Öffentliche Methoden | |
| trackBeUser ($flag) | |
| checkLockToIP () | |
| backendCheckLogin () | |
| checkCLIuser () | |
| backendSetUC () | |
| overrideUC () | |
| resetUC () | |
| emailAtLogin () | |
| veriCode () | |
| isAdmin () | |
| isMemberOfGroup ($groupId) | |
| doesUserHaveAccess ($row, $perms) | |
| isInWebMount ($id, $readPerms='', $exitOnError=0) | |
| modAccess ($conf, $exitOnError) | |
| getPagePermsClause ($perms) | |
| calcPerms ($row) | |
| isRTE () | |
| check ($type, $value) | |
| checkAuthMode ($table, $field, $value, $authMode) | |
| checkLanguageAccess ($langValue) | |
| recordEditAccessInternals ($table, $idOrRow, $newRecord=FALSE, $deletedRecord=FALSE) | |
| isPSet ($lCP, $table, $type='') | |
| mayMakeShortcut () | |
| workspaceCannotEditRecord ($table, $recData) | |
| workspaceCannotEditOfflineVersion ($table, $recData) | |
| workspaceAllowLiveRecordsInPID ($pid, $table) | |
| workspaceCreateNewRecord ($pid, $table) | |
| workspaceAllowAutoCreation ($table, $id, $recpid) | |
| workspaceCheckStageForCurrent ($stage) | |
| workspacePublishAccess ($wsid) | |
| workspaceSwapAccess () | |
| workspaceVersioningTypeAccess ($type) | |
| workspaceVersioningTypeGetClosest ($type) | |
| getTSConfig ($objectString, $config='') | |
| getTSConfigVal ($objectString) | |
| getTSConfigProp ($objectString) | |
| inList ($in_list, $item) | |
| returnWebmounts () | |
| returnFilemounts () | |
| jsConfirmation ($bitmask) | |
| fetchGroupData () | |
| fetchGroups ($grList, $idList='') | |
| setCachedList ($cList) | |
| addFileMount ($title, $altTitle, $path, $webspace, $type) | |
| addTScomment ($str) | |
| workspaceInit () | |
| checkWorkspace ($wsRec, $fields='uid, title, adminusers, members, reviewers, publish_access, stagechg_notification') | |
| checkWorkspaceCurrent () | |
| setWorkspace ($workspaceId) | |
| setWorkspacePreview ($previewState) | |
| getDefaultWorkspace () | |
| writelog ($type, $action, $error, $details_nr, $details, $data, $tablename='', $recuid='', $recpid='', $event_pid=-1, $NEWid='', $userId=0) | |
| writelog ($type, $action, $error, $details_nr, $details, $data, $tablename, $recuid, $recpid) | |
| simplelog ($message, $extKey='', $error=0) | |
| checkLogFailures ($email, $secondsBack=3600, $max=3) | |
| checkLogFailures () | |
| start () | |
| isSetSessionCookie () | |
| isRefreshTimeBasedCookie () | |
| checkAuthentication () | |
| createUserSession ($tempuser) | |
| getNewSessionRecord ($tempuser) | |
| fetchUserSession () | |
| logoff () | |
| isExistingSessionRecord ($id) | |
| user_where_clause () | |
| ipLockClause () | |
| ipLockClause_remoteIPNumber ($parts) | |
| hashLockClause () | |
| hashLockClause_getHashInt () | |
| writeUC ($variable='') | |
| unpack_uc ($theUC='') | |
| pushModuleData ($module, $data, $noSave=0) | |
| getModuleData ($module, $type='') | |
| getSessionData ($key) | |
| setAndSaveSessionData ($key, $data) | |
| getLoginFormData () | |
| processLoginData ($loginData, $security_level='') | |
| getAuthInfoArray () | |
| compareUident ($user, $loginData, $security_level='') | |
| gc () | |
| redirect () | |
| setBeUserByUid ($uid) | |
| setBeUserByName ($name) | |
| getRawUserByUid ($uid) | |
| getRawUserByName ($name) | |
| fetchUserRecord ($dbUser, $username, $extraWhere='') | |
Öffentliche Attribute | |
| $session_table = 'be_sessions' | |
| $name = 'be_typo_user' | |
| $user_table = 'be_users' | |
| $username_column = 'username' | |
| $userident_column = 'password' | |
| $userid_column = 'uid' | |
| $lastLogin_column = 'lastlogin' | |
| $notifyHeader = 'From: TYPO3 Login notify <no_reply@no_reply.no_reply>' | |
| $enablecolumns | |
| $formfield_uname = 'username' | |
| $formfield_uident = 'userident' | |
| $formfield_chalvalue = 'challenge' | |
| $formfield_status = 'login_status' | |
| $security_level = 'superchallenged' | |
| $writeStdLog = 1 | |
| $writeAttemptLog = 1 | |
| $auth_include = '' | |
| $auth_timeout_field = 6000 | |
| $lifetime = 0 | |
| $challengeStoredInCookie = TRUE | |
| $uc | |
| $uc_default | |
| $usergroup_column = 'usergroup' | |
| $usergroup_table = 'be_groups' | |
| $groupData | |
| $workspace = -99 | |
| $workspaceRec = array() | |
| $userGroups = Array() | |
