/**
* Checks whether a an BE user account named admin with default password exists.
*
* @return \TYPO3\CMS\Reports\Status An object representing whether a default admin account exists
*/
protected function getAdminAccountStatus()
{
$value = $GLOBALS['LANG']->getLL('status_ok');
$message = '';
$severity = \TYPO3\CMS\Reports\Status::OK;
$whereClause = 'username = '******'TYPO3_DB']->fullQuoteStr('admin', 'be_users') . BackendUtility::deleteClause('be_users');
$res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('uid, username, password', 'be_users', $whereClause);
$row = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res);
if (!empty($row)) {
$secure = TRUE;
/** @var $saltingObject \TYPO3\CMS\Saltedpasswords\Salt\SaltInterface */
$saltingObject = \TYPO3\CMS\Saltedpasswords\Salt\SaltFactory::getSaltingInstance($row['password']);
if (is_object($saltingObject)) {
if ($saltingObject->checkPassword('password', $row['password'])) {
$secure = FALSE;
}
}
// Check against plain MD5
if ($row['password'] === '5f4dcc3b5aa765d61d8327deb882cf99') {
$secure = FALSE;
}
if (!$secure) {
$value = $GLOBALS['LANG']->getLL('status_insecure');
$severity = \TYPO3\CMS\Reports\Status::ERROR;
$editUserAccountUrl = BackendUtility::getModuleUrl('record_edit', array('edit[be_users][' . $row['uid'] . ']' => 'edit', 'returnUrl' => BackendUtility::getModuleUrl('system_ReportsTxreportsm1')));
$message = sprintf($GLOBALS['LANG']->sL('LLL:EXT:lang/locallang_core.xlf:warning.backend_admin'), '<a href="' . htmlspecialchars($editUserAccountUrl) . '">', '</a>');
}
}
$GLOBALS['TYPO3_DB']->sql_free_result($res);
return GeneralUtility::makeInstance(\TYPO3\CMS\Reports\Status::class, $GLOBALS['LANG']->getLL('status_adminUserAccount'), $value, $message, $severity);
}
/**
* Checks whether a an BE user account named admin with default password exists.
*
* @return \TYPO3\CMS\Reports\Status An tx_reports_reports_status_Status object representing whether a default admin account exists
*/
protected function getAdminAccountStatus()
{
$value = $GLOBALS['LANG']->getLL('status_ok');
$message = '';
$severity = \TYPO3\CMS\Reports\Status::OK;
$whereClause = 'username = '******'TYPO3_DB']->fullQuoteStr('admin', 'be_users') . \TYPO3\CMS\Backend\Utility\BackendUtility::deleteClause('be_users');
$res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('uid, username, password', 'be_users', $whereClause);
if ($row = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res)) {
$secure = TRUE;
// Check against salted password
if (\TYPO3\CMS\Core\Utility\ExtensionManagementUtility::isLoaded('saltedpasswords')) {
if (\TYPO3\CMS\Saltedpasswords\Utility\SaltedPasswordsUtility::isUsageEnabled('BE')) {
/** @var $saltingObject \TYPO3\CMS\Saltedpasswords\Salt\SaltInterface */
$saltingObject = \TYPO3\CMS\Saltedpasswords\Salt\SaltFactory::getSaltingInstance($row['password']);
if (is_object($saltingObject)) {
if ($saltingObject->checkPassword('password', $row['password'])) {
$secure = FALSE;
}
}
}
}
// Check against plain MD5
if ($row['password'] === '5f4dcc3b5aa765d61d8327deb882cf99') {
$secure = FALSE;
}
if (!$secure) {
$value = $GLOBALS['LANG']->getLL('status_insecure');
$severity = \TYPO3\CMS\Reports\Status::ERROR;
$editUserAccountUrl = 'alt_doc.php?returnUrl=mod.php?M=tools_txreportsM1&edit[be_users][' . $row['uid'] . ']=edit';
$message = sprintf($GLOBALS['LANG']->sL('LLL:EXT:lang/locallang_core.xml:warning.backend_admin'), '<a href="' . $editUserAccountUrl . '">', '</a>');
}
}
$GLOBALS['TYPO3_DB']->sql_free_result($res);
return \TYPO3\CMS\Core\Utility\GeneralUtility::makeInstance('TYPO3\\CMS\\Reports\\Status', $GLOBALS['LANG']->getLL('status_adminUserAccount'), $value, $message, $severity);
}
protected function createCliBeUser()
{
$db = $this->getDatabaseConnection();
$where = 'username = '******'_cli_lowlevel', 'be_users') . ' AND admin = 0';
$user = $db->exec_SELECTgetSingleRow('*', 'be_users', $where);
if ($user) {
if ($user['deleted'] || $user['disable']) {
$data = array('be_users' => array($user['uid'] => array('deleted' => 0, 'disable' => 0)));
/** @var \TYPO3\CMS\Core\DataHandling\DataHandler $dataHandler */
$dataHandler = GeneralUtility::makeInstance('TYPO3\\CMS\\Core\\DataHandling\\DataHandler');
$dataHandler->stripslashes_values = FALSE;
$dataHandler->start($data, array());
$dataHandler->process_datamap();
}
} else {
// Prepare necessary data for _cli_lowlevel user creation
$password = uniqid('scheduler', TRUE);
if (SaltedPasswordsUtility::isUsageEnabled()) {
$objInstanceSaltedPW = SaltFactory::getSaltingInstance();
$password = $objInstanceSaltedPW->getHashedPassword($password);
}
$data = array('be_users' => array('NEW' => array('username' => '_cli_lowlevel', 'password' => $password, 'pid' => 0)));
/** @var \TYPO3\CMS\Core\DataHandling\DataHandler $dataHandler */
$dataHandler = GeneralUtility::makeInstance('TYPO3\\CMS\\Core\\DataHandling\\DataHandler');
$dataHandler->stripslashes_values = FALSE;
$dataHandler->start($data, array());
$dataHandler->process_datamap();
// Check if a new uid was indeed generated (i.e. a new record was created)
// (counting DataHandler errors doesn't work as some failures don't report errors)
$numberOfNewIDs = count($dataHandler->substNEWwithIDs);
if ((int) $numberOfNewIDs !== 1) {
InstallerScripts::addFlashMessage('Failed to create _cli_lowlevel BE user.', 'BE user creation failed', AbstractMessage::WARNING);
}
}
}
public function setPassword($password)
{
if (\TYPO3\CMS\Saltedpasswords\Utility\SaltedPasswordsUtility::isUsageEnabled('FE')) {
$objSalt = \TYPO3\CMS\Saltedpasswords\Salt\SaltFactory::getSaltingInstance(NULL);
if (is_object($objSalt)) {
$password = $objSalt->getHashedPassword($password);
}
}
parent::setPassword($password);
}
/**
* Applies transformations to a given plain text password, e.g. hashing
*
* @param string $password
* @return string
*/
public function applyTransformations($password)
{
if (ExtensionManagementUtility::isLoaded('saltedpasswords')) {
if (\TYPO3\CMS\Saltedpasswords\Utility\SaltedPasswordsUtility::isUsageEnabled('FE')) {
$saltingInstance = \TYPO3\CMS\Saltedpasswords\Salt\SaltFactory::getSaltingInstance();
$password = $saltingInstance->getHashedPassword($password);
}
}
return $password;
}
/**
* Adds the password hasher object to the context
*
* @param \Aimeos\MShop\Context\Item\Iface $context Context object
* @return \Aimeos\MShop\Context\Item\Iface Modified context object
*/
protected static function addHasher(\Aimeos\MShop\Context\Item\Iface $context)
{
if (isset($GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['aimeos']['aimeos_context_hasher']) && is_callable($fcn = $GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['aimeos']['aimeos_context_hasher'])) {
return $fcn($context);
}
if (\TYPO3\CMS\Core\Utility\ExtensionManagementUtility::isLoaded('saltedpasswords') && \TYPO3\CMS\Saltedpasswords\Utility\SaltedPasswordsUtility::isUsageEnabled('FE')) {
$object = \TYPO3\CMS\Saltedpasswords\Salt\SaltFactory::getSaltingInstance();
$context->setHasherTypo3($object);
}
return $context;
}
/**
* This function takes a password as argument, salts it and returns the new password.
