/** * Run the controller and parse the template * * @return Response */ public function run() { /** @var \BackendTemplate|object $objTemplate */ $objTemplate = new \BackendTemplate('be_preview'); $objTemplate->base = \Environment::get('base'); $objTemplate->language = $GLOBALS['TL_LANGUAGE']; $objTemplate->title = specialchars($GLOBALS['TL_LANG']['MSC']['fePreview']); $objTemplate->charset = \Config::get('characterSet'); $objTemplate->site = \Input::get('site', true); $objTemplate->switchHref = \System::getContainer()->get('router')->generate('contao_backend_switch'); if (\Input::get('url')) { $objTemplate->url = \Environment::get('base') . \Input::get('url'); } elseif (\Input::get('page')) { $objTemplate->url = $this->redirectToFrontendPage(\Input::get('page'), \Input::get('article'), true); } else { $objTemplate->url = \System::getContainer()->get('router')->generate('contao_root', [], UrlGeneratorInterface::ABSOLUTE_URL); } // Switch to a particular member (see #6546) if (\Input::get('user') && $this->User->isAdmin) { $objUser = \MemberModel::findByUsername(\Input::get('user')); if ($objUser !== null) { $strHash = $this->getSessionHash('FE_USER_AUTH'); // Remove old sessions $this->Database->prepare("DELETE FROM tl_session WHERE tstamp<? OR hash=?")->execute(time() - \Config::get('sessionTimeout'), $strHash); // Insert the new session $this->Database->prepare("INSERT INTO tl_session (pid, tstamp, name, sessionID, ip, hash) VALUES (?, ?, ?, ?, ?, ?)")->execute($objUser->id, time(), 'FE_USER_AUTH', \System::getContainer()->get('session')->getId(), \Environment::get('ip'), $strHash); // Set the cookie $this->setCookie('FE_USER_AUTH', $strHash, time() + \Config::get('sessionTimeout'), null, null, false, true); $objTemplate->user = \Input::post('user'); } } return $objTemplate->getResponse(); }
/** * Display a login form * * @return string */ public function generate() { if (TL_MODE == 'BE') { /** @var BackendTemplate|object $objTemplate */ $objTemplate = new \BackendTemplate('be_wildcard'); $objTemplate->wildcard = '### ' . Utf8::strtoupper($GLOBALS['TL_LANG']['FMD']['login'][0]) . ' ###'; $objTemplate->title = $this->headline; $objTemplate->id = $this->id; $objTemplate->link = $this->name; $objTemplate->href = 'contao/main.php?do=themes&table=tl_module&act=edit&id=' . $this->id; return $objTemplate->parse(); } // Set the last page visited if (!$_POST && $this->redirectBack) { $_SESSION['LAST_PAGE_VISITED'] = $this->getReferer(); } // Login if (\Input::post('FORM_SUBMIT') == 'tl_login_' . $this->id) { // Check whether username and password are set if (empty($_POST['username']) || empty($_POST['password'])) { \System::getContainer()->get('session')->getFlashBag()->set($this->strFlashType, $GLOBALS['TL_LANG']['MSC']['emptyField']); $this->reload(); } $this->import('FrontendUser', 'User'); $strRedirect = \Environment::get('request'); // Redirect to the last page visited if ($this->redirectBack && $_SESSION['LAST_PAGE_VISITED'] != '') { $strRedirect = $_SESSION['LAST_PAGE_VISITED']; } else { // Redirect to the jumpTo page if ($this->jumpTo && ($objTarget = $this->objModel->getRelated('jumpTo')) instanceof PageModel) { /** @var PageModel $objTarget */ $strRedirect = $objTarget->getFrontendUrl(); } // Overwrite the jumpTo page with an individual group setting $objMember = \MemberModel::findByUsername(\Input::post('username')); if ($objMember !== null) { $arrGroups = \StringUtil::deserialize($objMember->groups); if (!empty($arrGroups) && is_array($arrGroups)) { $objGroupPage = \PageModel::findFirstActiveByMemberGroups($arrGroups); if ($objGroupPage !== null) { $strRedirect = $objGroupPage->getFrontendUrl(); } } } } // Auto login is not allowed if (isset($_POST['autologin']) && !$this->autologin) { unset($_POST['autologin']); \Input::setPost('autologin', null); } // Login and redirect if ($this->User->login()) { $this->redirect($strRedirect); } $this->reload(); } // Logout and redirect to the website root if the current page is protected if (\Input::post('FORM_SUBMIT') == 'tl_logout_' . $this->id) { /** @var PageModel $objPage */ global $objPage; $this->import('FrontendUser', 'User'); $strRedirect = \Environment::get('request'); // Redirect to last page visited if ($this->redirectBack && strlen($_SESSION['LAST_PAGE_VISITED'])) { $strRedirect = $_SESSION['LAST_PAGE_VISITED']; } elseif ($objPage->protected) { $strRedirect = \Environment::get('base'); } // Logout and redirect if ($this->User->logout()) { $this->redirect($strRedirect); } $this->reload(); } return parent::generate(); }