| $userGroupsUID = Array() | |
| $groupList = '' | |
| $dataLists | |
| $includeHierarchy = array() | |
| $includeGroupArray = array() | |
| $OS = '' | |
| $TSdataArray = array() | |
| $userTS_text = '' | |
| $userTS = array() | |
| $userTSUpdated = 0 | |
| $userTS_dontGetCached = 0 | |
| $RTE_errors = array() | |
| $errorMsg = '' | |
| $checkWorkspaceCurrent_cache = NULL | |
| $global_database = '' | |
| $get_name = '' | |
| $gc_time = 0 | |
| $gc_probability = 1 | |
| $sendNoCacheHeaders = TRUE | |
| $getFallBack = FALSE | |
| $hash_length = 32 | |
| $getMethodEnabled = FALSE | |
| $lockIP = 4 | |
| $lockHashKeyWords = 'useragent' | |
| $warningEmail = '' | |
| $warningPeriod = 3600 | |
| $warningMax = 3 | |
| $checkPid = TRUE | |
| $checkPid_value = 0 | |
| $id | |
| $cookieId | |
| $loginFailure = FALSE | |
| $loginSessionStarted = FALSE | |
| $user | |
| $get_URL_ID = '' | |
| $newSessionID = FALSE | |
| $forceSetCookie = FALSE | |
| $dontSetCookie = FALSE | |
| $loginType = '' | |
| $svConfig = array() | |
| $writeDevLog = FALSE | |
| t3lib_userAuthGroup::addFileMount | ( | $ | title, | |
| $ | altTitle, | |||
| $ | path, | |||
| $ | webspace, | |||
| $ | type | |||
| ) | [inherited] |
Adds a filemount to the users array of filemounts, $this->groupData['filemounts'][hash_key] = Array ('name'=>$name, 'path'=>$path, 'type'=>$type); Is a part of the authentication proces of the user. A final requirement for a path being mounted is that a) it MUST return true on is_dir(), b) must contain either PATH_site+'fileadminDir' OR 'lockRootPath' - if lockRootPath is set - as first part of string! Paths in the mounted information will always be absolute and have a trailing slash.
| string | $title will be the (root)name of the filemount in the folder tree | |
| string | $altTitle will be the (root)name of the filemount IF $title is not true (blank or zero) | |
| string | $path is the path which should be mounted. Will accept backslash in paths on windows servers (will substituted with forward slash). The path should be 1) relative to TYPO3_CONF_VARS[BE][fileadminDir] if $webspace is set, otherwise absolute. | |
| boolean | If $webspace is set, the $path is relative to 'fileadminDir' in TYPO3_CONF_VARS, otherwise $path is absolute. 'fileadminDir' must be set to allow mounting of relative paths. | |
| string | Type of filemount; Can be blank (regular) or "user" / "group" (for user and group filemounts presumably). Probably sets the icon first and foremost. |
| t3lib_userAuthGroup::addTScomment | ( | $ | str | ) | [inherited] |
Creates a TypoScript comment with the string text inside.
| string | The text to wrap in comment prefixes and delimiters. |
| t3lib_beUserAuth::backendCheckLogin | ( | ) |
Check if user is logged in and if so, call ->fetchGroupData() to load group information and access lists of all kind, further check IP, set the ->uc array and send login-notification email if required. If no user is logged in the default behaviour is to exit with an error message, but this will happen ONLY if the constant TYPO3_PROCEED_IF_NO_USER is set true. This function is called right after ->start() in fx. init.php
| t3lib_beUserAuth::backendSetUC | ( | ) |
Initialize the internal ->uc array for the backend user Will make the overrides if necessary, and write the UC back to the be_users record if changes has happend
| t3lib_userAuthGroup::calcPerms | ( | $ | row | ) | [inherited] |
Returns a combined binary representation of the current users permissions for the page-record, $row. The perms for user, group and everybody is OR'ed together (provided that the page-owner is the user and for the groups that the user is a member of the group If the user is admin, 31 is returned (full permissions for all five flags)
| array | Input page row with all perms_* fields available. |
| t3lib_userAuthGroup::check | ( | $ | type, | |
| $ | value | |||
| ) | [inherited] |
Returns true if the $value is found in the list in a $this->groupData[] index pointed to by $type (array key). Can thus be users to check for modules, exclude-fields, select/modify permissions for tables etc. If user is admin true is also returned Please see the document Inside TYPO3 for examples.
