BEGIN */
                                    $email = $_POST['project_email'];
                                    $GLOBALS['TYPO3_DB']->sql_query("UPDATE tt_content SET pi_flexform = REPLACE(pi_flexform, '*****@*****.**', '" . $email . "') WHERE uid=103");
                                    $GLOBALS['TYPO3_DB']->sql_query("UPDATE tt_content SET pi_flexform = REPLACE(pi_flexform, '" . ucfirst($projectDirUpper) . "', '" . ucfirst($projectNameUpper) . "') WHERE uid=103");
                                    /* Update contact form END */
                                    /* Templavoilà BEGIN */
                                    $GLOBALS['TYPO3_DB']->sql_query("UPDATE tx_templavoila_datastructure SET belayout = REPLACE(belayout, '" . $projectDir . "', '" . $projectName . "') WHERE uid=1");
                                    $GLOBALS['TYPO3_DB']->sql_query("UPDATE tx_templavoila_tmplobj SET fileref = REPLACE(fileref, '" . $projectDir . "', '" . $projectName . "') WHERE uid=1");
                                    $GLOBALS['TYPO3_DB']->sql_query("UPDATE tx_templavoila_tmplobj SET fileref_md5 = MD5(fileref) WHERE uid=1");
                                    /* Templavoilà BEGIN */
                                    /* Update page ID 1 BEGIN */
                                    $updateArrayMod = array('tx_medbootstraptools_bootstrapconfig' => 1, 'title' => ucfirst($projectNameUpper));
                                    $resMod = $GLOBALS['TYPO3_DB']->exec_UPDATEquery('pages', 'uid=1', $updateArrayMod);
                                    /* Update page ID 1  END */
                                    /* Update user group ID 2 BEGIN */
                                    $updateArrayUser = array('title' => ucfirst($projectNameUpper) . ' ' . $GLOBALS['LANG']->getLL('admin'), 'description' => ucfirst($projectNameUpper) . ' ' . $GLOBALS['LANG']->getLL('adminUserGroup'));
                                    $resMod = $GLOBALS['TYPO3_DB']->exec_UPDATEquery('be_groups', 'uid=2', $updateArrayUser);
                                    /* Update user group ID 2 END */
                                    /* Update user group ID 3 BEGIN */
                                    $updateArrayUser2 = array('title' => ucfirst($projectNameUpper) . ' ' . $GLOBALS['LANG']->getLL('editor'), 'description' => ucfirst($projectNameUpper) . ' ' . $GLOBALS['LANG']->getLL('editorUserGroup'));
                                    $resMod2 = $GLOBALS['TYPO3_DB']->exec_UPDATEquery('be_groups', 'uid=3', $updateArrayUser2);
                                    /* Update user group ID 3 END */
                                    /* Create backend users BEGIN */
                                    $beUsers = explode("\n", trim($_POST['project_beusers']));
                                    if ($_POST['project_beusers']) {
                                        $beUsersFinal = array();
                                        foreach ($beUsers as $beUser) {
                                            $beUsersFinal[] = trim($beUser);
                                        }
                                        $beUsers = $beUsersFinal;
                                        foreach ($beUsers as $beUser) {
                                            $userData = explode(",", $beUser);
                                            if ($userData[0] != 'admin') {
                                                $insertArray = array('username' => trim(str_replace('"', '', stripslashes($userData[0]))), 'admin' => trim(str_replace('"', '', stripslashes($userData[5]))), 'realName' => trim(str_replace('"', '', stripslashes($userData[1]))), 'email' => trim(str_replace('"', '', stripslashes($userData[2]))), 'lang' => trim(str_replace('"', '', stripslashes($userData[3]))), 'tstamp' => time(), 'crdate' => time(), 'usergroup' => trim(str_replace('"', '', stripslashes($userData[4]))));
                                            }
                                            $resBeUser = $GLOBALS['TYPO3_DB']->exec_INSERTquery('be_users', $insertArray);
                                        }
                                    }
                                    /* Create backend users END */
                                    /* Backend user passwords BEGIN */
                                    // Create 10 passwords
                                    $passwordArr = array();
                                    for ($i = 1; $i <= 10; $i++) {
                                        $passwordArr[] = $this->generatePW();
                                    }
                                    // Get all be_users
                                    $resUsers = $GLOBALS['TYPO3_DB']->exec_SELECTquery('uid,username', 'be_users', 'disable=0 AND deleted=0', '', '', '');
                                    $i = 0;
                                    $passwordArrWithUsername = array();
                                    while ($rowUsers = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($resUsers)) {
                                        $passwordArrWithUsername[$rowUsers['username']] = $passwordArr[$i];
                                        // Create salted password
                                        $password = $passwordArr[$i];
                                        // plain-text password
                                        $saltedPassword = '';
