Feature #21918 » 0013164.patch
t3lib/config_default.php (Arbeitskopie) | ||
---|---|---|
'enabledBeUserIPLock' => TRUE, // Boolean. If set, the User/Group TSconfig option 'option.lockToIP' is enabled.
|
||
'loginSecurityLevel' => '', // String. Keywords that determines the security level of login to the backend. "normal" means the password from the login form is sent in clear-text, "challenged" means the password is not sent but hashed with some other values, "superchallenged" (default) means the password is first hashed before being hashed with the challenge values again (means the password is stored as a hashed string in the database also), "rsa" uses RSA password encryption (only if the rsaauth extension is installed). DO NOT CHANGE this value manually; without an alternative authentication service it will only prevent logins in TYPO3 since the "superchallenged" method is hardcoded in the default authentication system.
|
||
'showRefreshLoginPopup' => FALSE, // Boolean. If set, the Ajax relogin will show a real popup window for relogin after the count down. Some auth services need this as they add custom validation to the login form. If it's not set, the Ajax relogin will show an inline relogin window.
|
||
'adminOnly' => 0, // Integer. If set (>=1), the only "admin" users can log in to the backend. If "<=-1" then the backend is totally shut down! For maintenance purposes.
|
||
'adminOnly' => 0, // Integer. -1,0,1,2: If it's a positive integer, only admin users can log into the backend - if it equals "2", regular backend users are allowed in CLI mode executing cron jobs. If it's a negative value, the backend and install tool are totally shut down for maintenance purposes.
|
||
'disable_exec_function' => FALSE, // Boolean. Don't use exec() function (except for ImageMagick which is disabled by [GFX][im]=0). If set, all fileoperations are done by the default PHP-functions. This is nescessary under Windows! On Unix the system commands by exec() can be used, unless this is disabled.
|
||
'usePHPFileFunctions' => TRUE, // Boolean. If set, all fileoperations are done by the default PHP-functions. Default on Unix is using the system commands by exec(). You need to set this flag under safe_mode.
|
||
'compressionLevel' => 0, // Determines output compression of BE output. Makes output smaller but slows down the page generation depending on the compression level. Requires zlib in your PHP installation. Range 1-9, where 1 is least compression and 9 is greatest compression. 'true' as value will set the compression based on the PHP default settings (usually 5). Suggested and most optimal value is 5.
|
t3lib/class.t3lib_beuserauth.php (Arbeitskopie) | ||
---|---|---|
} else { // ...and if that's the case, call these functions
|
||
$this->fetchGroupData(); // The groups are fetched and ready for permission checking in this initialization. Tables.php must be read before this because stuff like the modules has impact in this
|
||
if ($this->checkLockToIP()) {
|
||
if (!$GLOBALS['TYPO3_CONF_VARS']['BE']['adminOnly'] || $this->isAdmin()) {
|
||
if ($this->isBackendUserAllowed()) {
|
||
$this->backendSetUC(); // Setting the UC array. It's needed with fetchGroupData first, due to default/overriding of values.
|
||
$this->emailAtLogin(); // email at login - if option set.
|
||
} else {
|
||
... | ... | |
}
|
||
return $dbres;
|
||
}
|
||
/**
|
||
* Determines whether a backend user is allowed to access the backend.
|
||
*
|
||
* The conditions are:
|
||
* + backend user is a regular user and adminOnly is not defined
|
||
* + backend user is an admin user
|
||
* + backend user is used in CLI context and adminOnly is explicitely set to "2"
|
||
*
|
||
* @return boolean Whether a backend user is allowed to access the backend
|
||
*/
|
||
protected function isBackendUserAllowed() {
|
||
$isBackendUserAllowed = false;
|
||
$adminOnlyMode = $GLOBALS['TYPO3_CONF_VARS']['BE']['adminOnly'];
|
||
// Backend user is allowed if adminOnly is not set or user is an admin:
|
||
if (!$adminOnlyMode || $this->isAdmin()) {
|
||
$isBackendUserAllowed = true;
|
||
// Backend user is allowed if adminOnly is set to 2 (CLI) and a CLI process is running:
|
||
} elseif ($adminOnlyMode == 2 && defined('TYPO3_cliMode') && TYPO3_cliMode) {
|
||
$isBackendUserAllowed = true;
|
||
}
|
||
return $isBackendUserAllowed;
|
||
}
|
||
}
|
||
t3lib/class.t3lib_tsfebeuserauth.php (Arbeitskopie) | ||
---|---|---|
}
|
||
// Finally a check from t3lib_beuserauth::backendCheckLogin()
|
||
if (!$TYPO3_CONF_VARS['BE']['adminOnly'] || $this->isAdmin()) {
|
||
if ($this->isBackendUserAllowed()) {
|
||
return true;
|
||
} else {
|
||
return false;
|