*
* @param string $password
*
* @return string
*/
public function hash($password)
{
if (ExtensionManagementUtility::isLoaded('saltedpasswords')) {
$salter = SaltFactory::getSaltingInstance(null, 'FE');
$password = $salter->getHashedPassword($password);
if ($this->isValidMd5($password)) {
$password = '******' . $password;
}
}
return $password;
}
/**
* @return string
*/
protected function getSaltedPassword($password)
{
$saltedPassword = $password;
if (ExtensionManagementUtility::isLoaded('saltedpasswords')) {
if (SaltedPasswordsUtility::isUsageEnabled('FE')) {
$objSalt = SaltFactory::getSaltingInstance(NULL);
if (is_object($objSalt)) {
$saltedPassword = $objSalt->getHashedPassword($password);
}
}
}
return $saltedPassword;
}
/**
* Creates users based on given array.
*
* @param $packageKey
* @param $configuration
* @param $configurationController
*/
public function createCLIUsers($packageKey, $configuration, $configurationController)
{
// Only create CLI users on configuration save of template bootstrap package
if (TemplateBootstrapUtility::getPackageKey() !== $packageKey) {
return;
}
// Get cli user names that supposedly need to be created
$userNames = GeneralUtility::trimExplode(',', $configuration['createCLIUsers']['value']);
foreach ($userNames as $userName) {
$cliUserName = '******' . $userName;
$cliUserNameQuoted = $GLOBALS['TYPO3_DB']->fullQuoteStr($cliUserName, 'be_users');
// Check, if user exists already
$userExistsResult = $GLOBALS['TYPO3_DB']->exec_SELECTquery('*', 'be_users', 'username='******'TYPO3_DB']->sql_error()) {
PostInstallInfoLogger::log('Failed to check whether BE user "' . $cliUserName . '" exists. Therefore cancelled. Error: ' . $GLOBALS['TYPO3_DB']->sql_error(), PostInstallInfoLogger::MESSAGE_TYPE_SYSTEM_ERROR);
continue;
}
// User exists - (re-) activate, in case it has been deleted previously
if ($GLOBALS['TYPO3_DB']->sql_num_rows($userExistsResult) > 0) {
$existingUserRow = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($userExistsResult);
if ($existingUserRow['deleted']) {
$GLOBALS['TYPO3_DB']->exec_UPDATEquery('be_users', 'uid=' . $existingUserRow['uid'], array('deleted' => 0));
$updatedError = $GLOBALS['TYPO3_DB']->sql_error();
if ($updatedError) {
PostInstallInfoLogger::log('Failed to reactivate (un-delete) BE user "' . $cliUserName . '". Error: ' . $GLOBALS['TYPO3_DB']->sql_error(), PostInstallInfoLogger::MESSAGE_TYPE_SYSTEM_ERROR);
} else {
PostInstallInfoLogger::log('Reactivated (un-deleted) BE user "' . $cliUserName . '"' . $GLOBALS['TYPO3_DB']->sql_error(), PostInstallInfoLogger::MESSAGE_TYPE_OK);
}
}
// Skip to next user(name) as this one was handled by simply reactivating it.
continue;
}
// Create user
$saltedPassword = md5($this->getRandomPassword());
if (PackageManager::isPackageActive('saltedpasswords')) {
$saltingInstance = \TYPO3\CMS\Saltedpasswords\Salt\SaltFactory::getSaltingInstance();
$saltedPassword = $saltingInstance->getHashedPassword($saltedPassword);
}
$createdSqlResult = $GLOBALS['TYPO3_DB']->exec_INSERTquery('be_users', array('crdate' => time(), 'tstamp' => time(), 'cruser_id' => $GLOBALS['BE_USER']->user['uid'], 'username' => $cliUserName, 'password' => $saltedPassword));
// Failed to create user
if ($GLOBALS['TYPO3_DB']->sql_error()) {
PostInstallInfoLogger::log('Failed to create BE user "' . $cliUserName . '". Error: ' . $GLOBALS['TYPO3_DB']->sql_error(), PostInstallInfoLogger::MESSAGE_TYPE_SYSTEM_ERROR);
// User successfully created
} else {
PostInstallInfoLogger::log('Created BE user "' . $cliUserName . '"', PostInstallInfoLogger::MESSAGE_TYPE_OK);
}
}
// foreach user that needs to be created
}
/**
* Function uses Portable PHP Hashing Framework to create a proper password string if needed
*
* @param mixed $value The value that has to be checked.
