Maintenance implements MiddlewareInterface
Default middleware for all requests inside the TYPO3 Install Tool, which does a simple hardcoded dispatching to a controller based on the get/post variable.
This class is only meant to be used within EXT:install and is not part of the TYPO3 Core API.
Table of Contents
Interfaces
- MiddlewareInterface
Properties
- $configurationManager : ConfigurationManager
- $controllers : array<string|int, mixed>
- $packageManager : FailsafePackageManager
- $passwordHashFactory : PasswordHashFactory
Methods
- __construct() : mixed
- process() : ResponseInterface
- Handles an Install Tool request for normal operations
- canHandleRequest() : bool
- This request handler can handle any request when not in CLI mode.
- checkEnableInstallToolFile() : bool
- Checks if ENABLE_INSTALL_TOOL exists.
- checkIfEssentialConfigurationExists() : bool
- Check if LocalConfiguration.php exists (PackageStates is optional)
- checkSessionLifetime() : bool
- Check if session expired.
- checkSessionToken() : bool
- Use form protection API to find out if protected POST forms are ok.
- enforceReferrer() : ResponseInterface|null
- Evaluates HTTP `Referer` header (which is denied by client to be a custom value) - attempts to ensure the value is given using a HTML client refresh.
Properties
$configurationManager
protected
ConfigurationManager
$configurationManager
$controllers
protected
array<string|int, mixed>
$controllers
= ['icon' => \TYPO3\CMS\Install\Controller\IconController::class, 'layout' => \TYPO3\CMS\Install\Controller\LayoutController::class, 'login' => \TYPO3\CMS\Install\Controller\LoginController::class, 'maintenance' => \TYPO3\CMS\Install\Controller\MaintenanceController::class, 'settings' => \TYPO3\CMS\Install\Controller\SettingsController::class, 'upgrade' => \TYPO3\CMS\Install\Controller\UpgradeController::class, 'environment' => \TYPO3\CMS\Install\Controller\EnvironmentController::class]
List of valid controllers
$packageManager
protected
FailsafePackageManager
$packageManager
$passwordHashFactory
protected
PasswordHashFactory
$passwordHashFactory
Methods
__construct()
public
__construct(FailsafePackageManager $packageManager, ConfigurationManager $configurationManager, PasswordHashFactory $passwordHashFactory, ContainerInterface $container) : mixed
Parameters
- $packageManager : FailsafePackageManager
- $configurationManager : ConfigurationManager
- $passwordHashFactory : PasswordHashFactory
- $container : ContainerInterface
process()
Handles an Install Tool request for normal operations
public
process(ServerRequestInterface $request, RequestHandlerInterface $handler) : ResponseInterface
Parameters
- $request : ServerRequestInterface
- $handler : RequestHandlerInterface
Return values
ResponseInterfacecanHandleRequest()
This request handler can handle any request when not in CLI mode.
protected
canHandleRequest(ServerRequestInterface $request) : bool
Warning: Order of these methods is security relevant and interferes with different access conditions (new/existing installation). See the single method comments for details.
Parameters
- $request : ServerRequestInterface
Return values
bool —Returns always TRUE
checkEnableInstallToolFile()
Checks if ENABLE_INSTALL_TOOL exists.
protected
checkEnableInstallToolFile() : bool
Return values
boolcheckIfEssentialConfigurationExists()
Check if LocalConfiguration.php exists (PackageStates is optional)
protected
checkIfEssentialConfigurationExists() : bool
Return values
bool —TRUE when the essential configuration is available, otherwise FALSE
checkSessionLifetime()
Check if session expired.
protected
checkSessionLifetime(SessionService $session) : bool
If the session has expired, the login form is displayed.
Parameters
- $session : SessionService
Return values
bool —True if session lifetime is OK
checkSessionToken()
Use form protection API to find out if protected POST forms are ok.
protected
checkSessionToken(ServerRequestInterface $request, SessionService $session) : bool
Parameters
- $request : ServerRequestInterface
- $session : SessionService
Return values
boolenforceReferrer()
Evaluates HTTP `Referer` header (which is denied by client to be a custom value) - attempts to ensure the value is given using a HTML client refresh.
protected
enforceReferrer(ServerRequestInterface $request) : ResponseInterface|null
see: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referer
Parameters
- $request : ServerRequestInterface