Extension Development

Extension Development at Marketing Factory Consulting GmbH

The development of extensions is another service we provide alongside our concept development, consulting and individual programming work, which you can find under "Services".

Below are just a few examples:

oauth2 – Generic OAuth2 authentication and authorization for TYPO3 CMS

With the new oauth2 extension, Marketing Factory created an innovative way to enable cross-system user management. By installing oauth2, times of passwort rotations for customers and employees are finally over.

User and user right management can be pretty challenging when working with TYPO3. Most customers have a variety of different employee groups with individual needs in terms of backend user rights. Additionally, our developers need administrative rights to be able to configure extensions, analyse errors or – on a base level – to simply maintain the installation. If multiple development systems are needed in addition to that – user and user right management can easily become quite tricky. 

On the occasion of the TYPO3 Developer Days 2018, our TYPO3 developers Christian Spoo, Simon Schmidt and Christian Hellmund decided to create a generic OAuth 2.0 connection to the TYPO3 backend. They primarily integrated GitLab – to fit our own everyday needs. However, the extension can easily be connected to any OAuth 2.0 compatible services.

After installing and configuring the extension, backend users will see an additional "log in with GitLab" button underneath the well-known username + password combo slots. Clicking that button directly leads the users to the GitLab log in screen. Once logged in, the user gets automatically redirected into the TYPO3 backend. Note: This "double log in process" is only required once daily / once per running GitLab session. 

The extension has been published and is available here

mfc_dataprotection – A simple opt-out solution for Google and Facebook

Thanks to the new General Data Protection Regulation (GDPR) which entered into force as from 25. March 2018, website owners had to put some extra thoughts into how to provide their users with an easy opt-out solution for Google Analytics and Facebook. The Google Tag Manager provides a JavaScript based opt-out solution, which we already discussed in a former blogpost.

mfc_dataprotection delivers ready-to-go text snippets for a GDPR conform opt-out text. Those text snippets can be easily customized with TypoScript and can also be processed by the GTM. 

typo3_prometheus – Global monitoring made easy

A productive system blackout that's not being treated immediatly can – besides the obvious non-accessibility of the service – create immense economic damages. 

That's just one of the reasons, why a global monitoring system is basically inevitable: By continously examining and analysing website data, website owners not only have the possibility to get a closer look into their systems, but are also able to forecast possible shortages and problems as well as analyse former problems and their catalysts. Moreover, monitoring systems should provide the option to easily compare data and metrics from different sources. 

We created a direct integration of prometheus.io to TYPO3 with our extension typo3_prometheus. With the help of this extension, TYPO3 installation metrics can be directly exported into a prometheus-based monitoring system. By analysing your TYPO3's database data as well as meta-data, you'll get a closer look into the processes in your TYPO3 installation. 

Additionally, you will receive a step-by-step guide for setting up a simple prometheus monitoring solution as well as a guide for the integration into your TYPO3 backend. 

typo3_prometheus is currently compatible with all versions upwards from v7. 

mfc_belogin_captcha – Captcha to prevent hacker attacks on TYPO3

Attacks on TYPO3 systems occur from time to time, albeit infrequently. The hackers use automated systems – known as bots – to carry out these attacks, which use different password combinations to attempt to access the systems. The aim of these attacks is to obtain sensitive company or customer information.

Although the TYPO3 community is constantly working to improve the security of TYPO3 and there are already many solutions to recognise these attacks, no solution has yet been found to generally prevent these attacks.

mfc_belogin_captcha is an extension created by Marketing Factory, which prevents the hacking of passwords by automated systems as soon as this has occurred.

After a certain number of failed logins, a CAPTCHA is displayed, which must be completed in addition to the correct access data. As is known, automated systems cannot complete a captcha and so further attacks are prevented by the appearance of this captcha alone. However, the extension ensures that the content managers of a system can still log in to the backend even after five failed logins due to typing errors.

The extension mfc_belogin_captcha generates the captchas using the new Google reCAPTCHA. As the bots are being programmed to become increasingly intelligent, the known combinations of numbers or letters are often no longer adequate to verify a "human user". Instead, reCAPTCHA uses images of numbers, image sequences or simple tick boxes to differentiate humans from bots. The latter cannot (or at least cannot yet) solve these. Apart from improving the security of TYPO3 systems and offering protection against hacker attacks, the extension also provides the major advantage that TYPO3 backends can continue to be used unrestrictedly even during an ongoing attack.

Marketing Factory is making the extension available to the entire TYPO3 community. The extension has been available to download since September 2013.

mfc_beuser_iprange – Restriction of access to TYPO3 systems

Attacks on TYPO3 systems occur from time to time, albeit rather infrequently. Marketing Factory has developed the extension mfc_beuers_iprange to prevent unauthorised viewing of sensitive company and client data. The development of this extension represents a major step forward in countering the viewing and forwarding of this kind of data.

The principle of the extension is simple:
access to a TYPO3 system is based on one of more specific networks and anyone who tries to access it from outside these networks will fail.

The use of TYPO3 installations is restricted by mfc_beuser_iprange to a specific network environment. Any access from an IP address outside the defined network is prevented. Sensitive data cannot therefore be viewed and possibly forwarded by unauthorised hackers or employees.

The extension was published by Marketing Factory and is available to the entire TYPO3 community. The extension is compatible with all TYPO3 versions including the latest 8 LTS version.

Language packages for static_info_tables – Central collation of country-specific data

The extension static_info_tables is used for the simplified transfer and central storage of country-specific data. This collection contains information, such as:

  • Countries
  • Federal states
  • Languages
  • Currencies
  • Territories

With static_info_tables, all this information can be collected simply and centrally in the respective official descriptions. The extension is already available country-specifically for Germany, France, Spain, Italy, Poland, Denmark, Portugal, Romania, the Czech Republic, China as well as a default version in English.

The extension static_info_tables is compatible with all TYPO3 installations including 7 LTS. Marketing Factory has published the following language packs as an extension to the entire TYPO3 community:

mfc_picturecredits – Specification of image sources made easy

Marketing Factory has significantly simplified the insertion of source references to images with the extension mfc_picturecredits

The extension includes a backend formula in which conveniently all relevant image data, such as license rights, name of photographer, year of creation etc., can be entered for the corresponding image. The extension is essentially a plug-in for the output of the backend formula at the frontend.

The extension mfc_picturecredits has not yet been published but will be made available in the near future. The extension is compatible with all TYPO3 installations including the new 7 LTS version.