* @param string $is_in Is-In String
* @param integer $set Determines if the field can be set (value correct) or not, e.g. if input is required but the value is empty, then $set should be set to FALSE. (PASSED BY REFERENCE!)
* @return The new value of the field
* @todo Define visibility
*/
public function evaluateFieldValue($value, $is_in, &$set)
{
$isEnabled = $this->mode ? \TYPO3\CMS\Saltedpasswords\Utility\SaltedPasswordsUtility::isUsageEnabled($this->mode) : \TYPO3\CMS\Saltedpasswords\Utility\SaltedPasswordsUtility::isUsageEnabled();
if ($isEnabled) {
$set = FALSE;
$isMD5 = preg_match('/[0-9abcdef]{32,32}/', $value);
$isSaltedHash = \TYPO3\CMS\Core\Utility\GeneralUtility::inList('$1$,$2$,$2a,$P$', substr($value, 0, 3));
$this->objInstanceSaltedPW = \TYPO3\CMS\Saltedpasswords\Salt\SaltFactory::getSaltingInstance(NULL, $this->mode);
if ($isMD5) {
$set = TRUE;
$value = 'M' . $this->objInstanceSaltedPW->getHashedPassword($value);
} elseif (!$isSaltedHash) {
$set = TRUE;
$value = $this->objInstanceSaltedPW->getHashedPassword($value);
}
}
return $value;
}
/**
* Checks whether the Install Tool password is set to its default value.
*
* @return Status An object representing the security of the install tool password
*/
protected function getInstallToolPasswordStatus()
{
$value = $GLOBALS['LANG']->getLL('status_ok');
$message = '';
$severity = Status::OK;
$validPassword = true;
$installToolPassword = $GLOBALS['TYPO3_CONF_VARS']['BE']['installToolPassword'];
$saltFactory = \TYPO3\CMS\Saltedpasswords\Salt\SaltFactory::getSaltingInstance($installToolPassword);
if (is_object($saltFactory)) {
$validPassword = !$saltFactory->checkPassword('joh316', $installToolPassword);
} elseif ($installToolPassword === md5('joh316')) {
$validPassword = false;
}
if (!$validPassword) {
$value = $GLOBALS['LANG']->getLL('status_insecure');
$severity = Status::ERROR;
$changeInstallToolPasswordUrl = BackendUtility::getModuleUrl('system_InstallInstall');
$message = sprintf($GLOBALS['LANG']->sL('LLL:EXT:lang/locallang_core.xlf:warning.installtool_default_password'), '<a href="' . htmlspecialchars($changeInstallToolPasswordUrl) . '">', '</a>');
}
return GeneralUtility::makeInstance(Status::class, $GLOBALS['LANG']->sL('LLL:EXT:install/Resources/Private/Language/Report/locallang.xlf:status_installToolPassword'), $value, $message, $severity);
}
/**
* Function uses Portable PHP Hashing Framework to create a proper password string if needed
*
* @param mixed $value The value that has to be checked.
* @param string $is_in Is-In String
* @param bool $set Determines if the field can be set (value correct) or not, e.g. if input is required but the value is empty, then $set should be set to FALSE. (PASSED BY REFERENCE!)
* @return string The new value of the field
*/
public function evaluateFieldValue($value, $is_in, &$set)
{
$isEnabled = $this->mode ? \TYPO3\CMS\Saltedpasswords\Utility\SaltedPasswordsUtility::isUsageEnabled($this->mode) : \TYPO3\CMS\Saltedpasswords\Utility\SaltedPasswordsUtility::isUsageEnabled();
if ($isEnabled) {
$isMD5 = preg_match('/[0-9abcdef]{32,32}/', $value);
$isDeprecatedSaltedHash = \TYPO3\CMS\Core\Utility\GeneralUtility::inList('C$,M$', substr($value, 0, 2));
/** @var $objInstanceSaltedPW \TYPO3\CMS\Saltedpasswords\Salt\SaltInterface */
$objInstanceSaltedPW = \TYPO3\CMS\Saltedpasswords\Salt\SaltFactory::getSaltingInstance(NULL, $this->mode);
if ($isMD5) {
$set = TRUE;
$value = 'M' . $objInstanceSaltedPW->getHashedPassword($value);
} else {
// Determine method used for the (possibly) salted hashed password
$tempValue = $isDeprecatedSaltedHash ? substr($value, 1) : $value;
$tempObjInstanceSaltedPW = \TYPO3\CMS\Saltedpasswords\Salt\SaltFactory::getSaltingInstance($tempValue);
if (!is_object($tempObjInstanceSaltedPW)) {
$set = TRUE;
$value = $objInstanceSaltedPW->getHashedPassword($value);
}
}
}
return $value;
}
/**
* @test
*/
public function resettingFactoryInstanceSucceeds()
{
$defaultClassNameToUse = \TYPO3\CMS\Saltedpasswords\Utility\SaltedPasswordsUtility::getDefaultSaltingHashingMethod();
if ($defaultClassNameToUse == 'TYPO3\\CMS\\Saltedpasswords\\Salt\\Md5Salt') {
$saltedPW = '$P$CWF13LlG/0UcAQFUjnnS4LOqyRW43c.';
} else {
$saltedPW = '$1$rasmusle$rISCgZzpwk3UhDidwXvin0';
}
$this->objectInstance = \TYPO3\CMS\Saltedpasswords\Salt\SaltFactory::getSaltingInstance($saltedPW);
// resetting
$this->objectInstance = \TYPO3\CMS\Saltedpasswords\Salt\SaltFactory::getSaltingInstance(NULL);
$this->assertTrue(get_class($this->objectInstance) == $defaultClassNameToUse || is_subclass_of($this->objectInstance, $defaultClassNameToUse));
}
/**
* Returns the current context.
