typo3 :: feadmin_user :: Front End Administration Interface

In case you didn’t know I would like to tell you that there is a very simple and convenient way of administrating users via front end. It is a very old extension (2002 by Kasper himself) called feadmin_user. It doesn’t have a manual attached to its repository upload… That’s way I would like to publish a little tutorial about it here.

The typo3 extension feadmin_user in reality isn’t so much of an extension, because the only thing it does is providing a template for a Core library called fe_adminLib.inc and located most uncomfortably in /var/www/typo3_src-4.3.1/typo3/sysext/cms/tslib/media/scripts

Now, we want to configure a nice little administration area for admins only. We want to be able to do the following tasks:
– create new user
– edit users created by a frontend user group “admin”
– delete users

This is quite easy.

1. create pages for the two task “create new user” and “edit&delete users” and set “access” only to your “admin” frontend user group
2. import the extension feadmin_user (by ext manager)
3. include the plugin on the respective pages you just created
4. copy the template from the extension folder pi to a location in fileadmin of your choice. Later you will find it suitable to modify some of it.
5. use the following typoscript to make it run:


#change path to location of your template file, yes, the one you copied from the extension
plugin.feadmin.fe_users.templateFile = fileadmin/vidaverde/fe_admin_fe_users.tmpl

# we want to be able to create new users even though we're already logged in with a front end user
plugin.feadmin.fe_users.create.noSpecialLoginForm = 1
# pid of your fe user sysfolder
plugin.feadmin.fe_users.pid = 88

# this is the ID of a front end user group for the users you would like to be able to administer
plugin.feadmin.fe_users.create.usergroupOverride = 1
plugin.feadmin.fe_users.create.evalValues.usergroup = 1
plugin.feadmin.fe_users.create.overrideValues.usergroup = 1
plugin.feadmin.fe_users.edit.evalValues.usergroup = unsetEmpty

# these are settings to be able to edit the users you created
plugin.feadmin.fe_users.fe_userEditSelf = 0
#fe groups for customers (1) and admin (2) (just an example, you have to adapt these to your own)
plugin.feadmin.fe_users.allowedGroups = 1,2
plugin.feadmin.fe_users.fe_userOwnSelf = 0

OK now you are able to create users on your web page view and edit/delete.

But what if you have different frontend admins? The only users they will be able to see and edit are the ones they created themselves. The users created by other front end admins won’t be accessible for deleting or editing.

This is where the little scripts limits are to be pushed a bit. We actually have to do some dirty work in the script itself. But just a little.

comment out the following line (line 1032) (comment out with //)
// res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('*', $this->theTable, '1 '.$lockPid.$this->cObj->DBmayFEUserEditSelect($this->theTable,$GLOBALS['TSFE']->fe_user->user, $this->conf['allowedGroups'],$this->conf['fe_userEditSelf']).$GLOBALS['TSFE']->sys_page->deleteClause($this->theTable));

copy it to one line further down (line 1033) and remove some stuff that you don’t want. It should look like that more or less:

$res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('*', $this->theTable, '1 '.$lockPid.$GLOBALS['TSFE']->sys_page->deleteClause($this->theTable).' AND cruser_id = 0');

That fixes the script and everybody (!!) is now able to edit/delete front end users. That’s why you have to protect ALL pages with the feadmin_user plugin on it from unauthorized access.

This script is only used by feadmin_user so we’re at no risk modifying it. Remember, this script is a typo3 dinosaur. Whenever you update the source (yes, we’ve modified the typo3 source) you would have to update the script again.

NOTE:Maybe it is possible to change the location of the script and remove it from the source and adjust the path in the object browser settings for the extension.

PS: The only way to make the plugin change from plugin.feadmin.fe_users.defaultCmd
is by my experience to add an extension template to the concerning page itself and change the value of that setting:

#typoscript extension template (setup) for edit page:
plugin.feadmin.fe_users.defaultCmd = edit
#typoscript extension template (setup) for create page:
plugin.feadmin.fe_users.defaultCmd = create

NOTE: In order to add other fields to the forms (ie. first_name, last_name from the table fe_users) you have to edit

NOTE: md5 settings for fe_userregister blabla

Sources:
http://www.typo3forum.net/forum/typo3-4-x-fe-user/35006-feuser_admin-felogin-problem-md5-verschl-sselung.html
http://www.typo3.net/forum/list/list_post//58854/?page=1#pid224037
http://phpxref.com/xref/typo3/typo3/sysext/cms/tslib/class.tslib_content.php.html#dbmayfeusereditselect
http://www.typo3.net/tsref/plugins/fe_adminlib/
http://www.typo3forum.net/forum/alle-anderen-extensions/16303-feuser_admin.html
http://tuga.at/index.php?id=602&tx_maillisttofaq_pi1[sort]=all_latest%3A1&tx_maillisttofaq_pi1[mode]=1&tx_maillisttofaq_pi1[pointer]=1&tx_maillisttofaq_pi1[showUid]=9627