/** * Check FE Session * * @return boolean */ public function render() { // settings global $TYPO3_CONF_VARS; $userObj = tslib_eidtools::initFeUser(); $GLOBALS['TSFE'] = t3lib_div::makeInstance( 'tslib_fe', $TYPO3_CONF_VARS, t3lib_div::_GET('id'), 0, true ); $GLOBALS['TSFE']->fe_user = $userObj; // random value for session storing $value = md5(time()); // store in session $GLOBALS['TSFE']->fe_user->setKey('ses', $this->sessionKey, $value); $GLOBALS['TSFE']->storeSessionData(); if ($GLOBALS['TSFE']->fe_user->getKey('ses', $this->sessionKey) === $value) { return true; } return false; }
public function __construct() { tslib_eidtools::connectDB(); tslib_eidtools::initFeUser(); tslib_eidtools::initLanguage(); tslib_eidtools::initTCA(); }
function main() { $feUserObj = tslib_eidtools::initFeUser(); // Initialize FE user object tslib_eidtools::connectDB(); //Connect to database $table = 'tx_drwiki_pages'; $myPid = intval(t3lib_div::_GET('myPid')); $myKeyword = $GLOBALS['TYPO3_DB']->fullQuoteStr(trim(t3lib_div::_GET('myKeyword')), $table); $myKeyword = substr($myKeyword, 1, strlen($myKeyword) - 2); $searchString = $table . ".pid IN (" . $myPid . ") AND keyword like '%" . $myKeyword . "%'"; // get Database entries $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('*', $table, $searchString); $results = array(); while ($row = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res)) { $results[$row["uid"]] = $row["keyword"]; } // Wir geben der Anfrage ein XML Objekt zurŸck $ajax_return_data = t3lib_div::array2xml($results); header('Expires: Mon, 26 Jul 2000 03:00:00 GMT'); header('Last-Modified: ' . gmdate("D, d M Y H:i:s") . 'GMT'); header('Cache-Control: no-cache, must-revalidate'); header('Pragma: no-cache'); header('Content-Length: ' . strlen($ajax_return_data)); header('Content-Type: text/xml'); echo $ajax_return_data; }
function main() { // Initialize FE user object $this->feUserObj = tslib_eidtools::initFeUser(); //Connect to database tslib_eidtools::connectDB(); // sanitize params // ticket uid $this->ticketUid = intval(t3lib_div::_GP('ticketUid')); if (!$this->ticketUid) { die; } // cobj id $this->cObjId = intval(t3lib_div::_GP('cobjid')); if (!$this->cObjId) { die; } // other params $this->storagePid = intval(t3lib_div::_GP('storagePid')); $toDoUid = intval(t3lib_div::_GP('toDoUid')); $progressValue = intval(t3lib_div::_GP('progressValue')); $title = t3lib_div::removeXSS(t3lib_div::_GP('title')); $doneStatus = intval(t3lib_div::_GP('doneStatus')); $sorting = t3lib_div::_GP('sorting'); // check user's permissions // exit if user has no permission for this ticket if (!$this->checkPermission()) { exit; } // switch actions switch (t3lib_div::_GP('action')) { case 'getToDos': echo json_encode($this->getToDos()); break; case 'updateProgress': $this->setProgress($progressValue); break; case 'addToDo': $result = $this->addToDo($title, $storagePid); if ($result) { echo json_encode($result); } break; case 'updateToDoStatus': echo json_encode($this->updateToDoStatus($toDoUid, $doneStatus)); break; case 'removeToDo': echo json_encode($this->removeToDo($toDoUid)); break; case 'calculateTicketProgress': echo json_encode($this->calculateTicketProgress()); break; case 'updateSorting': echo json_encode($this->updateSorting($sorting)); break; } }
/** * Processes eID request. * * @return void */ public function main() { // Due to the nature of OpenID (redrections, etc) we need to force user // session fetching if there is no session around. This ensures that // our service is called even if there is no login data in the request. // Inside the service we will process OpenID response and authenticate // the user. $GLOBALS['TYPO3_CONF_VARS']['SVCONF']['auth']['FE_fetchUserIfNoSession'] = true; // Initialize Frontend user tslib_eidtools::connectDB(); tslib_eidtools::initFeUser(); // Redirect to the original location in any case (authenticated or not) @ob_end_clean(); t3lib_utility_Http::redirect(t3lib_div::_GP('tx_openid_location'), t3lib_utility_Http::HTTP_STATUS_303); }