*
* @param \Aimeos\MW\Config\Iface Configuration object
* @return MShop_Context_Item_Interface Context object
*/
public static function getContext(\Aimeos\MW\Config\Iface $config)
{
if (self::$context === null) {
$context = new \Aimeos\MShop\Context\Item\Typo3();
$context->setConfig($config);
$dbm = new \Aimeos\MW\DB\Manager\PDO($config);
$context->setDatabaseManager($dbm);
$fsm = new \Aimeos\MW\Filesystem\Manager\Standard($config);
$context->setFilesystemManager($fsm);
$logger = \Aimeos\MAdmin\Log\Manager\Factory::createManager($context);
$context->setLogger($logger);
$cache = self::getCache($context);
$context->setCache($cache);
$mailer = \TYPO3\CMS\Core\Utility\GeneralUtility::makeInstance('TYPO3\\CMS\\Core\\Mail\\MailMessage');
$context->setMail(new \Aimeos\MW\Mail\Typo3($mailer));
if (\TYPO3\CMS\Core\Utility\ExtensionManagementUtility::isLoaded('saltedpasswords') && \TYPO3\CMS\Saltedpasswords\Utility\SaltedPasswordsUtility::isUsageEnabled('FE')) {
$object = \TYPO3\CMS\Saltedpasswords\Salt\SaltFactory::getSaltingInstance();
$context->setHasherTypo3($object);
}
if (isset($GLOBALS['TSFE']->fe_user)) {
$session = new \Aimeos\MW\Session\Typo3($GLOBALS['TSFE']->fe_user);
} else {
$session = new \Aimeos\MW\Session\None();
}
$context->setSession($session);
self::$context = $context;
}
self::$context->setConfig($config);
return self::$context;
}
/**
* Creates a frontend user based on the data of the social user
*
* @param \Hybrid_User_Profile $socialUser
* @param int $pid
*
* @return array|bool|null the created user record or false if it is not possible
* @throws \Exception
*/
protected function createFrontendUserRecordFromSocialUser($socialUser, $pid)
{
$result = false;
if (isset($socialUser->email) || isset($socialUser->emailVerified)) {
// we should load the TCA explicitly, because we are in authentication step and TCA could be not loaded yet
if (!isset($GLOBALS['TCA']['fe_users'])) {
Bootstrap::getInstance()->loadCachedTca();
}
/** @var \TYPO3\CMS\Core\DataHandling\DataHandler $dataHandler */
$dataHandler = GeneralUtility::makeInstance(DataHandler::class);
$email = $socialUser->email ? $socialUser->email : $socialUser->emailVerified;
if (ExtensionManagementUtility::isLoaded('saltedpasswords')) {
/** @var \TYPO3\CMS\Saltedpasswords\Salt\SaltInterface $saltedpasswordsInstance */
$saltedpasswordsInstance = SaltFactory::getSaltingInstance();
$password = $saltedpasswordsInstance->getHashedPassword(uniqid());
} else {
$password = md5(uniqid());
}
$where = 'uid = 1 AND hidden = 0 AND deleted = 0';
$fe_group = $this->database->exec_SELECTgetSingleRow('*', 'fe_groups', $where);
if ($fe_group === false) {
throw new \Exception('[px_hybrid_auth]: No fe_group found for uid: 1. Please create a fe_groups record, which will be set as default frontend usergroup during social login.', 1445939594);
}
$insertArray = ['pid' => $pid, 'username' => $email, 'password' => $password, 'usergroup' => 1, 'email' => $email, 'first_name' => $socialUser->firstName, 'last_name' => $socialUser->lastName, 'disable' => 0, 'deleted' => 0, 'tstamp' => time(), 'crdate' => time()];
// extend the insert array with fields from PxHybridAuth_Hybrid_User_Profile
if ($socialUser instanceof \PxHybridAuth_Hybrid_User_Profile) {
if ($socialUser->company) {
$insertArray['company'] = $socialUser->company;
}
}
$this->database->exec_INSERTquery('fe_users', $insertArray);
$id = $this->database->sql_insert_id();
$username = $dataHandler->getUnique('fe_users', 'username', $email, $id);
if ($username != $email) {
$this->database->exec_UPDATEquery('fe_users', 'uid=' . intval($id), ['username' => $username]);
}
$where = 'uid=' . intval($id);
$result = $this->database->exec_SELECTgetSingleRow('*', 'fe_users', $where);
}
return $result;
}
/**
* This method creates the "cli_scheduler" BE user if it doesn't exist
*
* @return void
*/
protected function createSchedulerUser()
{
// Check _cli_scheduler user status
$checkUser = $this->checkSchedulerUser();
// Prepare default message
$message = $this->getLanguageService()->getLL('msg.userExists');
$severity = FlashMessage::WARNING;
// If the user does not exist, try creating it
if ($checkUser == -1) {
// Prepare necessary data for _cli_scheduler user creation
$password = StringUtility::getUniqueId('scheduler');
if (SaltedPasswordsUtility::isUsageEnabled()) {
$objInstanceSaltedPW = SaltFactory::getSaltingInstance();
$password = $objInstanceSaltedPW->getHashedPassword($password);
}
$data = array('be_users' => array('NEW' => array('username' => '_cli_scheduler', 'password' => $password, 'pid' => 0)));
/** @var $tcemain \TYPO3\CMS\Core\DataHandling\DataHandler */
$tcemain = GeneralUtility::makeInstance(\TYPO3\CMS\Core\DataHandling\DataHandler::class);
$tcemain->start($data, array());
$tcemain->process_datamap();
// Check if a new uid was indeed generated (i.e. a new record was created)
// (counting TCEmain errors doesn't work as some failures don't report errors)
$numberOfNewIDs = count($tcemain->substNEWwithIDs);
if ($numberOfNewIDs === 1) {
$message = $this->getLanguageService()->getLL('msg.userCreated');
$severity = FlashMessage::OK;
} else {
$message = $this->getLanguageService()->getLL('msg.userNotCreated');
$severity = FlashMessage::ERROR;
}
}
$this->addMessage($message, $severity);
}
private function isOldPasswordCorrect()
{
// Check old password
$password = $GLOBALS['TYPO3_DB']->exec_SELECTgetSingleRow('password', 'fe_users', 'uid = ' . $this->config['userid'] . ' AND pid IN (' . $this->conf['pidList'] . ')');
$password = current($password);
if (ExtensionManagementUtility::isLoaded('saltedpasswords') && SaltedPasswordsUtility::isUsageEnabled('FE')) {
$instanceSalted = SaltFactory::getSaltingInstance();
}
if ($instanceSalted && $instanceSalted->isValidSaltedPW($password)) {
if (!$instanceSalted->checkPassword($this->piVars['oldpassword'], $password)) {
return false;
}
} else {
if (ExtensionManagementUtility::isLoaded('kb_md5fepw')) {
if (strcmp(md5($this->piVars['oldpassword']), $password) != 0) {
return false;
}
} else {
if (strcmp($this->piVars['oldpassword'], $password) != 0) {
return false;
}
}
}
return true;
}
/**
* Function determines the default(=configured) type of
* salted hashing method to be used.