| string | The type value; "webmounts", "filemounts", "pagetypes_select", "tables_select", "tables_modify", "non_exclude_fields", "modules" | |
| string | String to search for in the groupData-list |
| t3lib_userAuth::checkAuthentication | ( | ) | [inherited] |
Checks if a submission of username and password is present or use other authentication by auth services
| t3lib_userAuthGroup::checkAuthMode | ( | $ | table, | |
| $ | field, | |||
| $ | value, | |||
| $ | authMode | |||
| ) | [inherited] |
Checking the authMode of a select field with authMode set
| string | Table name | |
| string | Field name (must be configured in TCA and of type "select" with authMode set!) | |
| string | Value to evaluation (single value, must not contain any of the chars ":,|") | |
| string | Auth mode keyword (explicitAllow, explicitDeny, individual) |
| t3lib_beUserAuth::checkCLIuser | ( | ) |
If the backend script is in CLI mode, it will try to load a backend user named by the CLI module name (in lowercase)
| t3lib_userAuthGroup::checkLanguageAccess | ( | $ | langValue | ) | [inherited] |
Checking if a language value (-1, 0 and >0 for sys_language records) is allowed to be edited by the user.
| integer | Language value to evaluate |
| t3lib_beUserAuth::checkLockToIP | ( | ) |
If TYPO3_CONF_VARS['BE']['enabledBeUserIPLock'] is enabled and an IP-list is found in the User TSconfig objString "options.lockToIP", then make an IP comparison with REMOTE_ADDR and return the outcome (true/false)
| t3lib_userAuth::checkLogFailures | ( | ) | [inherited] |
DUMMY: Check login failures (in some extension classes)
| t3lib_userAuthGroup::checkLogFailures | ( | $ | email, | |
| $ | secondsBack = 3600, |
|||
| $ | max = 3 | |||
| ) | [inherited] |
Sends a warning to $email if there has been a certain amount of failed logins during a period. If a login fails, this function is called. It will look up the sys_log to see if there has been more than $max failed logins the last $secondsBack seconds (default 3600). If so, an email with a warning is sent to $email.
| string | Email address | |
| integer | Number of sections back in time to check. This is a kind of limit for how many failures an hour for instance. | |
| integer | Max allowed failures before a warning mail is sent |
| t3lib_userAuthGroup::checkWorkspace | ( | $ | wsRec, | |
| $ | fields = 'uid, |
|||
| title | , | |||
| adminusers | , | |||
| members | , | |||
| reviewers | , | |||
| publish_access | , | |||
| stagechg_notification' | ||||
| ) | [inherited] |
Checking if a workspace is allowed for backend user
| mixed | If integer, workspace record is looked up, if array it is seen as a Workspace record with at least uid, title, members and adminusers columns. Can be faked for workspaces uid 0 and -1 (online and offline) | |
| string | List of fields to select. Default fields are: uid,title,adminusers,members,reviewers,publish_access,stagechg_notification |
| t3lib_userAuthGroup::checkWorkspaceCurrent | ( | ) | [inherited] |
Uses checkWorkspace() to check if current workspace is available for user. This function caches the result and so can be called many times with no performance loss.
| t3lib_userAuth::compareUident | ( | $ | user, | |
| $ | loginData, | |||
| $ | security_level = '' | |||
| ) | [inherited] |
Check the login data with the user record data for builtin login methods
| array | user data array | |
| array | login data array | |
| string | Alternative security_level. Used when authentication services wants to override the default. |
| t3lib_userAuth::createUserSession | ( | $ | tempuser | ) | [inherited] |
Creates a user session record.
| array | user data array |
| t3lib_userAuthGroup::doesUserHaveAccess | ( | $ | row, | |
| $ | perms | |||
| ) | [inherited] |
Checks if the permissions is granted based on a page-record ($row) and $perms (binary and'ed)
Bits for permissions, see $perms variable:
1 - Show: See/Copy page and the pagecontent. 16- Edit pagecontent: Change/Add/Delete/Move pagecontent. 2- Edit page: Change/Move the page, eg. change title, startdate, hidden. 4- Delete page: Delete the page and pagecontent. 8- New pages: Create new pages under the page.
| array | $row is the pagerow for which the permissions is checked | |
| integer | $perms is the binary representation of the permission we are going to check. Every bit in this number represents a permission that must be set. See function explanation. |
| t3lib_beUserAuth::emailAtLogin | ( | ) |
Will send an email notification to warning_email_address/the login users email address when a login session is just started. Depends on various parameters whether mails are send and to whom.
| t3lib_userAuthGroup::fetchGroupData | ( | ) | [inherited] |
Initializes a lot of stuff like the access-lists, database-mountpoints and filemountpoints This method is called by ->backendCheckLogin() (from extending class t3lib_beuserauth) if the backend user login has verified OK. Generally this is required initialization of a backend user.
