‪TYPO3CMS  10.4
FrontendFormProtection.php
Go to the documentation of this file.
1 <?php
2 
3 /*
4  * This file is part of the TYPO3 CMS project.
5  *
6  * It is free software; you can redistribute it and/or modify it under
7  * the terms of the GNU General Public License, either version 2
8  * of the License, or any later version.
9  *
10  * For the full copyright and license information, please read the
11  * LICENSE.txt file that was distributed with this source code.
12  *
13  * The TYPO3 project - inspiring people to share!
14  */
15 
16 namespace ‪TYPO3\CMS\Core\FormProtection;
17 
18 use ‪TYPO3\CMS\Core\Error\Exception;
19 use ‪TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication;
20 
72 class ‪FrontendFormProtection extends ‪AbstractFormProtection
73 {
80  protected ‪$frontendUser;
81 
89  public function ‪__construct(‪FrontendUserAuthentication ‪$frontendUser, \Closure ‪$validationFailedCallback = null)
90  {
91  $this->frontendUser = ‪$frontendUser;
92  $this->validationFailedCallback = ‪$validationFailedCallback;
93  if (!$this->‪isAuthorizedFrontendSession()) {
94  throw new ‪Exception('A front-end form protection may only be instantiated if there is an active front-end session.', 1460975777);
95  }
96  }
97 
103  protected function ‪retrieveSessionToken()
104  {
105  $this->sessionToken = $this->frontendUser->getSessionData('formProtectionSessionToken');
106  if (empty($this->sessionToken)) {
107  $this->sessionToken = $this->‪generateSessionToken();
108  $this->‪persistSessionToken();
109  }
110  return ‪$this->sessionToken;
111  }
112 
119  public function ‪persistSessionToken()
120  {
121  $this->frontendUser->setAndSaveSessionData('formProtectionSessionToken', $this->sessionToken);
122  }
123 
129  protected function ‪isAuthorizedFrontendSession()
130  {
131  return !empty($this->frontendUser->user['uid']);
132  }
133 }
‪TYPO3\CMS\Core\FormProtection\AbstractFormProtection\$sessionToken
‪string $sessionToken
Definition: AbstractFormProtection.php:40
‪TYPO3\CMS\Core\FormProtection\FrontendFormProtection\isAuthorizedFrontendSession
‪bool isAuthorizedFrontendSession()
Definition: FrontendFormProtection.php:128
‪TYPO3\CMS\Core\FormProtection\AbstractFormProtection\$validationFailedCallback
‪Closure $validationFailedCallback
Definition: AbstractFormProtection.php:34
‪TYPO3\CMS\Core\FormProtection\FrontendFormProtection\persistSessionToken
‪persistSessionToken()
Definition: FrontendFormProtection.php:118
‪TYPO3\CMS\Core\FormProtection
Definition: AbstractFormProtection.php:16
‪TYPO3\CMS\Core\FormProtection\FrontendFormProtection
Definition: FrontendFormProtection.php:73
‪TYPO3\CMS\Core\Error\Exception
Definition: Exception.php:22
‪TYPO3\CMS\Core\FormProtection\AbstractFormProtection
Definition: AbstractFormProtection.php:30
‪TYPO3\CMS\Core\FormProtection\FrontendFormProtection\$frontendUser
‪FrontendUserAuthentication $frontendUser
Definition: FrontendFormProtection.php:79
‪TYPO3\CMS\Core\FormProtection\FrontendFormProtection\__construct
‪__construct(FrontendUserAuthentication $frontendUser, \Closure $validationFailedCallback=null)
Definition: FrontendFormProtection.php:88
‪TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication
Definition: FrontendUserAuthentication.php:30
‪TYPO3\CMS\Core\FormProtection\FrontendFormProtection\retrieveSessionToken
‪string retrieveSessionToken()
Definition: FrontendFormProtection.php:102
‪TYPO3\CMS\Core\FormProtection\AbstractFormProtection\generateSessionToken
‪string generateSessionToken()
Definition: AbstractFormProtection.php:121