*
* @param string $mode (optional) The TYPO3 mode (FE or BE) saltedpasswords shall be used for
* @return string Classname of object to be used
*/
public static function getDefaultSaltingHashingMethod($mode = TYPO3_MODE)
{
$extConf = self::returnExtConf($mode);
$classNameToUse = \TYPO3\CMS\Saltedpasswords\Salt\Md5Salt::class;
if (in_array($extConf['saltedPWHashingMethod'], array_keys(\TYPO3\CMS\Saltedpasswords\Salt\SaltFactory::getRegisteredSaltedHashingMethods()))) {
$classNameToUse = $extConf['saltedPWHashingMethod'];
}
return $classNameToUse;
}
/**
* If settings are submitted to _POST[DATA], store them
* NOTICE: This method is called before the \TYPO3\CMS\Backend\Template\DocumentTemplate
* is included. See bottom of document.
*
* @see \TYPO3\CMS\Backend\Template\DocumentTemplate
*/
public function storeIncomingData()
{
// First check if something is submitted in the data-array from POST vars
$d = GeneralUtility::_POST('data');
$columns = $GLOBALS['TYPO3_USER_SETTINGS']['columns'];
$beUser = $this->getBackendUser();
$beUserId = $beUser->user['uid'];
$storeRec = array();
$fieldList = $this->getFieldsFromShowItem();
if (is_array($d) && $this->formProtection->validateToken((string) GeneralUtility::_POST('formToken'), 'BE user setup', 'edit')) {
// UC hashed before applying changes
$save_before = md5(serialize($beUser->uc));
// PUT SETTINGS into the ->uc array:
// Reload left frame when switching BE language
if (isset($d['lang']) && $d['lang'] != $beUser->uc['lang']) {
$this->languageUpdate = true;
}
// Reload pagetree if the title length is changed
if (isset($d['titleLen']) && $d['titleLen'] !== $beUser->uc['titleLen']) {
$this->pagetreeNeedsRefresh = true;
}
if ($d['setValuesToDefault']) {
// If every value should be default
$beUser->resetUC();
$this->settingsAreResetToDefault = true;
} elseif ($d['save']) {
// Save all submitted values if they are no array (arrays are with table=be_users) and exists in $GLOBALS['TYPO3_USER_SETTINGS'][columns]
foreach ($columns as $field => $config) {
if (!in_array($field, $fieldList)) {
continue;
}
if ($config['table']) {
if ($config['table'] === 'be_users' && !in_array($field, array('password', 'password2', 'passwordCurrent', 'email', 'realName', 'admin', 'avatar'))) {
if (!isset($config['access']) || $this->checkAccess($config) && $beUser->user[$field] !== $d['be_users'][$field]) {
if ($config['type'] === 'check') {
$fieldValue = isset($d['be_users'][$field]) ? 1 : 0;
} else {
$fieldValue = $d['be_users'][$field];
}
$storeRec['be_users'][$beUserId][$field] = $fieldValue;
$beUser->user[$field] = $fieldValue;
}
}
}
if ($config['type'] === 'check') {
$beUser->uc[$field] = isset($d[$field]) ? 1 : 0;
} else {
$beUser->uc[$field] = htmlspecialchars($d[$field]);
}
}
// Personal data for the users be_user-record (email, name, password...)
// If email and name is changed, set it in the users record:
$be_user_data = $d['be_users'];
// Possibility to modify the transmitted values. Useful to do transformations, like RSA password decryption
if (is_array($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['ext/setup/mod/index.php']['modifyUserDataBeforeSave'])) {
foreach ($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['ext/setup/mod/index.php']['modifyUserDataBeforeSave'] as $function) {
$params = array('be_user_data' => &$be_user_data);
GeneralUtility::callUserFunction($function, $params, $this);
}
}
$this->passwordIsSubmitted = (string) $be_user_data['password'] !== '';
$passwordIsConfirmed = $this->passwordIsSubmitted && $be_user_data['password'] === $be_user_data['password2'];
// Update the real name:
if ($be_user_data['realName'] !== $beUser->user['realName']) {
$beUser->user['realName'] = $storeRec['be_users'][$beUserId]['realName'] = substr($be_user_data['realName'], 0, 80);
}
// Update the email address:
if ($be_user_data['email'] !== $beUser->user['email']) {
$beUser->user['email'] = $storeRec['be_users'][$beUserId]['email'] = substr($be_user_data['email'], 0, 80);
}
// Update the password:
if ($passwordIsConfirmed) {
$currentPasswordHashed = $GLOBALS['BE_USER']->user['password'];
$saltFactory = \TYPO3\CMS\Saltedpasswords\Salt\SaltFactory::getSaltingInstance($currentPasswordHashed);
if ($saltFactory->checkPassword($be_user_data['passwordCurrent'], $currentPasswordHashed)) {
$this->passwordIsUpdated = self::PASSWORD_UPDATED;
$storeRec['be_users'][$beUserId]['password'] = $be_user_data['password'];
} else {
$this->passwordIsUpdated = self::PASSWORD_OLD_WRONG;
}
} else {
$this->passwordIsUpdated = self::PASSWORD_NOT_THE_SAME;
}
$this->setAvatarFileUid($beUserId, $be_user_data['avatar'], $storeRec);
$this->saveData = true;
}
// Inserts the overriding values.
$beUser->overrideUC();
$save_after = md5(serialize($beUser->uc));
// If something in the uc-array of the user has changed, we save the array...
if ($save_before != $save_after) {
$beUser->writeUC($beUser->uc);
$beUser->writelog(254, 1, 0, 1, 'Personal settings changed', array());
$this->setupIsUpdated = true;
}
// Persist data if something has changed:
if (!empty($storeRec) && $this->saveData) {
// Make instance of TCE for storing the changes.
/** @var DataHandler $dataHandler */
$dataHandler = GeneralUtility::makeInstance(DataHandler::class);
$dataHandler->stripslashes_values = false;
// This is so the user can actually update his user record.
$isAdmin = $beUser->user['admin'];
$beUser->user['admin'] = 1;
$dataHandler->start($storeRec, array(), $beUser);
// This is to make sure that the users record can be updated even if in another workspace. This is tolerated.
$dataHandler->bypassWorkspaceRestrictions = true;
$dataHandler->process_datamap();
unset($tce);
if ($this->passwordIsUpdated === self::PASSWORD_NOT_UPDATED || count($storeRec['be_users'][$beUserId]) > 1) {
$this->setupIsUpdated = true;
}
// Restore admin status after processing
$beUser->user['admin'] = $isAdmin;
}
}
}
/**
* Renders a selector element that allows to select the hash method to be used.
