Bug #21148 » 12072.diff
t3lib/config_default.php (working copy) | ||
---|---|---|
'loginSecurityLevel' => '', // See description for TYPO3_CONF_VARS[BE][loginSecurityLevel]. Default state for frontend is "normal". Alternative authentication services can implement higher levels if preferred. For example, "rsa" level uses RSA password encryption (only if the rsaauth extension is installed)
|
||
'lifetime' => 0, // Integer, positive. If >0, the cookie of FE users will have a lifetime of the number of seconds this value indicates. Otherwise it will be a session cookie (deleted when browser is shut down). Setting this value to 604800 will result in automatic login of FE users during a whole week, 86400 will keep the FE users logged in for a day.
|
||
'sessionDataLifetime' => 86400, // Integer, positive. If >0, the session data will timeout and be removed after the number of seconds given (86400 seconds represents 24 hours).
|
||
'permalogin' => 2, // Integer. -1: Permanent login for FE users disabled. 0: By default permalogin is disabled for FE users but can be enabled by a form control in the login form. 1: Permanent login is by default enabled but can be disabled by a form control in the login form. // 2: Permanent login is forced to be enabled. // In any case, permanent login is only possible if TYPO3_CONF_VARS[FE][lifetime] lifetime is > 0.
|
||
'permalogin' => 2, // Integer. -1: Permanent login for FE users disabled. 0: By default permalogin is disabled for FE users but can be enabled by a form control in the login form. 1: Permanent login may either be globally enabled or enabled by a form control in the login form. // 2: Permanent login is forced to be enabled. // In any case, permanent login is only possible if TYPO3_CONF_VARS[FE][lifetime] lifetime is > 0.
|
||
'maxSessionDataSize' => 10000, // Integer. Setting the maximum size (bytes) of frontend session data stored in the table fe_session_data. Set to zero (0) means no limit, but this is not recommended since it also disables a check that session data is stored only if a confirmed cookie is set.
|
||
'lockHashKeyWords' => 'useragent', // Keyword list (Strings commaseparated). Currently only "useragent"; If set, then the FE user session is locked to the value of HTTP_USER_AGENT. This lowers the risk of session hi-jacking. However some cases (like payment gateways) might have to use the session cookie and in this case you will have to disable that feature (eg. with a blank string).
|
||
'defaultUserTSconfig' => '', // String (textarea). Enter lines of default frontend user/group TSconfig.
|
typo3/sysext/felogin/pi1/class.tx_felogin_pi1.php (working copy) | ||
---|---|---|
$markerArray['###ACTION_URI###'] = htmlspecialchars($this->redirectUrl);
|
||
$this->redirectUrl = '';
|
||
}
|
||
if (($this->conf['showPermaLogin']) && ($GLOBALS['TYPO3_CONF_VARS']['FE']['permalogin'] == 0 || $GLOBALS['TYPO3_CONF_VARS']['FE']['permalogin'] == 1) && $GLOBALS['TYPO3_CONF_VARS']['FE']['lifetime'] > 0) {
|
||
// Permanent Login is only possible if lifetime is > 0
|
||
// -1: Permanent login for FE users disabled
|
||
$enablePermanentLogin = $GLOBALS['TYPO3_CONF_VARS']['FE']['permalogin'] != -1 && $GLOBALS['TYPO3_CONF_VARS']['FE']['lifetime'] > 0;
|
||
// 0: By default permalogin is disabled for FE users but can be enabled by a form control in the login form
|
||
if ($GLOBALS['TYPO3_CONF_VARS']['FE']['permalogin'] == 0) {
|
||
$enablePermanentLogin &= $this->flexFormValue('showPermaLogin', 'sDEF');
|
||
}
|
||
// 1: Permanent login may either be enabled globally or by a form control in the login form
|
||
if ($GLOBALS['TYPO3_CONF_VARS']['FE']['permalogin'] == 1) {
|
||
$enablePermanentLogin &= $this->conf['showPermaLogin'];
|
||
}
|
||
// 2: Permanent login is forced to be enabled: Nothing to do
|
||
if ($enablePermanentLogin) {
|
||
$markerArray['###PERMALOGIN###'] = $this->pi_getLL('permalogin', '', 1);
|
||
if($GLOBALS['TYPO3_CONF_VARS']['FE']['permalogin'] == 1) {
|
||
$markerArray['###PERMALOGIN_HIDDENFIELD_ATTRIBUTES###'] = 'disabled="disabled"';
|