Project

General

Profile

Bug #25098 ยป 17665.diff

Administrator Admin, 2011-02-22 23:18

View differences:

t3lib/class.t3lib_beuserauth.php (working copy)
var $writeStdLog = 1; // Decides if the writelog() function is called at login and logout
var $writeAttemptLog = 1; // If the writelog() functions is called if a login-attempt has be tried without success
var $auth_include = ''; // this is the name of the include-file containing the login form. If not set, login CAN be anonymous. If set login IS needed.
var $auth_timeout_field = 6000; // if > 0 : session-timeout in seconds. if false/<0 : no timeout. if string: The string is fieldname from the usertable where the timeout can be found.
var $lifetime = 0; // 0 = Session-cookies. If session-cookies, the browser will stop session when the browser is closed. Else it keeps the session for $lifetime seconds.
var $challengeStoredInCookie = TRUE;
t3lib/class.t3lib_tsfebeuserauth.php (working copy)
public $writeAttemptLog = FALSE;
/**
* This is the name of the include-file containing the login form. If not set, login CAN be anonymous. If set login IS needed.
*
* @var string
*/
public $auth_include = '';
/**
* Array of page related information (uid, title, depth).
*
* @var array
t3lib/class.t3lib_userauth.php (working copy)
var $formfield_status = ''; // formfield with status: *'login', 'logout'. If empty login is not verified.
var $security_level = 'normal'; // sets the level of security. *'normal' = clear-text. 'challenged' = hashed password/username from form in $formfield_uident. 'superchallenged' = hashed password hashed again with username.
var $auth_include = ''; // this is the name of the include-file containing the login form. If not set, login CAN be anonymous. If set login IS needed.
var $auth_timeout_field = 0; // Server session lifetime. If > 0: session-timeout in seconds. If false or <0: no timeout. If string: The string is a fieldname from the usertable where the timeout can be found.
var $lifetime = 0; // Client session lifetime. 0 = Session-cookies. If session-cookies, the browser will stop the session when the browser is closed. Otherwise this specifies the lifetime of a cookie that keeps the session.
var $gc_time = 0; // GarbageCollection. Purge all server session data older than $gc_time seconds. 0 = default to $this->timeout or use 86400 seconds (1 day) if $this->lifetime is 0
......
}
}
// If any redirection (inclusion of file) then it will happen in this function
if (!$this->userid && $this->auth_url) { // if no userid AND an include-document for login is given
$this->redirect();
}
// Set all posible headers that could ensure that the script is not cached on the client-side
if ($this->sendNoCacheHeaders) {
header('Expires: 0');
......
}
/**
* Redirect to somewhere (obsolete).
*
* @return void
* @deprecated since TYPO3 3.6, this function will be removed in TYPO3 4.6.
* @obsolete
* @ignore
*/
function redirect() {
t3lib_div::logDeprecatedFunction();
include ($this->auth_include);
exit;
}
/**
* DUMMY: Writes to log database table (in some extension classes)
*
* @param integer $type: denotes which module that has submitted the entry. This is the current list: 1=tce_db; 2=tce_file; 3=system (eg. sys_history save); 4=modules; 254=Personal settings changed; 255=login / out action: 1=login, 2=logout, 3=failed login (+ errorcode 3), 4=failure_warning_email sent
typo3/sysext/cms/tslib/class.tslib_feuserauth.php (working copy)
var $formfield_permanent = 'permalogin'; // formfield with 0 or 1 // 1 = permanent login enabled // 0 = session is valid for a browser session only
var $security_level = ''; // sets the level of security. *'normal' = clear-text. 'challenged' = hashed password/username from form in $formfield_uident. 'superchallenged' = hashed password hashed again with username.
var $auth_include = ''; // this is the name of the include-file containing the login form. If not set, login CAN be anonymous. If set login IS needed.
var $auth_timeout_field = 6000; // Server session lifetime. If > 0: session-timeout in seconds. If false or <0: no timeout. If string: The string is a fieldname from the usertable where the timeout can be found.
var $lifetime = 0; // Client session lifetime. 0 = Session-cookies. If session-cookies, the browser will stop the session when the browser is closed. Otherwise this specifies the lifetime of a cookie that keeps the session.
    (1-1/1)