‪TYPO3CMS  9.5
FrontendFormProtection.php
Go to the documentation of this file.
1 <?php
2 namespace ‪TYPO3\CMS\Core\FormProtection;
3 
4 /*
5  * This file is part of the TYPO3 CMS project.
6  *
7  * It is free software; you can redistribute it and/or modify it under
8  * the terms of the GNU General Public License, either version 2
9  * of the License, or any later version.
10  *
11  * For the full copyright and license information, please read the
12  * LICENSE.txt file that was distributed with this source code.
13  *
14  * The TYPO3 project - inspiring people to share!
15  */
16 
17 use ‪TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication;
18 
70 class ‪FrontendFormProtection extends ‪AbstractFormProtection
71 {
78  protected ‪$frontendUser;
79 
87  public function ‪__construct(‪FrontendUserAuthentication ‪$frontendUser, \Closure ‪$validationFailedCallback = null)
88  {
89  $this->frontendUser = ‪$frontendUser;
90  $this->validationFailedCallback = ‪$validationFailedCallback;
91  if (!$this->‪isAuthorizedFrontendSession()) {
92  throw new \TYPO3\CMS\Core\Error\Exception('A front-end form protection may only be instantiated if there is an active front-end session.', 1460975777);
93  }
94  }
95 
101  protected function ‪retrieveSessionToken()
102  {
103  $this->sessionToken = $this->frontendUser->getSessionData('formProtectionSessionToken');
104  if (empty($this->sessionToken)) {
105  $this->sessionToken = $this->‪generateSessionToken();
106  $this->‪persistSessionToken();
107  }
108  return ‪$this->sessionToken;
109  }
110 
117  public function ‪persistSessionToken()
118  {
119  $this->frontendUser->setAndSaveSessionData('formProtectionSessionToken', $this->sessionToken);
120  }
121 
127  protected function ‪isAuthorizedFrontendSession()
128  {
129  return !empty($this->frontendUser->user['uid']);
130  }
131 }
‪TYPO3\CMS\Core\FormProtection\AbstractFormProtection\$sessionToken
‪string $sessionToken
Definition: AbstractFormProtection.php:39
‪TYPO3\CMS\Core\FormProtection\FrontendFormProtection\isAuthorizedFrontendSession
‪bool isAuthorizedFrontendSession()
Definition: FrontendFormProtection.php:126
‪TYPO3\CMS\Core\FormProtection\AbstractFormProtection\$validationFailedCallback
‪Closure $validationFailedCallback
Definition: AbstractFormProtection.php:33
‪TYPO3\CMS\Core\FormProtection\FrontendFormProtection\persistSessionToken
‪persistSessionToken()
Definition: FrontendFormProtection.php:116
‪TYPO3\CMS\Core\FormProtection
Definition: AbstractFormProtection.php:2
‪TYPO3\CMS\Core\FormProtection\FrontendFormProtection
Definition: FrontendFormProtection.php:71
‪TYPO3\CMS\Core\FormProtection\AbstractFormProtection
Definition: AbstractFormProtection.php:29
‪TYPO3\CMS\Core\FormProtection\FrontendFormProtection\$frontendUser
‪FrontendUserAuthentication $frontendUser
Definition: FrontendFormProtection.php:77
‪TYPO3\CMS\Core\FormProtection\FrontendFormProtection\__construct
‪__construct(FrontendUserAuthentication $frontendUser, \Closure $validationFailedCallback=null)
Definition: FrontendFormProtection.php:86
‪TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication
Definition: FrontendUserAuthentication.php:28
‪TYPO3\CMS\Core\FormProtection\FrontendFormProtection\retrieveSessionToken
‪string retrieveSessionToken()
Definition: FrontendFormProtection.php:100
‪TYPO3\CMS\Core\FormProtection\AbstractFormProtection\generateSessionToken
‪string generateSessionToken()
Definition: AbstractFormProtection.php:120