/** * The init Function, to check the access rights * * @return void */ function init() { $this->arrExtConf = $this->GetExtConf(); $this->u = intval(t3lib_div::_GP('u')); if (!$this->u) { $this->u = 0; } $this->hash = t3lib_div::_GP('hash'); $this->t = t3lib_div::_GP('t'); $this->file = t3lib_div::_GP('file'); $this->data = $this->u . $this->file . $this->t; $this->checkhash = t3lib_div::hmac($this->data); // Hook for init: if (is_array($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['ext/naw_securedl/class.tx_nawsecuredl_output.php']['init'])) { $_params = array('pObj' => &$this); foreach ($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['ext/naw_securedl/class.tx_nawsecuredl_output.php']['init'] as $_funcRef) { t3lib_div::callUserFunction($_funcRef, $_params, $this); } } if ($this->checkhash != $this->hash) { header('HTTP/1.1 403 Forbidden'); exit('Access denied!'); } if (intval($this->t) < time()) { header('HTTP/1.1 403 Forbidden'); exit('Access denied!'); } $this->feUserObj = tslib_eidtools::initFeUser(); tslib_eidtools::connectDB(); if ($this->u != 0) { $feuser = $this->feUserObj->user['uid']; if ($this->u != $feuser) { header('HTTP/1.1 403 Forbidden'); exit('Access denied!'); } } }
<?php define('BBT_restpath', dirname(__FILE__)); $GLOBALS['user'] = tslib_eidtools::initFeUser(); tslib_eidtools::connectDB(); require 'Slim/Slim/Slim.php'; require 'debug.php'; error_reporting(0); $env_mock = array(); $specialHeaders = array('REQUEST_METHOD', 'REMOTE_ADDR', 'CONTENT_TYPE', 'CONTENT_LENGTH', 'PHP_AUTH_USER', 'PHP_AUTH_PW', 'PHP_AUTH_DIGEST', 'AUTH_TYPE', 'SCRIPT_NAME', 'QUERY_STRING', 'SERVER_NAME', 'SEVER_PORT'); foreach ($_SERVER as $key => $value) { $value = is_string($value) ? trim($value) : $value; if (strpos($key, 'HTTP_') === 0) { $env_mock[substr($key, 5)] = $value; } else { if (strpos($key, 'X_') === 0 || in_array($key, $specialHeaders)) { $env_mock[$key] = $value; } } } $env_mock['PATH_INFO'] = $_REQUEST['route']; $env_mock['slim.url_scheme'] = empty($_SERVER['HTTPS']) || $_SERVER['HTTPS'] === 'off' ? 'http' : 'https'; $rawInput = @file_get_contents('php://input'); if (!$rawInput) { $rawInput = ''; } $env_mock['slim.input'] = $rawInput; $env_mock['slim.errors'] = fopen('php://stderr', 'w'); Slim_Environment::mock($env_mock); $we_betatext = new Slim(); // die Funktionen für die einzelnen Abfragetypen liegen in eigenen Dateien
/** * Get the current frontend user object * * @access public * * @return tslib_feUserAuth Instance of tslib_feUserAuth or NULL on failure */ public static function getFeUser() { if (TYPO3_MODE === 'FE') { // Check if a user is currently logged in. if (!empty($GLOBALS['TSFE']->loginUser)) { return $GLOBALS['TSFE']->fe_user; } elseif (t3lib_div::_GP('eID') !== NULL) { return tslib_eidtools::initFeUser(); } } else { if (TYPO3_DLOG) { t3lib_div::devLog('[tx_dlf_helper->getFeUser()] Unexpected TYPO3_MODE "' . TYPO3_MODE . '"', self::$extKey, SYSLOG_SEVERITY_ERROR); } } return; }
<?php // deprecated, missing too much functionality require_once PATH_tslib . 'class.tslib_pibase.php'; require_once PATH_tslib . 'class.tslib_eidtools.php'; tslib_eidtools::connectDB(); $GLOBALS['TSFE']->fe_user = tslib_eidtools::initFeUser(); $this->ms['eID'] = 1; include_once \TYPO3\CMS\Core\Utility\ExtensionManagementUtility::extPath('multishop') . 'pi1/classes/class.mslib_fe.php'; include_once \TYPO3\CMS\Core\Utility\ExtensionManagementUtility::extPath('multishop') . 'pi1/classes/class.mslib_befe.php'; //require_once(\TYPO3\CMS\Core\Utility\ExtensionManagementUtility::extPath('pagepath').'class.tx_pagepath_api.php'); $typeGet = mslib_fe::RemoveXSS(\TYPO3\CMS\Core\Utility\GeneralUtility::_GET('type')); // pagepath plugin must be added soon to support cooluri urls when working in eID /* function typolink ($page_id='', $vars='') { if (!$page_id) $page_id=$GLOBALS["TSFE"]->id; $conf=array(); $conf['parameter']=$page_id; if ($vars) $conf['additionalParams']='&'.$vars; $conf['returnLast'] = 'url'; // get it as URL // $url = htmlspecialchars($GLOBALS["TSFE"]->cObj->typolink(NULL, $conf)); $url = tx_pagepath_api::getPagePath($page_id, $conf); // $url = $GLOBALS["TSFE"]->cObj->typolink(NULL, $conf); return $url; } */