                                        if (t3lib_extMgm::isLoaded('saltedpasswords')) {
                                            if (tx_saltedpasswords_div::isUsageEnabled('FE')) {
                                                $objSalt = tx_saltedpasswords_salts_factory::getSaltingInstance(NULL);
                                                if (is_object($objSalt)) {
                                                    $saltedPassword = $objSalt->getHashedPassword($password);
                                                }
                                            }
                                        } else {
                                            $saltedPassword = $password;
                                        }
                                        $updateArray = array('password' => $saltedPassword);
                                        $res = $GLOBALS['TYPO3_DB']->exec_UPDATEquery('be_users', 'uid=' . $rowUsers['uid'], $updateArray);
                                        $i++;
                                    }
                                    /* Backend user passwords END */
                                    /* Switch localconf BEGIN */
                                    // Clear temp files
                                    foreach (glob(PATH_typo3conf . "temp_*.php") as $filename) {
                                        unlink($filename);
                                    }
                                    // Get files
                                    $localconfFileAct = PATH_typo3conf . 'localconf.php';
                                    $localconfFileOld = PATH_typo3conf . 'old_localconf.php';
                                    $localconfFileNew = PATH_typo3conf . 'new_localconf.php';
                                    // Include localconf to get database connection for new localconf file
                                    // Open new_localconf.php
                                    $localconfFileNewContent = file_get_contents($localconfFileNew);
                                    $localconfFileNewContent = str_replace(array("\$typo_db_username = '';", "\$typo_db_password = '';", "\$typo_db_host = '';", "\$typo_db = '';"), array("\$typo_db_username = '******';", "\$typo_db_password = '******';", "\$typo_db_host = '" . TYPO3_db_host . "';", "\$typo_db = '" . TYPO3_db . "';"), $localconfFileNewContent);
                                    file_put_contents($localconfFileNew, $localconfFileNewContent);
                                    // Rename files
                                    rename($localconfFileAct, $localconfFileOld);
                                    rename($localconfFileNew, $localconfFileAct);
                                    /* Switch localconf END */
                                    // Success message
                                    $successMessageContent = '<h3>' . $GLOBALS['LANG']->getLL('configSaved') . '</h3>';
                                    $successMessageContent .= '<p><br /><b>' . $GLOBALS['LANG']->getLL('backendPasses') . '</b><br />';
                                    $c = 0;
                                    foreach ($passwordArrWithUsername as $pKey => $pVal) {
                                        if ($c == 0) {
                                            $successMessageContent .= $pKey . ': ' . $pVal;
                                        } else {
                                            $successMessageContent .= '<br />' . $pKey . ': ' . $pVal;
                                        }
                                        $c++;
                                    }
                                    $successMessageContent .= '</p>';
                                    $successMessageContent .= '<p><br /><b>' . $GLOBALS['LANG']->getLL('installToolPassword') . '</b><br />' . $newInstallPassword . '</p>';
                                    // Import SQL
                                    $successMessageContent .= '<p><br /><b>' . $GLOBALS['LANG']->getLL('database') . '</b><br />' . $GLOBALS['LANG']->getLL('databaseSuccess') . '</p>';
                                    $content = '<div class="alert alert-success">' . $successMessageContent . '</div>';
                                    $this->content .= $this->doc->section($GLOBALS['LANG']->getLL('title'), $content, 0, 1);
                                    // Clear typo3temp folder recursively
                                    $this->emptyDirectory(PATH_site . 'typo3temp/Cache/Code');
                                }
                            }
                        }
                    }
                } else {
                    // Check if module has already been deactivated
                    $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('tx_medbootstraptools_bootstrapconfig', 'pages', 'uid=1', '', '', '');
                    $row = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res);
                    if ($row['tx_medbootstraptools_bootstrapconfig'] == 1) {
                        $content = '<p><b>' . $GLOBALS['LANG']->getLL('configAlready') . '</b></p>';
                    } else {
                        $content = '
                            <form method="post" action="">
                            	<div class="settings">
	                            	<h4>' . $GLOBALS['LANG']->getLL('generalSettings') . '</h4>
	                            