*
* @param array $params Field information to be rendered
* @param \TYPO3\CMS\Core\TypoScript\ConfigurationForm $pObj The calling parent object.
* @param string $disposal The configuration disposal ('FE' or 'BE')
* @return string The HTML selector
*/
protected function buildHashMethodSelector(array $params, $pObj, $disposal)
{
$this->init();
$propertyName = $params['propertyName'];
$unknownVariablePleaseRenameMe = '\'' . substr(md5($propertyName), 0, 10) . '\'';
$pField = '';
$registeredMethods = \TYPO3\CMS\Saltedpasswords\Salt\SaltFactory::getRegisteredSaltedHashingMethods();
foreach ($registeredMethods as $class => $reference) {
$classInstance = GeneralUtility::getUserObj($reference);
if ($classInstance instanceof \TYPO3\CMS\Saltedpasswords\Salt\SaltInterface && $classInstance->isAvailable()) {
$sel = $this->extConf[$disposal]['saltedPWHashingMethod'] == $class ? ' selected="selected" ' : '';
$label = 'ext.saltedpasswords.title.' . strtolower(end(explode('\\', $class)));
$pField .= '<option value="' . htmlspecialchars($class) . '"' . $sel . '>' . $GLOBALS['LANG']->getLL($label) . '</option>';
}
}
$pField = '<select id="' . $propertyName . '" name="' . $params['fieldName'] . '" onChange="uFormUrl(' . $unknownVariablePleaseRenameMe . ')">' . $pField . '</select>';
return $pField;
}
/**
* encrypt password
* @param string $password password
*/
public function encryptPassword($password)
{
if (SaltedPasswordsUtility::isUsageEnabled() && $password != '') {
$password = SaltFactory::getSaltingInstance(null)->getHashedPassword($password);
$this->setValue($password);
}
}
/**
* Passwords prefixed with M or C might be salted passwords:
* M means: originally a md5 hash before it was salted (eg. default be_users).
* C means: originally a cleartext password with lower hash looping count generated by t3sec_saltedpw.
* Both M and C will be updated to usual salted hashes on first login of user.
*
* If a password does not start with M or C determine if a password is already a usual salted hash.
*
* @param string $password Password
* @return bool TRUE if password is a salted hash
*/
protected function isSaltedHash($password)
{
$isSaltedHash = FALSE;
if (strlen($password) > 2 && (\TYPO3\CMS\Core\Utility\GeneralUtility::isFirstPartOfStr($password, 'C$') || \TYPO3\CMS\Core\Utility\GeneralUtility::isFirstPartOfStr($password, 'M$'))) {
// Cut off M or C and test if we have a salted hash
$isSaltedHash = \TYPO3\CMS\Saltedpasswords\Salt\SaltFactory::determineSaltingHashingMethod(substr($password, 1));
}
// Test if given password is a already a usual salted hash
if (!$isSaltedHash) {
$isSaltedHash = \TYPO3\CMS\Saltedpasswords\Salt\SaltFactory::determineSaltingHashingMethod($password);
}
return $isSaltedHash;
}
/**
* Checks the backend configuration and shows a message if necessary.
*
* @param array $params Field information to be rendered
* @param \TYPO3\CMS\Core\TypoScript\ConfigurationForm $pObj The calling parent object.
* @return string Messages as HTML if something needs to be reported
*/
public function checkConfigurationBackend(array $params, $pObj)
{
$this->init();
$extConf = $this->extConf['BE'];
// The backend is called over SSL
$SSL = ($GLOBALS['TYPO3_CONF_VARS']['BE']['lockSSL'] > 0 ? TRUE : FALSE) && $GLOBALS['TYPO3_CONF_VARS']['BE']['loginSecurityLevel'] != 'superchallenged';
$rsaAuthLoaded = \TYPO3\CMS\Core\Utility\ExtensionManagementUtility::isLoaded('rsaauth');
if ($extConf['enabled']) {
// SSL configured?
if ($SSL) {
$this->setErrorLevel('ok');
$problems[] = 'The backend is configured to use SaltedPasswords over SSL.';
} elseif ($rsaAuthLoaded) {
if (trim($GLOBALS['TYPO3_CONF_VARS']['BE']['loginSecurityLevel']) === 'rsa') {
if ($this->isRsaAuthBackendAvailable()) {
$this->setErrorLevel('ok');
$problems[] = 'The backend is configured to use SaltedPasswords with RSA authentication.';
} else {
// This means that login would fail because rsaauth is not working properly
$this->setErrorLevel('error');
$problems[] = '<strong>Using the extension "rsaauth" is not possible, as no encryption backend ' . 'is available. Please install and configure the PHP extension "openssl". ' . 'See <a href="http://php.net/manual/en/openssl.installation.php" target="_blank">PHP.net</a></strong>.';
}
} else {
// This means that we are not using saltedpasswords
$this->setErrorLevel('error');
$problems[] = 'The "rsaauth" extension is installed, but TYPO3 is not configured to use it during login.
Use the Install Tool to set the Login Security Level for the backend to "rsa"
($TYPO3_CONF_VARS[\'BE\'][\'loginSecurityLevel\'])';
}
} else {
// This means that we are not using saltedpasswords
$this->setErrorLevel('error');
$problems[] = 'Backend requirements for SaltedPasswords are not met, therefore the
authentication will not work even if it was explicitly enabled for backend
usage:<br />
<ul>
<li>Install the "rsaauth" extension and use the Install Tool to set the
Login Security Level for the backend to "rsa"
($TYPO3_CONF_VARS[\'BE\'][\'loginSecurityLevel\'])</li>
<li>If you have the option to use SSL, you can also configure your
backend for SSL usage:<br />
Use the Install Tool to set the Security-Level for the backend
to "normal" ($TYPO3_CONF_VARS[\'BE\'][\'loginSecurityLevel\']) and
the SSL-locking option to a value greater than "0"
(see description - $TYPO3_CONF_VARS[\'BE\'][\'lockSSL\'])</li>
</ul>
<br />
It is also possible to use "lockSSL" and "rsa" Login Security Level at the same
time.';
}
// Only saltedpasswords as authsservice
if ($extConf['onlyAuthService']) {
// Warn user that the combination with "forceSalted" may lock him out from Backend
if ($extConf['forceSalted']) {
$this->setErrorLevel('warning');
$problems[] = 'SaltedPasswords has been configured to be the only authentication service for
the backend. Additionally, usage of salted passwords is enforced (forceSalted).