| t3lib_userAuthGroup::fetchGroups | ( | $ | grList, | |
| $ | idList = '' | |||
| ) | [inherited] |
Fetches the group records, subgroups and fills internal arrays. Function is called recursively to fetch subgroups
| string | Commalist of be_groups uid numbers | |
| string | List of already processed be_groups-uids so the function will not fall into a eternal recursion. |
| t3lib_userAuth::fetchUserRecord | ( | $ | dbUser, | |
| $ | username, | |||
| $ | extraWhere = '' | |||
| ) | [inherited] |
Get a user from DB by username provided for usage from services
| array | User db table definition: $this->db_user | |
| string | user name | |
| string | additional WHERE clause: AND ... |
| t3lib_userAuth::fetchUserSession | ( | ) | [inherited] |
Read the user session from db.
| t3lib_userAuth::gc | ( | ) | [inherited] |
Garbage collector, removing old expired sessions.
| t3lib_userAuth::getAuthInfoArray | ( | ) | [inherited] |
Returns an info array which provides additional information for auth services
| t3lib_userAuthGroup::getDefaultWorkspace | ( | ) | [inherited] |
Return default workspace ID for user
| t3lib_userAuth::getLoginFormData | ( | ) | [inherited] |
Returns an info array with Login/Logout data submitted by a form or params
| t3lib_userAuth::getModuleData | ( | $ | module, | |
| $ | type = '' | |||
| ) | [inherited] |
Gets module data for a module (from a loaded ->uc array)
| string | $module is the name of the module ($MCONF['name']) | |
| string | If $type = 'ses' then module data is returned only if it was stored in the current session, otherwise data from a previous session will be returned (if available). |
| t3lib_userAuth::getNewSessionRecord | ( | $ | tempuser | ) | [inherited] |
Returns a new session record for the current user for insertion into the DB. This function is mainly there as a wrapper for inheriting classes to override it.
| t3lib_userAuthGroup::getPagePermsClause | ( | $ | perms | ) | [inherited] |
Returns a WHERE-clause for the pages-table where user permissions according to input argument, $perms, is validated. $perms is the "mask" used to select. Fx. if $perms is 1 then you'll get all pages that a user can actually see! 2^0 = show (1) 2^1 = edit (2) 2^2 = delete (4) 2^3 = new (8) If the user is 'admin' " 1=1" is returned (no effect) If the user is not set at all (->user is not an array), then " 1=0" is returned (will cause no selection results at all) The 95% use of this function is "->getPagePermsClause(1)" which will return WHERE clauses for *selecting* pages in backend listings - in other words this will check read permissions.
| integer | Permission mask to use, see function description |
| t3lib_userAuth::getRawUserByName | ( | $ | name | ) | [inherited] |
Fetching raw user record with username=$name
| string | The username to look up. |
| t3lib_userAuth::getRawUserByUid | ( | $ | uid | ) | [inherited] |
Fetching raw user record with uid=$uid
| integer | The UID of the backend user to set in ->user |
| t3lib_userAuth::getSessionData | ( | $ | key | ) | [inherited] |
Returns the session data stored for $key. The data will last only for this login session since it is stored in the session table.
| string | Pointer to an associative key in the session data array which is stored serialized in the field "ses_data" of the session table. |
| t3lib_userAuthGroup::getTSConfig | ( | $ | objectString, | |
| $ | config = '' | |||
| ) | [inherited] |
Returns the value/properties of a TS-object as given by $objectString, eg. 'options.dontMountAdminMounts' Nice (general!) function for returning a part of a TypoScript array!
| string | Pointer to an "object" in the TypoScript array, fx. 'options.dontMountAdminMounts' | |
| array | Optional TSconfig array: If array, then this is used and not $this->userTS. If not array, $this->userTS is used. |
| t3lib_userAuthGroup::getTSConfigProp | ( | $ | objectString | ) | [inherited] |
Returns the "properties" of the $objectString from the BE_USERS "User TSconfig" array
| string | Object string, eg. "somestring.someproperty.somesubproperty" |
| t3lib_userAuthGroup::getTSConfigVal | ( | $ | objectString | ) | [inherited] |
Returns the "value" of the $objectString from the BE_USERS "User TSconfig" array
| string | Object string, eg. "somestring.someproperty.somesubproperty" |
| t3lib_userAuth::hashLockClause | ( | ) | [inherited] |
This returns the where-clause needed to lock a user to a hash integer
| t3lib_userAuth::hashLockClause_getHashInt | ( | ) | [inherited] |
Creates hash integer to lock user to. Depends on configured keywords
| t3lib_userAuthGroup::inList | ( | $ | in_list, | |
| $ | item | |||
| ) | [inherited] |
Returns true if $item is in $in_list
| string | Comma list with items, no spaces between items! | |
| string | The string to find in the list of items |
| t3lib_userAuth::ipLockClause | ( | ) | [inherited] |
This returns the where-clause needed to lock a user to the IP address
| t3lib_userAuth::ipLockClause_remoteIPNumber | ( | $ | parts | ) | [inherited] |
Returns the IP address to lock to. The IP address may be partial based on $parts.
