Bug #19875 » 10212.diff
typo3/sysext/install/mod/class.tx_install_eid.php (revision 0) | ||
---|---|---|
<?php
|
||
/***************************************************************
|
||
* Copyright notice
|
||
*
|
||
* (c) 2009 Marcus Krause, Helmut Hummel (security@typo3.org)
|
||
* All rights reserved
|
||
*
|
||
* This script is part of the TYPO3 project. The TYPO3 project is
|
||
* free software; you can redistribute it and/or modify
|
||
* it under the terms of the GNU General Public License as published by
|
||
* the Free Software Foundation; either version 2 of the License, or
|
||
* (at your option) any later version.
|
||
*
|
||
* The GNU General Public License can be found at
|
||
* http://www.gnu.org/copyleft/gpl.html.
|
||
* A copy is found in the textfile GPL.txt and important notices to the license
|
||
* from the author is found in LICENSE.txt distributed with these scripts.
|
||
*
|
||
*
|
||
* This script is distributed in the hope that it will be useful,
|
||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||
* GNU General Public License for more details.
|
||
*
|
||
* This copyright notice MUST APPEAR in all copies of the script!
|
||
***************************************************************/
|
||
// *******************************
|
||
// Set error reporting
|
||
// *******************************
|
||
error_reporting (E_ALL ^ E_NOTICE);
|
||
// ***********************
|
||
// Paths are setup
|
||
// ***********************
|
||
define('TYPO3_OS', stristr(PHP_OS,'win')&&!stristr(PHP_OS,'darwin')?'WIN':'');
|
||
define('TYPO3_MODE','FE');
|
||
if (!defined('PATH_thisScript')) define('PATH_thisScript',str_replace('//','/', str_replace('\\','/', (php_sapi_name()=='cgi'||php_sapi_name()=='isapi' ||php_sapi_name()=='cgi-fcgi')&&($_SERVER['ORIG_PATH_TRANSLATED']?$_SERVER['ORIG_PATH_TRANSLATED']:$_SERVER['PATH_TRANSLATED'])? ($_SERVER['ORIG_PATH_TRANSLATED']?$_SERVER['ORIG_PATH_TRANSLATED']:$_SERVER['PATH_TRANSLATED']):($_SERVER['ORIG_SCRIPT_FILENAME']?$_SERVER['ORIG_SCRIPT_FILENAME']:$_SERVER['SCRIPT_FILENAME']))));
|
||
if (!defined('PATH_site')) define('PATH_site', dirname(PATH_thisScript).'/');
|
||
if (!defined('PATH_t3lib')) define('PATH_t3lib', PATH_site.'t3lib/');
|
||
define('PATH_tslib', PATH_site.'tslib/');
|
||
define('PATH_typo3conf', PATH_site.'typo3conf/');
|
||
define('TYPO3_mainDir', 'typo3/'); // This is the directory of the backend administration for the sites of this TYPO3 installation.
|
||
if (!@is_dir(PATH_typo3conf)) die('Cannot find configuration. This file is probably executed from the wrong location.');
|
||
require_once(PATH_t3lib.'class.t3lib_div.php');
|
||
/**
|
||
* This is the eID handler for encryption key generation.
|
||
*
|
||
* @author Marcus Krause <security@typo3.org>
|
||
*/
|
||
class tx_install_eid {
|
||
/**
|
||
* Keeps content to be printed.
|
||
*
|
||
* @var string
|
||
*/
|
||
var $content;
|
||
/**
|
||
* Main function which creates the ecryption key for the install tools AJAX call
|
||
* It stores the key in $this->content
|
||
*
|
||
* @return void
|
||
*/
|
||
function main() {
|
||
// Create output:
|
||
$this->content = $this->createEncryptionKey();
|
||
}
|
||
/**
|
||
* Outputs the content from $this->content
|
||
*
|
||
* @return void
|
||
*/
|
||
function printContent() {
|
||
echo $this->content;
|
||
}
|
||
/**
|
||
* Returns a newly created TYPO3 encryption key with a given length.
|
||
*
|
||
* @param integer $keyLength desired key length
|
||
* @return string
|
||
*/
|
||
function createEncryptionKey($keyLength = 96) {
|
||
|
||
$bytes = t3lib_div::generateRandomBytes($keyLength);
|
||
return substr(bin2hex($bytes), -96);
|
||
}
|
||
}
|
||
// Make instance:
|
||
$SOBE = t3lib_div::makeInstance('tx_install_eid');
|
||
$SOBE->main();
|
||
$SOBE->printContent();
|
||
if (defined('TYPO3_MODE') && $TYPO3_CONF_VARS[TYPO3_MODE]['XCLASS']['typo3/sysext/install/mod/class.tx_install_eid.php']) {
|
||
include_once($TYPO3_CONF_VARS[TYPO3_MODE]['XCLASS']['typo3/sysext/install/mod/class.tx_install_eid.php']);
|
||
}
|
||
?>
|
typo3/sysext/install/mod/install.js (revision 0) | ||
---|---|---|
/***************************************************************
|
||
*
|
||
* javascript functions to get the TYPO3 encryption key by an
|
||
* AJAX call and fill the form with it.
|
||
*
|
||
* Copyright notice
|
||
*
|
||
* (c) 2009 Marcus Krause, Helmut Hummel <security@typo3.org>
|
||
* All rights reserved
|
||
*
|
||
* This script is part of the TYPO3 backend provided by
|
||
* Kasper Skaarhoj <kasper@typo3.com> together with TYPO3
|
||
*
|
||
* Released under GNU/GPL (see license file in /typo3/)
|
||
*
|
||
* This script is distributed in the hope that it will be useful,
|
||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
|
||
*
|
||
* This copyright notice MUST APPEAR in all copies of this script
|
||
*
|
||
***************************************************************/
|
||
/**
|
||
*
|
||
* @author Marcus Krause
|
||
*/
|
||
var EncryptionKey = {
|
||
thisScript: '../../index.php',
|
||
eID: 'tx_install_eid',
|
||
// loads the ecryption key by an AJAX call
|
||
load: function(obj) {
|
||
// fallback if AJAX is not possible (e.g. IE < 6)
|
||
if (typeof Ajax.getTransport() != 'object') {
|
||
window.location.href = this.thisScript + '?eID=' + this.eID;
|
||
return;
|
||
}
|
||
new Ajax.Request(this.thisScript, {
|
||
method: 'get',
|
||
parameters: '?eID=' + this.eID,
|
||
onComplete: function(xhr) {
|
||
document.getElementsByName('TYPO3_INSTALL[localconf.php][encryptionKey]').item(0).value=xhr.responseText;
|
||
}.bind(this),
|
||
});
|
||
},
|
||
};
|