The result is that there is no chance to login with users not having a salted
password hash.<br />
<strong><i>WARNING:</i></strong> This may lock you out of the backend!';
} else {
// Inform the user that things like openid won't work anymore
$this->setErrorLevel('info');
$problems[] = 'SaltedPasswords has been configured to be the only authentication service for
the backend. This means that other services like "ipauth", "openid", etc. will
be ignored (except "rsauth", which is implicitely used).';
}
}
// forceSalted is set
if ($extConf['forceSalted'] && !$extConf['onlyAuthService']) {
$this->setErrorLevel('info');
$problems[] = 'SaltedPasswords has been configured to enforce salted passwords (forceSalted).
<br />
This means that only passwords in the format of this extension will succeed for
login.<br />
<strong><i>IMPORTANT:</i></strong> This has the effect that passwords that are set from
the Install Tool will not work!';
}
// updatePasswd wont work with "forceSalted"
if ($extConf['updatePasswd'] && $extConf['forceSalted']) {
$this->setErrorLevel('error');
$problems[] = 'SaltedPasswords is configured wrong and will not work as expected:<br />
It is not possible to set "updatePasswd" and "forceSalted" at the same time.
Please disable either one of them.';
}
// Check if the configured hash-method is available on system
if (!($instance = \TYPO3\CMS\Saltedpasswords\Salt\SaltFactory::getSaltingInstance(NULL, 'BE') || !$instance->isAvailable())) {
$this->setErrorLevel('error');
$problems[] = 'The selected method for hashing your salted passwords is not available on this
system! Please check your configuration.';
}
} else {
// Not enabled warning
$this->setErrorLevel('error');
$problems[] = 'SaltedPasswords has been disabled for backend users.';
}
$this->problems = $problems;
return $this->renderFlashMessage();
}
/**
* Checks the login data with the user record data for builtin login method.
*
* @param array $user User data array
* @param array $loginData Login data array
* @param string $passwordCompareStrategy Password compare strategy
* @return bool TRUE if login data matched
*/
public function compareUident(array $user, array $loginData, $passwordCompareStrategy = '')
{
$validPasswd = FALSE;
$password = $loginData['uident_text'];
// Determine method used for given salted hashed password
$this->objInstanceSaltedPW = \TYPO3\CMS\Saltedpasswords\Salt\SaltFactory::getSaltingInstance($user['password']);
// Existing record is in format of Salted Hash password
if (is_object($this->objInstanceSaltedPW)) {
$validPasswd = $this->objInstanceSaltedPW->checkPassword($password, $user['password']);
// Record is in format of Salted Hash password but authentication failed
// skip further authentication methods
if (!$validPasswd) {
$this->authenticationFailed = TRUE;
}
$defaultHashingClassName = \TYPO3\CMS\Saltedpasswords\Utility\SaltedPasswordsUtility::getDefaultSaltingHashingMethod();
$skip = FALSE;
// Test for wrong salted hashing method
if ($validPasswd && !(get_class($this->objInstanceSaltedPW) == $defaultHashingClassName) || is_subclass_of($this->objInstanceSaltedPW, $defaultHashingClassName)) {
// Instanciate default method class
$this->objInstanceSaltedPW = \TYPO3\CMS\Saltedpasswords\Salt\SaltFactory::getSaltingInstance(NULL);
$this->updatePassword((int) $user['uid'], array('password' => $this->objInstanceSaltedPW->getHashedPassword($password)));
}
if ($validPasswd && !$skip && $this->objInstanceSaltedPW->isHashUpdateNeeded($user['password'])) {
$this->updatePassword((int) $user['uid'], array('password' => $this->objInstanceSaltedPW->getHashedPassword($password)));
}
} elseif (!(int) $this->extConf['forceSalted']) {
// Stored password is in deprecated salted hashing method
if (\TYPO3\CMS\Core\Utility\GeneralUtility::inList('C$,M$', substr($user['password'], 0, 2))) {
// Instanciate default method class
$this->objInstanceSaltedPW = \TYPO3\CMS\Saltedpasswords\Salt\SaltFactory::getSaltingInstance(substr($user['password'], 1));
// md5
if ($user['password'][0] === 'M') {
$validPasswd = $this->objInstanceSaltedPW->checkPassword(md5($password), substr($user['password'], 1));
} else {
$validPasswd = $this->objInstanceSaltedPW->checkPassword($password, substr($user['password'], 1));
}
// Skip further authentication methods
if (!$validPasswd) {
$this->authenticationFailed = TRUE;
}
} elseif (preg_match('/[0-9abcdef]{32,32}/', $user['password'])) {
$validPasswd = md5($password) === (string) $user['password'];
// Skip further authentication methods
if (!$validPasswd) {
$this->authenticationFailed = TRUE;
}
} else {
$validPasswd = (string) $password === (string) $user['password'];
}
// Should we store the new format value in DB?
if ($validPasswd && (int) $this->extConf['updatePasswd']) {
// Instanciate default method class
$this->objInstanceSaltedPW = \TYPO3\CMS\Saltedpasswords\Salt\SaltFactory::getSaltingInstance(NULL);
$this->updatePassword((int) $user['uid'], array('password' => $this->objInstanceSaltedPW->getHashedPassword($password)));
}
}
return $validPasswd;
}
/**
* Hook function for felogin "forgotPassword" functionality
* encrypts the new password before storing in database
*
* @param array $params Parameter the hook delivers
* @param \TYPO3\CMS\Felogin\Controller\FrontendLoginController $pObj Parent Object from which the hook is called
* @return void
*/
public function feloginForgotPasswordHook(array &$params, \TYPO3\CMS\Felogin\Controller\FrontendLoginController $pObj)
{
if (self::isUsageEnabled('FE')) {
$this->objInstanceSaltedPW = \TYPO3\CMS\Saltedpasswords\Salt\SaltFactory::getSaltingInstance();
$params['newPassword'] = $this->objInstanceSaltedPW->getHashedPassword($params['newPassword']);
}
}
/**
* Synchronizes backend users.