| integer | 1-4: Indicates how many parts of the IP address to return. 4 means all, 1 means only first number. |
| t3lib_userAuthGroup::isAdmin | ( | ) | [inherited] |
Returns true if user is admin Basically this function evaluates if the ->user[admin] field has bit 0 set. If so, user is admin.
| t3lib_userAuth::isExistingSessionRecord | ( | $ | id | ) | [inherited] |
Determine whether there's an according session record to a given session_id in the database. Don't care if session record is still valid or not.
| integer | Claimed Session ID |
| t3lib_userAuthGroup::isInWebMount | ( | $ | id, | |
| $ | readPerms = '', |
|||
| $ | exitOnError = 0 | |||
| ) | [inherited] |
Checks if the page id, $id, is found within the webmounts set up for the user. This should ALWAYS be checked for any page id a user works with, whether it's about reading, writing or whatever. The point is that this will add the security that a user can NEVER touch parts outside his mounted pages in the page tree. This is otherwise possible if the raw page permissions allows for it. So this security check just makes it easier to make safe user configurations. If the user is admin OR if this feature is disabled (fx. by setting TYPO3_CONF_VARS['BE']['lockBeUserToDBmounts']=0) then it returns "1" right away Otherwise the function will return the uid of the webmount which was first found in the rootline of the input page $id
| integer | Page ID to check | |
| string | Content of "->getPagePermsClause(1)" (read-permissions). If not set, they will be internally calculated (but if you have the correct value right away you can save that database lookup!) | |
| boolean | If set, then the function will exit with an error message. |
| t3lib_userAuthGroup::isMemberOfGroup | ( | $ | groupId | ) | [inherited] |
Returns true if the current user is a member of group $groupId $groupId must be set. $this->groupList must contain groups Will return true also if the user is a member of a group through subgroups.
| integer | Group ID to look for in $this->groupList |
| t3lib_userAuthGroup::isPSet | ( | $ | lCP, | |
| $ | table, | |||
| $ | type = '' | |||
| ) | [inherited] |
Will check a type of permission against the compiled permission integer, $lCP, and in relation to table, $table
| integer | $lCP could typically be the "compiled permissions" integer returned by ->calcPerms | |
| string | $table is the tablename to check: If "pages" table then edit,new,delete and editcontent permissions can be checked. Other tables will be checked for "editcontent" only (and $type will be ignored) | |
| string | For $table='pages' this can be 'edit' (2), 'new' (8 or 16), 'delete' (4), 'editcontent' (16). For all other tables this is ignored. (16 is used) |
| t3lib_userAuth::isRefreshTimeBasedCookie | ( | ) | [inherited] |
Determine whether a non-session cookie needs to be set (lifetime>0)
| t3lib_userAuthGroup::isRTE | ( | ) | [inherited] |
Returns true if the RTE (Rich Text Editor) can be enabled for the user Strictly this is not permissions being checked but rather a series of settings like a loaded extension, browser/client type and a configuration option in ->uc[edit_RTE] The reasons for a FALSE return can be found in $this->RTE_errors
| t3lib_userAuth::isSetSessionCookie | ( | ) | [inherited] |
Determine whether a session cookie needs to be set (lifetime=0)
| t3lib_userAuthGroup::jsConfirmation | ( | $ | bitmask | ) | [inherited] |
Returns true or false, depending if an alert popup (a javascript confirmation) should be shown call like $GLOBALS['BE_USER']->jsConfirmation($BITMASK)
1 - typeChange 2 - copy/move/paste 4 - delete 8 - frontend editing 128 - other (not used yet)
| integer | Bitmask |
| t3lib_userAuth::logoff | ( | ) | [inherited] |
Log out current user! Removes the current session record, sets the internal ->user array to a blank string; Thereby the current user (if any) is effectively logged out!
| t3lib_userAuthGroup::mayMakeShortcut | ( | ) | [inherited] |
Returns true if the BE_USER is allowed to *create* shortcuts in the backend modules
| t3lib_userAuthGroup::modAccess | ( | $ | conf, | |
| $ | exitOnError | |||
| ) | [inherited] |
Checks access to a backend module with the $MCONF passed as first argument
| array | $MCONF array of a backend module! | |
| boolean | If set, an array will issue an error message and exit. |
| t3lib_beUserAuth::overrideUC | ( | ) |
Override: Call this function every time the uc is updated. That is 1) by reverting to default values, 2) in the setup-module, 3) userTS changes (userauthgroup)
| t3lib_userAuth::processLoginData | ( | $ | loginData, | |
| $ | security_level = '' | |||
| ) | [inherited] |
Processes Login data submitted by a form or params depending on the security_level
| array | login data array | |
| string | Alternative security_level. Used when authentication services wants to override the default. |
| t3lib_userAuth::pushModuleData | ( | $ | module, | |
| $ | data, | |||
| $ | noSave = 0 | |||
| ) | [inherited] |
Stores data for a module. The data is stored with the session id so you can even check upon retrieval if the module data is from a previous session or from the current session.