/** * Run the controller and parse the template * * @return Response */ public function run() { $this->disableProfiler(); if (\Environment::get('isAjaxRequest')) { $this->getDatalistOptions(); } $strUser = ''; $strHash = $this->getSessionHash('FE_USER_AUTH'); // Get the front end user if (FE_USER_LOGGED_IN) { $objUser = $this->Database->prepare("SELECT username FROM tl_member WHERE id=(SELECT pid FROM tl_session WHERE hash=?)")->limit(1)->execute($strHash); if ($objUser->numRows) { $strUser = $objUser->username; } } /** @var BackendTemplate|object $objTemplate */ $objTemplate = new \BackendTemplate('be_switch'); $objTemplate->user = $strUser; $objTemplate->show = \Input::cookie('FE_PREVIEW'); $objTemplate->update = false; // Switch if (\Input::post('FORM_SUBMIT') == 'tl_switch') { $time = time(); // Hide unpublished elements if (\Input::post('unpublished') == 'hide') { $this->setCookie('FE_PREVIEW', 0, $time - 86400); $objTemplate->show = 0; } else { $this->setCookie('FE_PREVIEW', 1, $time + \Config::get('sessionTimeout')); $objTemplate->show = 1; } // Allow admins to switch user accounts if ($this->User->isAdmin) { // Remove old sessions $this->Database->prepare("DELETE FROM tl_session WHERE tstamp<? OR hash=?")->execute($time - \Config::get('sessionTimeout'), $strHash); // Log in the front end user if (\Input::post('user')) { $objUser = \MemberModel::findByUsername(\Input::post('user')); if ($objUser !== null) { // Insert the new session $this->Database->prepare("INSERT INTO tl_session (pid, tstamp, name, sessionID, ip, hash) VALUES (?, ?, ?, ?, ?, ?)")->execute($objUser->id, $time, 'FE_USER_AUTH', \System::getContainer()->get('session')->getId(), \Environment::get('ip'), $strHash); // Set the cookie $this->setCookie('FE_USER_AUTH', $strHash, $time + \Config::get('sessionTimeout'), null, null, false, true); $objTemplate->user = \Input::post('user'); } } else { // Remove cookie $this->setCookie('FE_USER_AUTH', $strHash, $time - 86400, null, null, false, true); $objTemplate->user = ''; } } $objTemplate->update = true; } // Default variables $objTemplate->theme = \Backend::getTheme(); $objTemplate->base = \Environment::get('base'); $objTemplate->language = $GLOBALS['TL_LANGUAGE']; $objTemplate->apply = $GLOBALS['TL_LANG']['MSC']['apply']; $objTemplate->reload = $GLOBALS['TL_LANG']['MSC']['reload']; $objTemplate->feUser = $GLOBALS['TL_LANG']['MSC']['feUser']; $objTemplate->username = $GLOBALS['TL_LANG']['MSC']['username']; $objTemplate->charset = \Config::get('characterSet'); $objTemplate->lblHide = $GLOBALS['TL_LANG']['MSC']['hiddenHide']; $objTemplate->lblShow = $GLOBALS['TL_LANG']['MSC']['hiddenShow']; $objTemplate->fePreview = $GLOBALS['TL_LANG']['MSC']['fePreview']; $objTemplate->hiddenElements = $GLOBALS['TL_LANG']['MSC']['hiddenElements']; $objTemplate->closeSrc = TL_FILES_URL . 'system/themes/' . \Backend::getTheme() . '/images/close.gif'; $objTemplate->action = ampersand(\Environment::get('request')); $objTemplate->isAdmin = $this->User->isAdmin; return $objTemplate->getResponse(); }
/** * Imports a user from phpbb to contao * * @param $username * @param $password * @return bool * @throws \Exception */ public function importUser($username, $password) { if ($this->debug) { System::log("phpbb_bridge: " . __METHOD__, __METHOD__, TL_ACCESS); } // Find User in forum $user = $this->getUser($username); if ($user) { System::log('Importing User ' . $username, __METHOD__, TL_ACCESS); // Try to find user by real username if he entered username_clean // he may not be imported yet with it's clean username $contaoUser = MemberModel::findByUsername($user->username); if (null == $contaoUser) { $contaoUser = new MemberModel(); } $contaoUser->username = $user->username; $contaoUser->username_clean = $user->username_clean; $contaoUser->email = $user->user_email; $contaoUser->firstname = 'Vorname'; $contaoUser->lastname = 'Nachname'; $contaoUser->password = Encryption::hash($password); $contaoUser->login = 1; $contaoUser->tstamp = $contaoUser->dateAdded = time(); $contaoUser->groups = $this->getForumMemberGroupIds(true); // @todo add try catch, make it more safe, logout phpbb user on fail? $contaoUser->save(); System::log('User imported: ' . $contaoUser->username, __METHOD__, TL_ACCESS); // username_clean used for login if ($username != $contaoUser->username) { Input::setPost('username', $contaoUser->username); } return true; } else { System::log($username . ' could not be found in phpbb db', __METHOD__, TL_ACCESS); return false; } }