/**
* @uses LeftAndMainExtension->init()
* @uses LeftAndMainExtension->accessedCMS()
* @uses CMSMenu
*/
protected function init()
{
parent::init();
SSViewer::config()->update('rewrite_hash_links', false);
ContentNegotiator::config()->update('enabled', false);
// set language
$member = Member::currentUser();
if (!empty($member->Locale)) {
i18n::set_locale($member->Locale);
}
if (!empty($member->DateFormat)) {
i18n::config()->date_format = $member->DateFormat;
}
if (!empty($member->TimeFormat)) {
i18n::config()->time_format = $member->TimeFormat;
}
// can't be done in cms/_config.php as locale is not set yet
CMSMenu::add_link('Help', _t('LeftAndMain.HELP', 'Help', 'Menu title'), $this->config()->help_link, -2, array('target' => '_blank'));
// Allow customisation of the access check by a extension
// Also all the canView() check to execute Controller::redirect()
if (!$this->canView() && !$this->getResponse()->isFinished()) {
// When access /admin/, we should try a redirect to another part of the admin rather than be locked out
$menu = $this->MainMenu();
foreach ($menu as $candidate) {
if ($candidate->Link && $candidate->Link != $this->Link() && $candidate->MenuItem->controller && singleton($candidate->MenuItem->controller)->canView()) {
$this->redirect($candidate->Link);
return;
}
}
if (Member::currentUser()) {
Session::set("BackURL", null);
}
// if no alternate menu items have matched, return a permission error
$messageSet = array('default' => _t('LeftAndMain.PERMDEFAULT', "You must be logged in to access the administration area; please enter your credentials below."), 'alreadyLoggedIn' => _t('LeftAndMain.PERMALREADY', "I'm sorry, but you can't access that part of the CMS. If you want to log in as someone else, do" . " so below."), 'logInAgain' => _t('LeftAndMain.PERMAGAIN', "You have been logged out of the CMS. If you would like to log in again, enter a username and" . " password below."));
Security::permissionFailure($this, $messageSet);
return;
}
// Don't continue if there's already been a redirection request.
if ($this->redirectedTo()) {
return;
}
// Audit logging hook
if (empty($_REQUEST['executeForm']) && !$this->getRequest()->isAjax()) {
$this->extend('accessedCMS');
}
// Set the members html editor config
if (Member::currentUser()) {
HTMLEditorConfig::set_active_identifier(Member::currentUser()->getHtmlEditorConfigForCMS());
}
// Set default values in the config if missing. These things can't be defined in the config
// file because insufficient information exists when that is being processed
$htmlEditorConfig = HTMLEditorConfig::get_active();
$htmlEditorConfig->setOption('language', i18n::get_tinymce_lang());
Requirements::customScript("\n\t\t\twindow.ss = window.ss || {};\n\t\t\twindow.ss.config = " . $this->getCombinedClientConfig() . ";\n\t\t");
Requirements::javascript(FRAMEWORK_ADMIN_DIR . '/client/dist/js/vendor.js');
Requirements::javascript(FRAMEWORK_ADMIN_DIR . '/client/dist/js/bundle.js');
Requirements::css(ltrim(FRAMEWORK_ADMIN_DIR . '/client/dist/styles/bundle.css', '/'));
Requirements::add_i18n_javascript(ltrim(FRAMEWORK_DIR . '/client/lang', '/'), false, true);
Requirements::add_i18n_javascript(FRAMEWORK_ADMIN_DIR . '/client/lang', false, true);
if ($this->config()->session_keepalive_ping) {
Requirements::javascript(FRAMEWORK_ADMIN_DIR . '/client/dist/js/LeftAndMain.Ping.js');
}
if (Director::isDev()) {
// TODO Confuses jQuery.ondemand through document.write()
Requirements::javascript(ADMIN_THIRDPARTY_DIR . '/jquery-entwine/src/jquery.entwine.inspector.js');
Requirements::javascript(FRAMEWORK_ADMIN_DIR . '/client/dist/js/leaktools.js');
}
// Custom requirements
$extraJs = $this->stat('extra_requirements_javascript');
if ($extraJs) {
foreach ($extraJs as $file => $config) {
if (is_numeric($file)) {
$file = $config;
}
Requirements::javascript($file);
}
}
$extraCss = $this->stat('extra_requirements_css');
if ($extraCss) {
foreach ($extraCss as $file => $config) {
if (is_numeric($file)) {
$file = $config;
$config = array();
}
Requirements::css($file, isset($config['media']) ? $config['media'] : null);
}
}
$extraThemedCss = $this->stat('extra_requirements_themedCss');
if ($extraThemedCss) {
foreach ($extraThemedCss as $file => $config) {
if (is_numeric($file)) {
$file = $config;
$config = array();
}
Requirements::themedCSS($file, isset($config['media']) ? $config['media'] : null);
}
}
$dummy = null;
$this->extend('init', $dummy);
// Assign default cms theme and replace user-specified themes
SSViewer::set_themes($this->config()->admin_themes);
//set the reading mode for the admin to stage
Versioned::set_stage(Versioned::DRAFT);
}
/**
* Constructor
*
* @skipUpgrade
* @param Controller $controller The parent controller, necessary to
* create the appropriate form action tag.