| string | $module is the name of the module ($MCONF['name']) | |
| mixed | $data is the data you want to store for that module (array, string, ...) | |
| boolean | If $noSave is set, then the ->uc array (which carries all kinds of user data) is NOT written immediately, but must be written by some subsequent call. |
| t3lib_userAuthGroup::recordEditAccessInternals | ( | $ | table, | |
| $ | idOrRow, | |||
| $ | newRecord = FALSE, |
|||
| $ | deletedRecord = FALSE | |||
| ) | [inherited] |
Checking if a user has editing access to a record from a $TCA table. The checks does not take page permissions and other "environmental" things into account. It only deal with record internals; If any values in the record fields disallows it. For instance languages settings, authMode selector boxes are evaluated (and maybe more in the future). It will check for workspace dependent access. The function takes an ID (integer) or row (array) as second argument.
| string | Table name | |
| mixed | If integer, then this is the ID of the record. If Array this just represents fields in the record. | |
| boolean | Set, if testing a new (non-existing) record array. Will disable certain checks that doesn't make much sense in that context. | |
| boolean | Set, if testing a deleted record array. |
| t3lib_userAuth::redirect | ( | ) | [inherited] |
Redirect to somewhere. Obsolete, deprecated etc.
| t3lib_beUserAuth::resetUC | ( | ) |
Clears the user[uc] and ->uc to blank strings. Then calls ->backendSetUC() to fill it again with reset contents
| t3lib_userAuthGroup::returnFilemounts | ( | ) | [inherited] |
Returns an array with the filemounts for the user. Each filemount is represented with an array of a "name", "path" and "type". If no filemounts an empty array is returned.
| t3lib_userAuthGroup::returnWebmounts | ( | ) | [inherited] |
Returns an array with the webmounts. If no webmounts, and empty array is returned. NOTICE: Deleted pages WILL NOT be filtered out! So if a mounted page has been deleted it is STILL coming out as a webmount. This is not checked due to performance.
| t3lib_userAuth::setAndSaveSessionData | ( | $ | key, | |
| $ | data | |||
| ) | [inherited] |
Sets the session data ($data) for $key and writes all session data (from ->user['ses_data']) to the database. The data will last only for this login session since it is stored in the session table.
| string | Pointer to an associative key in the session data array which is stored serialized in the field "ses_data" of the session table. | |
| mixed | The variable to store in index $key |
| t3lib_userAuth::setBeUserByName | ( | $ | name | ) | [inherited] |
Raw initialization of the be_user with username=$name
| string | The username to look up. |
| t3lib_userAuth::setBeUserByUid | ( | $ | uid | ) | [inherited] |
Raw initialization of the be_user with uid=$uid This will circumvent all login procedures and select a be_users record from the database and set the content of ->user to the record selected. Thus the BE_USER object will appear like if a user was authenticated - however without a session id and the fields from the session table of course. Will check the users for disabled, start/endtime, etc. ($this->user_where_clause())
| integer | The UID of the backend user to set in ->user |
| t3lib_userAuthGroup::setCachedList | ( | $ | cList | ) | [inherited] |
Updates the field be_users.usergroup_cached_list if the groupList of the user has changed/is different from the current list. The field "usergroup_cached_list" contains the list of groups which the user is a member of. After authentication (where these functions are called...) one can depend on this list being a representation of the exact groups/subgroups which the BE_USER has membership with.
| string | The newly compiled group-list which must be compared with the current list in the user record and possibly stored if a difference is detected. |
| t3lib_userAuthGroup::setWorkspace | ( | $ | workspaceId | ) | [inherited] |
Setting workspace ID
| integer | ID of workspace to set for backend user. If not valid the default workspace for BE user is found and set. |
| t3lib_userAuthGroup::setWorkspacePreview | ( | $ | previewState | ) | [inherited] |
Setting workspace preview state for user:
| boolean | State of user preview. |
| t3lib_userAuthGroup::simplelog | ( | $ | message, | |
| $ | extKey = '', |
|||
| $ | error = 0 | |||
| ) | [inherited] |
Simple logging function
| string | Log message | |
| string | Option extension key / module name | |
| integer | Error level. 0 = message, 1 = error (user problem), 2 = System Error (which should not happen), 3 = security notice (admin) |
| t3lib_userAuth::start | ( | ) | [inherited] |
Starts a user session Typical configurations will: a) check if session cookie was set and if not, set one, b) check if a password/username was sent and if so, try to authenticate the user c) Lookup a session attached to a user and check timeout etc. d) Garbage collection, setting of no-cache headers. If a user is authenticated the database record of the user (array) will be set in the ->user internal variable.