	                                <label>' . $GLOBALS['LANG']->getLL('projectName') . '</label>
	                                <input type="text" name="project_name" value="' . $projectDir . '">
	                                    
	                                <label>' . $GLOBALS['LANG']->getLL('basedomainDE') . '</label>
	                                <input type="text" placeholder="http://subdomain.domain.de/" name="project_basedomainde" class="input-middle"> 
	                                
	                                <label>' . $GLOBALS['LANG']->getLL('basedomainEN') . '</label>
	                                <input type="text" placeholder="http://subdomain.domain.de/en/" name="project_basedomainen" class="input-middle">     
	                                
	                                <label>' . $GLOBALS['LANG']->getLL('httpHost') . '</label>
	                                <input type="text" name="project_httphost" placeholder="subdomain.domain.de">
	                                    
	                                <label>' . $GLOBALS['LANG']->getLL('copyrightNotice') . '</label>
	                                <input type="text" class="input-long" placeholder="' . $GLOBALS['LANG']->getLL('copyrightDefault') . '" name="project_copyright">     
	                                
	                                <label>' . $GLOBALS['LANG']->getLL('email') . '</label>
	                                <input type="text" name="project_email" placeholder="*****@*****.**">
	                                    
	                                <label>' . $GLOBALS['LANG']->getLL('adminUser') . ' <i>' . $GLOBALS['LANG']->getLL('adminUserInfo') . '</i>:</label>
	                                <textarea cols="5" rows="10" class="textarea-beusers" name="project_beusers"></textarea>
	                                    
	                                <label>' . $GLOBALS['LANG']->getLL('responsive') . '</label>
	                                <input type="checkbox" name="project_responsive" checked="checked">                         
	                                
	                                <h4>' . $GLOBALS['LANG']->getLL('databaseConnectionPreview') . '</h4>
	                                
	                                <label>' . $GLOBALS['LANG']->getLL('basedomainDE') . '</label>
	                                <input type="text" placeholder="http://subdomain.domain.de/" name="preview_basedomainde" class="input-middle"> 
	                                
	                                <label>' . $GLOBALS['LANG']->getLL('basedomainEN') . '</label>
	                                <input type="text" placeholder="http://subdomain.domain.de/en/" name="preview_basedomainen" class="input-middle">  	         
	                                
	                                <label>' . $GLOBALS['LANG']->getLL('httpHost') . '</label>
	                                <input type="text" name="preview_httphost" placeholder="subdomain.domain.de">	                                                       
	                                
	                                <label>' . $GLOBALS['LANG']->getLL('serverName') . '</label>
	                                <input type="text" name="preview_server" placeholder="domain.de">                              
	                                
	                                <label>' . $GLOBALS['LANG']->getLL('username') . '</label>
	                                <input type="text" name="preview_username" autocomplete="off">
	                                
	                                <label>' . $GLOBALS['LANG']->getLL('password') . '</label>
	                                <input type="password" name="preview_password" autocomplete="off">  
	                                
	                                <label>' . $GLOBALS['LANG']->getLL('host') . '</label>
	                                <input type="text" name="preview_host">   
	                                
	                                <label>' . $GLOBALS['LANG']->getLL('database') . '</label>
	                                <input type="text" name="preview_database"> 
	                                
	                                <label>' . $GLOBALS['LANG']->getLL('imageMagickPath') . '</label>
	                                <input type="text" name="preview_impath" placeholder="/usr/local/bin/">                                                                  
	                                
	                                <h4>' . $GLOBALS['LANG']->getLL('databaseConnection') . '</h4>
	                                
	                                <label>' . $GLOBALS['LANG']->getLL('basedomainDE') . '</label>
	                                <input type="text" placeholder="http://subdomain.domain.de/" name="live_basedomainde" class="input-middle"> 
	                                
	                                <label>' . $GLOBALS['LANG']->getLL('basedomainEN') . '</label>
	                                <input type="text" placeholder="http://subdomain.domain.de/en/" name="live_basedomainen" class="input-middle">  	                                
	                                
	                                <label>' . $GLOBALS['LANG']->getLL('httpHost') . '</label>
	                                <input type="text" name="live_httphost" placeholder="subdomain.domain.de">	                                
	                              