* @param string $name The method on the controller that will return this
* form object.
* @param FieldList $fields All of the fields in the form - a
* {@link FieldList} of {@link FormField}
* objects.
* @param FieldList|FormAction $actions All of the action buttons in the
* form - a {@link FieldList} of
* {@link FormAction} objects
* @param bool $checkCurrentUser If set to TRUE, it will be checked if a
* the user is currently logged in, and if
* so, only a logout button will be rendered
*/
public function __construct($controller, $name, $fields = null, $actions = null, $checkCurrentUser = true)
{
// This is now set on the class directly to make it easier to create subclasses
// $this->authenticator_class = $authenticatorClassName;
$customCSS = project() . '/css/member_login.css';
if (Director::fileExists($customCSS)) {
Requirements::css($customCSS);
}
if (isset($_REQUEST['BackURL'])) {
$backURL = $_REQUEST['BackURL'];
} else {
$backURL = Session::get('BackURL');
}
if ($checkCurrentUser && Member::currentUser() && Member::logged_in_session_exists()) {
$fields = FieldList::create(HiddenField::create("AuthenticationMethod", null, $this->authenticator_class, $this));
$actions = FieldList::create(FormAction::create("logout", _t('Member.BUTTONLOGINOTHER', "Log in as someone else")));
} else {
if (!$fields) {
$label = Member::singleton()->fieldLabel(Member::config()->unique_identifier_field);
$fields = FieldList::create(HiddenField::create("AuthenticationMethod", null, $this->authenticator_class, $this), $emailField = TextField::create("Email", $label, null, null, $this), PasswordField::create("Password", _t('Member.PASSWORD', 'Password')));
if (Security::config()->remember_username) {
$emailField->setValue(Session::get('SessionForms.MemberLoginForm.Email'));
} else {
// Some browsers won't respect this attribute unless it's added to the form
$this->setAttribute('autocomplete', 'off');
$emailField->setAttribute('autocomplete', 'off');
}
if (Security::config()->autologin_enabled) {
$fields->push(CheckboxField::create("Remember", _t('Member.KEEPMESIGNEDIN', "Keep me signed in"))->setAttribute('title', sprintf(_t('Member.REMEMBERME', "Remember me next time? (for %d days on this device)"), RememberLoginHash::config()->get('token_expiry_days'))));
}
}
if (!$actions) {
$actions = FieldList::create(FormAction::create('dologin', _t('Member.BUTTONLOGIN', "Log in")), LiteralField::create('forgotPassword', '<p id="ForgotPassword"><a href="' . Security::lost_password_url() . '">' . _t('Member.BUTTONLOSTPASSWORD', "I've lost my password") . '</a></p>'));
}
}
if (isset($backURL)) {
$fields->push(HiddenField::create('BackURL', 'BackURL', $backURL));
}
// Reduce attack surface by enforcing POST requests
$this->setFormMethod('POST', true);
parent::__construct($controller, $name, $fields, $actions);
$this->setValidator(RequiredFields::create('Email', 'Password'));
// Focus on the email input when the page is loaded
$js = <<<JS
\t\t\t(function() {
\t\t\t\tvar el = document.getElementById("MemberLoginForm_LoginForm_Email");
\t\t\t\tif(el && el.focus && (typeof jQuery == 'undefined' || jQuery(el).is(':visible'))) el.focus();
\t\t\t})();
JS;
Requirements::customScript($js, 'MemberLoginFormFieldFocus');
}