| t3lib_beUserAuth::trackBeUser | ( | $ | flag | ) |
If flag is set and the extensions 'beuser_tracking' is loaded, this will insert a table row with the REQUEST_URI of current script - thus tracking the scripts the backend users uses... This function works ONLY with the "beuser_tracking" extension and is deprecated since it does nothing useful.
| boolean | Activate insertion of the URL. |
| t3lib_userAuth::unpack_uc | ( | $ | theUC = '' |
) | [inherited] |
Sets $theUC as the internal variable ->uc IF $theUC is an array. If $theUC is false, the 'uc' content from the ->user array will be unserialized and restored in ->uc
| mixed | If an array, then set as ->uc, otherwise load from user record |
| t3lib_userAuth::user_where_clause | ( | ) | [inherited] |
This returns the where-clause needed to select the user with respect flags like deleted, hidden, starttime, endtime
| t3lib_beUserAuth::veriCode | ( | ) |
VeriCode returns 10 first chars of a md5 hash of the session cookie AND the encryptionKey from TYPO3_CONF_VARS. This code is used as an alternative verification when the JavaScript interface executes cmd's to tce_db.php from eg. MSIE 5.0 because the proper referer is not passed with this browser...
| t3lib_userAuthGroup::workspaceAllowAutoCreation | ( | $ | table, | |
| $ | id, | |||
| $ | recpid | |||
| ) | [inherited] |
Evaluates if auto creation of a version of a record is allowed.
| string | Table of the record | |
| integer | UID of record | |
| integer | PID of record |
| t3lib_userAuthGroup::workspaceAllowLiveRecordsInPID | ( | $ | pid, | |
| $ | table | |||
| ) | [inherited] |
Check if "live" records from $table may be created or edited in this PID. If the answer is FALSE it means the only valid way to create or edit records in the PID is by versioning If the answer is 1 or 2 it means it is OK to create a record, if -1 it means that it is OK in terms of versioning because the element was within a versionized branch but NOT ok in terms of the state the root point had!
| integer | PID value to check for. | |
| string | Table name |
| t3lib_userAuthGroup::workspaceCannotEditOfflineVersion | ( | $ | table, | |
| $ | recData | |||
| ) | [inherited] |
Evaluates if a user is allowed to edit the offline version
| string | Table of record | |
| array | Integer (record uid) or array where fields are at least: pid, t3ver_wsid, t3ver_stage (if versioningWS is set) |
| t3lib_userAuthGroup::workspaceCannotEditRecord | ( | $ | table, | |
| $ | recData | |||
| ) | [inherited] |
Checking if editing of an existing record is allowed in current workspace if that is offline. Rules for editing in offline mode:
| string | Table of record | |
| array | Integer (record uid) or array where fields are at least: pid, t3ver_wsid, t3ver_stage (if versioningWS is set) |
| t3lib_userAuthGroup::workspaceCheckStageForCurrent | ( | $ | stage | ) | [inherited] |
Checks if an element stage allows access for the user in the current workspace In workspaces 0 (Live) and -1 (Default draft) access is always granted for any stage. Admins are always allowed. An option for custom workspaces allows members to also edit when the stage is "Review"
| integer | Stage id from an element: -1,0 = editing, 1 = reviewer, >1 = owner |
| t3lib_userAuthGroup::workspaceCreateNewRecord | ( | $ | pid, | |
| $ | table | |||
| ) | [inherited] |
Evaluates if a record from $table can be created in $pid
| integer | Page id. This value must be the _ORIG_uid if available: So when you have pages versionized as "page" or "element" you must supply the id of the page version in the workspace! | |
| string | Table name |
| t3lib_userAuthGroup::workspaceInit | ( | ) | [inherited] |
Initializing workspace. Called from within this function, see fetchGroupData()
| t3lib_userAuthGroup::workspacePublishAccess | ( | $ | wsid | ) | [inherited] |
Returns TRUE if the user has access to publish content from the workspace ID given. Admin-users are always granted access to do this If the workspace ID is 0 (live) all users have access also If -1 (draft workspace) TRUE is returned if the user has access to the Live workspace For custom workspaces it depends on whether the user is owner OR like with draft workspace if the user has access to Live workspace.
| integer | Workspace UID; -1,0,1+ |
| t3lib_userAuthGroup::workspaceSwapAccess | ( | ) | [inherited] |
Workspace swap-mode access?
| t3lib_userAuthGroup::workspaceVersioningTypeAccess | ( | $ | type | ) | [inherited] |
Workspace Versioning type access?
| integer | Versioning type to evaluation: -1, 0, >1 |
| t3lib_userAuthGroup::workspaceVersioningTypeGetClosest | ( | $ | type | ) | [inherited] |
Finding "closest" versioning type, used for creation of new records.