*
* @param array $users
*/
protected function synchronizeUsers(array $users)
{
/** @var \TYPO3\CMS\Saltedpasswords\Salt\SaltInterface $instance */
$instance = null;
if (\TYPO3\CMS\Core\Utility\ExtensionManagementUtility::isLoaded('saltedpasswords')) {
$instance = \TYPO3\CMS\Saltedpasswords\Salt\SaltFactory::getSaltingInstance(null, 'BE');
}
$authorizedKeys = array_flip(array('username', 'admin', 'disable', 'realName', 'email', 'TSconfig', 'starttime', 'endtime', 'lang', 'tx_openid_openid', 'deleted'));
foreach ($users as $user) {
$user = array_intersect_key($user, $authorizedKeys);
if (empty($this->config['synchronizeDeletedAccounts']) || !$this->config['synchronizeDeletedAccounts']) {
if (isset($user['deleted']) && $user['deleted']) {
// We do not authorize deleted user accounts to be synchronized
// on this website
continue;
}
} else {
$user['deleted'] = $user['deleted'] ? 1 : 0;
}
// Generate a random password
$password = GeneralUtility::generateRandomBytes(16);
$user['password'] = $instance ? $instance->getHashedPassword($password) : md5($password);
$localUser = $this->getDatabaseConnection()->exec_SELECTgetSingleRow('uid', 'be_users', 'username='******'username'], 'be_users'));
if ($localUser) {
// Update existing user
$this->getDatabaseConnection()->exec_UPDATEquery('be_users', 'uid=' . $localUser['uid'], $user);
} else {
// Create new user
$this->getDatabaseConnection()->exec_INSERTquery('be_users', $user);
}
}
}
/**
* Validate install tool password and login user if requested
*
* @return void
*/
protected function loginIfRequested()
{
$action = $this->getAction();
$postValues = $this->getPostValues();
if ($action === 'login') {
$password = '';
$validPassword = FALSE;
if (isset($postValues['values']['password'])) {
$password = $postValues['values']['password'];
$installToolPassword = $GLOBALS['TYPO3_CONF_VARS']['BE']['installToolPassword'];
$saltFactory = \TYPO3\CMS\Saltedpasswords\Salt\SaltFactory::getSaltingInstance($installToolPassword);
if (is_object($saltFactory)) {
$validPassword = $saltFactory->checkPassword($password, $installToolPassword);
} elseif (md5($password) === $installToolPassword) {
// Update install tool password
$saltFactory = \TYPO3\CMS\Saltedpasswords\Salt\SaltFactory::getSaltingInstance(NULL, 'BE');
$configurationManager = $this->objectManager->get(\TYPO3\CMS\Core\Configuration\ConfigurationManager::class);
$configurationManager->setLocalConfigurationValueByPath('BE/installToolPassword', $saltFactory->getHashedPassword($password));
$validPassword = TRUE;
}
}
if ($validPassword) {
$this->session->setAuthorized();
$this->sendLoginSuccessfulMail();
$this->redirect();
} else {
$saltFactory = \TYPO3\CMS\Saltedpasswords\Salt\SaltFactory::getSaltingInstance(NULL, 'BE');
$hashedPassword = $saltFactory->getHashedPassword($password);
/** @var $message \TYPO3\CMS\Install\Status\ErrorStatus */
$message = $this->objectManager->get(\TYPO3\CMS\Install\Status\ErrorStatus::class);
$message->setTitle('Login failed');
$message->setMessage('Given password does not match the install tool login password. ' . 'Calculated hash: ' . $hashedPassword);
$this->sendLoginFailedMail();
$this->output($this->loginForm($message));
}
}
}
/**
* Encrypt the password
*
* @param string $password
* @param array $settings
* @return string
*/
public static function encryptPassword($password, $settings)
{
if (\TYPO3\CMS\Core\Utility\ExtensionManagementUtility::isLoaded('saltedpasswords') && \TYPO3\CMS\Saltedpasswords\Utility\SaltedPasswordsUtility::isUsageEnabled('FE')) {
$saltObject = \TYPO3\CMS\Saltedpasswords\Salt\SaltFactory::getSaltingInstance(null);
if (is_object($saltObject)) {
$password = $saltObject->getHashedPassword($password);
}
} elseif ($settings['encryptPassword'] === 'md5') {
$password = md5($password);
} elseif ($settings['encryptPassword'] === 'sha1') {
$password = sha1($password);
}
return $password;
}
/**
* Returns the current context.
*
* @param \MW_Config_Interface Configuration object
* @return MShop_Context_Item_Interface Context object
*/
public static function getContext(\MW_Config_Interface $config)
{
if (self::$context === null) {
$context = new \MShop_Context_Item_Typo3();
$context->setConfig($config);
$dbm = new \MW_DB_Manager_PDO($config);
$context->setDatabaseManager($dbm);
$logger = \MAdmin_Log_Manager_Factory::createManager($context);
$context->setLogger($logger);
$cache = self::getCache($context);
$context->setCache($cache);
$mailer = \TYPO3\CMS\Core\Utility\GeneralUtility::makeInstance('TYPO3\\CMS\\Core\\Mail\\MailMessage');
$context->setMail(new \MW_Mail_Typo3($mailer));
if (\TYPO3\CMS\Core\Utility\ExtensionManagementUtility::isLoaded('saltedpasswords') && \TYPO3\CMS\Saltedpasswords\Utility\SaltedPasswordsUtility::isUsageEnabled('FE')) {
$object = \TYPO3\CMS\Saltedpasswords\Salt\SaltFactory::getSaltingInstance();
$context->setHasherTypo3($object);
}
if (isset($GLOBALS['TSFE']->fe_user)) {
$session = new \MW_Session_Typo3($GLOBALS['TSFE']->fe_user);
} else {
$session = new \MW_Session_None();
}
$context->setSession($session);
self::$context = $context;
}
self::$context->setConfig($config);
return self::$context;
}
/**
* Hash password with saltedpassword extension
*
* @param string $password Password
*
* @return string
*/
protected function getHashedSaltedPassword($password)
{
if (\TYPO3\CMS\Core\Utility\ExtensionManagementUtility::isLoaded('saltedpasswords') && \TYPO3\CMS\Saltedpasswords\Utility\SaltedPasswordsUtility::isUsageEnabled('FE')) {
$objSalt = \TYPO3\CMS\Saltedpasswords\Salt\SaltFactory::getSaltingInstance(NULL);
if (is_object($objSalt)) {
$password = $objSalt->getHashedPassword($password);
}
}
return $password;
}