function main() { $feUserObj = tslib_eidtools::initFeUser(); // Initialize FE user object tslib_eidtools::connectDB(); //Connect to database $id = t3lib_div::_GP('id'); $action = t3lib_div::_GP('action'); $username = $feUserObj->user[username]; $get = t3lib_div::_GET(); $post = t3lib_div::_POST(); //t3lib_div::devLog('$get: ' . print_r($get,true), 'tx_he_tools_eid', 0); //t3lib_div::devLog('$post: ' . print_r($post,true), 'tx_he_tools_eid', 0); /** @var $dbSuche tx_he_tools_lib_db_suche */ $dbSuche = t3lib_div::makeInstance('tx_he_tools_lib_db_suche'); if ($action === 'hochschule_a_bis_z_suche') { $buchstabe = $get['buchstabe']; $eingabe = $get['eingabe']; $trenner = $get['trenner']; return $dbSuche->hochschuleABisZSucheGetList($eingabe, $buchstabe, $trenner, $username); } else { if ($action === 'abfall_a_bis_z_suche') { $buchstabe = $get['buchstabe']; $eingabe = $get['eingabe']; $trenner = $get['trenner']; return $dbSuche->abfallABisZSucheGetList($eingabe, $buchstabe, $trenner); } else { if ($action === 'ajaxContentForm') { $data = array(); foreach ($get as $key => $val) { if ($key != 'eID' && $key != 'app' && $key != 'action') { $data[$key] = $val; } $data['username'] = $username; } return $dbSuche->ajaxContentFormGetList($get['app'], $data); } else { if ($action === 'personensuche') { if (empty($username)) { exit; } if (isset($get['eingabe'])) { $eingabe = $get['eingabe']; } else { $eingabe = ''; } if (isset($get['bereich'])) { $bereich = $get['bereich']; } else { $bereich = ''; } if (isset($get['rolle'])) { $rolle = $get['rolle']; } else { $rolle = ''; } return $dbSuche->personenSucheGetList($eingabe, $bereich, $rolle); } else { if ($action === 'typo3_be_userliste') { return tx_he_tools_pers_verwaltung::printBenutzerlisteBackend($get['val'], $get['groups']); } else { if ($action === 'typo3_fe_userliste') { return tx_he_tools_pers_verwaltung::printBenutzerlisteFrontend($get['val'], $get['studis'], $get['groups']); } else { if ($action === 'typo3_fe_userliste_ohne_backend') { return tx_he_tools_pers_verwaltung::printBenutzerlisteFrontendOhneBackend(trim($get['val'])); } else { if ($action === 'addBeUser') { $returnUrl = $get['returnUrl']; $username = trim($get['fe_username']); return tx_he_tools_pers_verwaltung::addBackendUserFromFrontendUserData($username, $returnUrl); } else { if ($action === 'typo3_be_aliasliste_search') { return tx_he_tools_alias::printAliaslisteSearch($get['scriptUrl'], $get['val']); } else { if ($action === 'typo3_be_aliasliste_id') { return tx_he_tools_alias::printAliaslisteId($get['scriptUrl'], $get['val']); } else { if ($action === 'typo3_be_aliasLoeschen') { return tx_he_tools_alias::aliasLoeschen($get['aliasUid']); } else { if ($action === 'erzeugeKurzUrl') { if (isset($get['length'])) { $length = $get['length']; } else { $length = ''; } $kurzUrl = tx_he_tools_alias::erzeugeKurzUrl($length); self::returnTextData($kurzUrl); } else { if ($action === 'qr_url') { $url = $get['url']; if (isset($get['size'])) { $size = $get['size']; } else { $size = ''; } return tx_he_tools_qr_codes::getUrlLink($url, $size); } else { if ($action === 'download_qr_code') { if (!isset($get['url'])) { return 'Keine URL übergeben!'; } else { $url = $get['url']; if (isset($get['size'])) { $size = $get['size']; } else { $size = ''; } if (isset($get['alias'])) { $alias = $get['alias']; } else { $alias = ''; } return tx_he_tools_qr_codes::downloadQrCode($url, $alias, $size); } } else { if ($action === 'qr_alias_liste') { if (isset($get['quality'])) { $quality = $get['quality']; } else { $quality = ''; } return tx_he_tools_qr_codes::printAliasliste($get['val'], $quality); } else { if ($action === 'solr_action') { $solr = t3lib_div::makeInstance('tx_he_tools_solr'); return $solr->eidAction($get); } else { if ($action === 'get_page_tstamp') { $res = tx_he_tools_util::getPageTstamp($get['uid']); $this->returnTextData($res); } else { if ($action === 'get_infoscreen_page_tstamp') { $res = tx_he_tools_infoscreen::getInfoscreenPageTstamp($get['uid']); $this->returnTextData($res); } else { if ($action === 'fe_logout') { $where = 'ses_id = "' . $feUserObj->user['ses_id'] . '" AND ses_name = "fe_typo_user"'; $GLOBALS['TYPO3_DB']->exec_DELETEquery('fe_sessions', $where); print 1; exit; } else { if ($action === 'fe_user_exists') { $username = $get['username']; $result = 0; if (!empty($username)) { $where = 'username = "******" AND deleted=0 and disable=0'; $anzahl = $GLOBALS['TYPO3_DB']->exec_SELECTcountRows('uid', 'fe_users', $where); if ($anzahl > 0) { $result = 1; } } print $result; exit; } else { if ($action === 'gib_lsf_modb_vertiefungen') { $lsf = t3lib_div::makeInstance('tx_he_tools_lsf'); $modulId = $get['modId']; $data = $lsf->gibVertiefungenSelect($modulId); $this->returnTextData($data); } else { if ($action === 'gib_lsf_modb_versionen') { $lsf = t3lib_div::makeInstance('tx_he_tools_lsf'); $vertiefung = $get['vertiefung']; $version = $get['version']; $data = $lsf->gibVersionenSelect($vertiefung); $this->returnTextData($data); } else { if ($action === 'test_gastkennungen_csv_exportiert') { $gastKennungen = t3lib_div::makeInstance('tx_he_tools_gast_kennungen'); $uid = $get['uid']; $csvTest = $gastKennungen->csvDatenExportiert($uid); $this->returnJsonData($csvTest); exit; } else { if ($action === 'gastkennung_loeschen') { $gastKennungen = t3lib_div::makeInstance('tx_he_tools_gast_kennungen'); $antragsId = $get['antragsId']; $gastKennungen->gastKennungLoeschen($antragsId, $username); exit; } else { if ($action === 'file_download') { $fileUrl = base64_decode($get['file']); return tx_he_tools_util::downloadFile($fileUrl); } } } } } } } } } } } } } } } } } } } } } } } } } return false; }
* * The GNU General Public License can be found at * http://www.gnu.org/copyleft/gpl.html. * A copy is found in the textfile GPL.txt and important notices to the license * from the author is found in LICENSE.txt distributed with these scripts. * * * This script is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * This copyright notice MUST APPEAR in all copies of the script! ***************************************************************/ // Initialize FE user object: $feUserObj = tslib_eidtools::initFeUser(); require_once PATH_t3lib . 'class.t3lib_page.php'; require_once PATH_tslib . "class.tslib_content.php"; $temp_TSFEclassName = t3lib_div::makeInstanceClassName('tslib_fe'); // create object instances: $TSFE = t3lib_div::makeInstance('tslib_fe', $TYPO3_CONF_VARS, $page, 0, true); tslib_eidtools::connectDB(); extract($_POST, EXTR_PREFIX_SAME, "post_"); $tmp_confArr = unserialize($GLOBALS['TYPO3_CONF_VARS']['EXT']['extConf']['rgmediaimagescallback']); $securityKey = t3lib_div::_GET('key'); $pid = intval(t3lib_div::_GET('pid')); $uid = intval(t3lib_div::_GET('uid')); $file = $GLOBALS['TYPO3_DB']->fullQuoteStr(t3lib_div::_GET('file'), 'tx_rgmediaimagescallback_statistic'); if ($file != '' && $title != '' && $id != '' && $securityKey != '' && $pid != '' && $uid != '' && $state == 'start') { // fetch existing data $where = 'hidden=0 AND deleted = 0 AND pageid=' . $pid . ' AND ceuid = ' . $uid . ' AND uniquekey ="' . $securityKey . '" AND title="' . $file . '"';
function _initFeUser() { tslib_eidtools::initFeUser(); }
<?php $user = tslib_eidtools::initFeUser(); $response = new \stdClass(); if ($user->user['uid'] > 0) { $response->foundUser = true; $response->userName = $user->user['username']; } else { $response->foundUser = false; } header('Cache-Control: no-cache, no-store, must-revalidate'); // HTTP 1.1. header('Pragma: no-cache'); // HTTP 1.0. header('Expires: 0'); // Proxies. header('Content-type: application/json'); echo json_encode($response); die;