| integer | Versioning type to evaluation: -1, 0, >1 |
| t3lib_userAuth::writelog | ( | $ | type, | |
| $ | action, | |||
| $ | error, | |||
| $ | details_nr, | |||
| $ | details, | |||
| $ | data, | |||
| $ | tablename, | |||
| $ | recuid, | |||
| $ | recpid | |||
| ) | [inherited] |
DUMMY: Writes to log database table (in some extension classes)
| integer | $type: denotes which module that has submitted the entry. This is the current list: 1=tce_db; 2=tce_file; 3=system (eg. sys_history save); 4=modules; 254=Personal settings changed; 255=login / out action: 1=login, 2=logout, 3=failed login (+ errorcode 3), 4=failure_warning_email sent | |
| integer |
type. Also used to trigger update of the interface. (see the log-module for the meaning of each number !!)
| integer | $error: flag. 0 = message, 1 = error (user problem), 2 = System Error (which should not happen), 3 = security notice (admin) | |
| integer |
type and $action. in the future this will make it possible to translate errormessages to other languages
| string | $details: Default text that follows the message | |
| array | $data: Data that follows the log. Might be used to carry special information. If an array the first 5 entries (0-4) will be sprintf'ed the details-text... | |
| string |
tablename, $recuid, $recpid) holds the reference to the record which the log-entry is about. (Was used in attic status.php to update the interface.)
| integer |
tablename, $recuid, $recpid) holds the reference to the record which the log-entry is about. (Was used in attic status.php to update the interface.)
| integer |
tablename, $recuid, $recpid) holds the reference to the record which the log-entry is about. (Was used in attic status.php to update the interface.)
| t3lib_userAuthGroup::writelog | ( | $ | type, | |
| $ | action, | |||
| $ | error, | |||
| $ | details_nr, | |||
| $ | details, | |||
| $ | data, | |||
| $ | tablename = '', |
|||
| $ | recuid = '', |
|||
| $ | recpid = '', |
|||
| $ | event_pid = -1, |
|||
| $ | NEWid = '', |
|||
| $ | userId = 0 | |||
| ) | [inherited] |
Writes an entry in the logfile/table Documentation in "TYPO3 Core API"
| integer | Denotes which module that has submitted the entry. See "TYPO3 Core API". Use "4" for extensions. | |
| integer | Denotes which specific operation that wrote the entry. Use "0" when no sub-categorizing applies | |
| integer | Flag. 0 = message, 1 = error (user problem), 2 = System Error (which should not happen), 3 = security notice (admin) | |
| integer | The message number. Specific for each $type and $action. This will make it possible to translate errormessages to other languages | |
| string | Default text that follows the message (in english!). Possibly translated by identification through type/action/details_nr | |
| array | Data that follows the log. Might be used to carry special information. If an array the first 5 entries (0-4) will be sprintf'ed with the details-text | |
| string | Table name. Special field used by tce_main.php. | |
| integer | Record UID. Special field used by tce_main.php. | |
| integer | Record PID. Special field used by tce_main.php. OBSOLETE | |
| integer | The page_uid (pid) where the event occurred. Used to select log-content for specific pages. | |
| string | Special field used by tce_main.php. NEWid string of newly created records. | |
| integer | Alternative Backend User ID (used for logging login actions where this is not yet known). |
| t3lib_userAuth::writeUC | ( | $ | variable = '' |
) | [inherited] |
This writes $variable to the user-record. This is a way of providing session-data. You can fetch the data again through $this->uc in this class! If $variable is not an array, $this->uc is saved!
| array | An array you want to store for the user as session data. If $variable is not supplied (is blank string), the internal variable, ->uc, is stored by default |
t3lib_userAuthGroup::$dataLists [inherited] |
array(
'webmount_list'=>'',
'filemount_list'=>'',
'modList'=>'',
'tables_select'=>'',
'tables_modify'=>'',
'pagetypes_select'=>'',
'non_exclude_fields'=>'',
'explicit_allowdeny'=>'',
'allowed_languages' => '',
'workspace_perms' => '',
'custom_options' => '',
)
| t3lib_beUserAuth::$enablecolumns |
Array (
'rootLevel' => 1,
'deleted' => 'deleted',
'disabled' => 'disable',
'starttime' => 'starttime',
'endtime' => 'endtime'
)
Erneute Implementation von t3lib_userAuth.
t3lib_userAuthGroup::$groupData [inherited] |
Array(
'filemounts' => Array()
)
| t3lib_beUserAuth::$uc_default |
Array (
'interfaceSetup' => '',
'moduleData' => Array(),
'thumbnailsByDefault' => 0,
'emailMeAtLogin' => 0,
'condensedMode' => 0,
'noMenuMode' => 0,
'startModule' => 'help_aboutmodules',
'hideSubmoduleIcons' => 0,
'helpText' => 1,
'titleLen' => 30,
'edit_wideDocument' => '0',
'edit_showFieldHelp' => 'icon',
'edit_RTE' => '1',
'edit_docModuleUpload' => '1',
'disableCMlayers' => 0,
'navFrameWidth' => '',
'navFrameResizable' => 0,
)
1.6.1