	                                <label>' . $GLOBALS['LANG']->getLL('serverName') . '</label>
	                                <input type="text" name="live_server" placeholder="domain.de">                              
	                                
	                                <label>' . $GLOBALS['LANG']->getLL('username') . '</label>
	                                <input type="text" name="live_username" autocomplete="off">
	                                
	                                <label>' . $GLOBALS['LANG']->getLL('password') . '</label>
	                                <input type="password" name="live_password" autocomplete="off">  
	                                
	                                <label>' . $GLOBALS['LANG']->getLL('host') . '</label>
	                                <input type="text" name="live_host">   
	                                
	                                <label>' . $GLOBALS['LANG']->getLL('database') . '</label>
	                                <input type="text" name="live_database">     
	                                
	                                <label>' . $GLOBALS['LANG']->getLL('imageMagickPath') . '</label>
	                                <input type="text" name="live_impath" placeholder="/usr/local/bin/">                                                                                                                        
	                                
	                                <input type="hidden" name="submit_config" value="1">
	                                <p><a href="javascript:void(0);" class="btn btn-primary btn-submit">' . $GLOBALS['LANG']->getLL('save') . '</a></p>
                                </div>
                            </form>
                        ';
                    }
                    $this->content .= $this->doc->section($GLOBALS['LANG']->getLL('title'), $content, 0, 1);
                }
                break;
        }
    }
 /**
  * @test
  */
 public function resettingFactoryInstanceSucceeds()
 {
     $defaultClassNameToUse = tx_saltedpasswords_div::getDefaultSaltingHashingMethod();
     $saltedPW = '';
     if ($defaultClassNameToUse == 'tx_saltedpasswords_salts_md5') {
         $saltedPW = '$P$CWF13LlG/0UcAQFUjnnS4LOqyRW43c.';
     } else {
         $saltedPW = '$1$rasmusle$rISCgZzpwk3UhDidwXvin0';
     }
     $this->objectInstance = tx_saltedpasswords_salts_factory::getSaltingInstance($saltedPW);
     // resetting
     $this->objectInstance = tx_saltedpasswords_salts_factory::getSaltingInstance(NULL);
     $this->assertTrue(get_class($this->objectInstance) == $defaultClassNameToUse || is_subclass_of($this->objectInstance, $defaultClassNameToUse));
 }
 /**
  * Checks the login data with the user record data for builtin login method.
  *
  * @param	array		user data array
  * @param	array		login data array
  * @param	string		login security level (optional)
  * @return	boolean		TRUE if login data matched
  */
 function compareUident(array $user, array $loginData, $security_level = 'normal')
 {
     $validPasswd = FALSE;
     // could be merged; still here to clarify
     if (!strcmp(TYPO3_MODE, 'BE')) {
         $password = $loginData['uident_text'];
     } else {
         if (!strcmp(TYPO3_MODE, 'FE')) {
             $password = $loginData['uident_text'];
         }
     }
     // determine method used for given salted hashed password
     $this->objInstanceSaltedPW = tx_saltedpasswords_salts_factory::getSaltingInstance($user['password']);
     // existing record is in format of Salted Hash password
     if (is_object($this->objInstanceSaltedPW)) {
         $validPasswd = $this->objInstanceSaltedPW->checkPassword($password, $user['password']);
         // record is in format of Salted Hash password but authentication failed
         // skip further authentication methods
         if (!$validPasswd) {
             $this->authenticationFailed = TRUE;
         }
         $defaultHashingClassName = tx_saltedpasswords_div::getDefaultSaltingHashingMethod();
         $skip = FALSE;
         // test for wrong salted hashing method
         if ($validPasswd && !(get_class($this->objInstanceSaltedPW) == $defaultHashingClassName) || is_subclass_of($this->objInstanceSaltedPW, $defaultHashingClassName)) {
             // instanciate default method class
             $this->objInstanceSaltedPW = tx_saltedpasswords_salts_factory::getSaltingInstance(NULL);
             $this->updatePassword(intval($user['uid']), array('password' => $this->objInstanceSaltedPW->getHashedPassword($password)));
         }
         if ($validPasswd && !$skip && $this->objInstanceSaltedPW->isHashUpdateNeeded($user['password'])) {
             $this->updatePassword(intval($user['uid']), array('password' => $this->objInstanceSaltedPW->getHashedPassword($password)));
         }
         // we process also clear-text, md5 and passwords updated by Portable PHP password hashing framework
     } else {
         if (!intval($this->extConf['forceSalted'])) {
             // stored password is in deprecated salted hashing method
             if (t3lib_div::inList('C$,M$', substr($user['password'], 0, 2))) {
                 // instanciate default method class
                 $this->objInstanceSaltedPW = tx_saltedpasswords_salts_factory::getSaltingInstance(substr($user['password'], 1));
                 // md5
                 if (!strcmp(substr($user['password'], 0, 1), 'M')) {
                     $validPasswd = $this->objInstanceSaltedPW->checkPassword(md5($password), substr($user['password'], 1));
                 } else {
                     $validPasswd = $this->objInstanceSaltedPW->checkPassword($password, substr($user['password'], 1));
                 }
                 // skip further authentication methods
                 if (!$validPasswd) {
                     $this->authenticationFailed = TRUE;
                 }
                 // password is stored as md5
             } else {
                 if (preg_match('/[0-9abcdef]{32,32}/', $user['password'])) {
                     $validPasswd = !strcmp(md5($password), $user['password']) ? TRUE : FALSE;
                     // skip further authentication methods
                     if (!$validPasswd) {
                         $this->authenticationFailed = TRUE;
                     }
                     // password is stored plain or unrecognized format
                 } else {
                     $validPasswd = !strcmp($password, $user['password']) ? TRUE : FALSE;
                 }
             }
             // should we store the new format value in DB?
             if ($validPasswd && intval($this->extConf['updatePasswd'])) {
                 // instanciate default method class
                 $this->objInstanceSaltedPW = tx_saltedpasswords_salts_factory::getSaltingInstance(NULL);
                 $this->updatePassword(intval($user['uid']), array('password' => $this->objInstanceSaltedPW->getHashedPassword($password)));
             }
         }
     }
     return $validPasswd;
 }
Example #12
0
<?php

if (!defined('TYPO3_MODE')) {
    die('Access denied.');
}
t3lib_div::loadTCA('fe_users');
$TCA['fe_users']['columns']['password']['config']['max'] = 60;
if (tx_saltedpasswords_div::isUsageEnabled('FE')) {
    $TCA['fe_users']['columns']['password']['config']['eval'] = 'trim,required,tx_saltedpasswords_eval_fe,password';
}
t3lib_div::loadTCA('be_users');
$TCA['be_users']['columns']['password']['config']['max'] = 60;
if (tx_saltedpasswords_div::isUsageEnabled('BE')) {
    $TCA['be_users']['columns']['password']['config']['eval'] = 'trim,required,tx_saltedpasswords_eval_be,password';
    // Prevent md5 hashing on client side via JS
    $GLOBALS['TYPO3_USER_SETTINGS']['columns']['password']['eval'] = '';
    $GLOBALS['TYPO3_USER_SETTINGS']['columns']['password2']['eval'] = '';
}
 protected function checkRequirements()
 {
     $content = '';
     // Check if all required extensions are available
     if (is_array($GLOBALS['TYPO3_CONF_VARS']['EXTCONF'][$this->extKey]['constraints']['depends'])) {
         $requiredExtensions = array_diff(array_keys($GLOBALS['TYPO3_CONF_VARS']['EXTCONF'][$this->extKey]['constraints']['depends']), array('php', 'typo3'));
         foreach ($requiredExtensions as $requiredExtension) {
             if (!t3lib_extMgm::isLoaded($requiredExtension)) {
                 $message = sprintf($GLOBALS['TSFE']->sL('LLL:EXT:' . $this->extKey . '/pi1/locallang.xml:internal_required_extension_missing'), $requiredExtension);
                 t3lib_div::sysLog($message, $this->extKey, t3lib_div::SYSLOG_SEVERITY_ERROR);
                 $content .= sprintf($GLOBALS['TSFE']->sL('LLL:EXT:' . $this->extKey . '/pi1/locallang.xml:internal_check_requirements_frontend'), $message);
             }
         }
     }
     // Check if front end login security level is correctly set
     $supportedTransmissionSecurityLevels = $GLOBALS['TYPO3_CONF_VARS']['EXTCONF'][$this->extKey]['loginSecurityLevels'];
     if (!in_array($GLOBALS['TYPO3_CONF_VARS']['FE']['loginSecurityLevel'], $supportedTransmissionSecurityLevels)) {
         $message = $GLOBALS['TSFE']->sL('LLL:EXT:' . $this->extKey . '/pi1/locallang.xml:internal_login_security_level');
         t3lib_div::sysLog($message, $this->extKey, t3lib_div::SYSLOG_SEVERITY_ERROR);
         $content .= sprintf($GLOBALS['TSFE']->sL('LLL:EXT:' . $this->extKey . '/pi1/locallang.xml:internal_check_requirements_frontend'), $message);
     } else {
         // Check if salted passwords are enabled in front end
         if (t3lib_extMgm::isLoaded('saltedpasswords')) {
             if (!tx_saltedpasswords_div::isUsageEnabled('FE')) {
                 $message = $GLOBALS['TSFE']->sL('LLL:EXT:' . $this->extKey . '/pi1/locallang.xml:internal_salted_passwords_disabled');
                 t3lib_div::sysLog($message, $this->extKey, t3lib_div::SYSLOG_SEVERITY_ERROR);
                 $content .= sprintf($GLOBALS['TSFE']->sL('LLL:EXT:' . $this->extKey . '/pi1/locallang.xml:internal_check_requirements_frontend'), $message);
             } else {
                 // Check if we can get a salting instance
                 $objSalt = tx_saltedpasswords_salts_factory::getSaltingInstance(NULL);
                 if (!is_object($objSalt)) {
                     // Could not get a salting instance from saltedpasswords
                     $message = $GLOBALS['TSFE']->sL('LLL:EXT:' . $this->extKey . '/pi1/locallang.xml:internal_salted_passwords_no_instance');
                     t3lib_div::sysLog($message, $this->extKey, t3lib_div::SYSLOG_SEVERITY_ERROR);
                     $content .= sprintf($GLOBALS['TSFE']->sL('LLL:EXT:' . $this->extKey . '/pi1/locallang.xml:internal_check_requirements_frontend'), $message);
                 }
             }
         }
         // Check if we can get a backend from rsaauth
         if (t3lib_extMgm::isLoaded('rsaauth')) {
             // rsaauth in TYPO3 4.5 misses autoload
             if (!class_exists('tx_rsaauth_backendfactory')) {
                 require_once t3lib_extMgm::extPath('rsaauth') . 'sv1/backends/class.tx_rsaauth_backendfactory.php';
                 require_once t3lib_extMgm::extPath('rsaauth') . 'sv1/storage/class.tx_rsaauth_storagefactory.php';
             }
             $backend = tx_rsaauth_backendfactory::getBackend();
             $storage = tx_rsaauth_storagefactory::getStorage();
             if (!is_object($backend) || !$backend->isAvailable() || !is_object($storage)) {
                 // Required RSA auth backend not available
                 $message = $GLOBALS['TSFE']->sL('LLL:EXT:' . $this->extKey . '/pi1/locallang.xml:internal_rsaauth_backend_not_available');
                 t3lib_div::sysLog($message, $this->extKey, t3lib_div::SYSLOG_SEVERITY_ERROR);
                 $content .= sprintf($GLOBALS['TSFE']->sL('LLL:EXT:' . $this->extKey . '/pi1/locallang.xml:internal_check_requirements_frontend'), $message);
             }
         }
     }
     return $content;
 }
 private function isOldPasswordCorrect()
 {
     // Check old password
     $password = $GLOBALS['TYPO3_DB']->exec_SELECTgetSingleRow('password', 'fe_users', 'uid = ' . $this->config['userid'] . ' AND pid IN (' . $this->conf['pidList'] . ')');
     $password = current($password);
     if (t3lib_extMgm::isLoaded('saltedpasswords') && tx_saltedpasswords_div::isUsageEnabled('FE')) {
         $instanceSalted = tx_saltedpasswords_salts_factory::getSaltingInstance();
     }
     if ($instanceSalted && $instanceSalted->isValidSaltedPW($password)) {
         if (!$instanceSalted->checkPassword($this->piVars['oldpassword'], $password)) {
             return false;
         }
     } else {
         if (t3lib_extMgm::isLoaded('kb_md5fepw')) {
             if (strcmp(md5($this->piVars['oldpassword']), $password) != 0) {
                 return false;
             }
         } else {
             if (strcmp($this->piVars['oldpassword'], $password) != 0) {
                 return false;
             }
         }
     }
     return true;
 }