TYPO3 CMS  TYPO3_7-6
Public Member Functions | Protected Member Functions | Protected Attributes | List of all members
TYPO3\CMS\Backend\Http\AjaxRequestHandler Class Reference
Inheritance diagram for TYPO3\CMS\Backend\Http\AjaxRequestHandler:
TYPO3\CMS\Core\Http\RequestHandlerInterface

Public Member Functions

 __construct (Bootstrap $bootstrap)
 
 handleRequest (ServerRequestInterface $request)
 
 canHandleRequest (ServerRequestInterface $request)
 
 getPriority ()
 
- Public Member Functions inherited from TYPO3\CMS\Core\Http\RequestHandlerInterface
 handleRequest (\Psr\Http\Message\ServerRequestInterface $request)
 
 canHandleRequest (\Psr\Http\Message\ServerRequestInterface $request)
 

Protected Member Functions

 isLoggedInBackendUserRequired ($ajaxId)
 
 boot ($proceedIfNoUserIsLoggedIn)
 
 getFormProtection ()
 
 isValidRequest (ServerRequestInterface $request)
 

Protected Attributes

 $bootstrap
 
 $publicAjaxIds
 

Detailed Description

AJAX dispatcher

Main entry point for AJAX calls in the TYPO3 Backend. Based on ?ajaxId of the outside application. Before doing the basic BE-related set up of this request (see the additional calls on $this->bootstrap inside handleRequest()), some AJAX-calls can be made without a valid user, which is determined here. See $GLOBALS['TYPO3_CONF_VARS']['BE']['AJAX'] and the Core APIs on how to register an AJAX call in the TYPO3 Backend.

Due to legacy reasons, the actual logic is in EXT:core/Http/AjaxRequestHandler which will eventually be moved into this class. In the future, the logic for "TYPO3_PROCEED_IF_NO_USER" will be moved in here as well.

Definition at line 39 of file AjaxRequestHandler.php.

Constructor & Destructor Documentation

◆ __construct()

TYPO3\CMS\Backend\Http\AjaxRequestHandler::__construct ( Bootstrap  $bootstrap)

Constructor handing over the bootstrap and the original request

Parameters
Bootstrap$bootstrap

Definition at line 64 of file AjaxRequestHandler.php.

References TYPO3\CMS\Backend\Http\AjaxRequestHandler\$bootstrap.

Member Function Documentation

◆ boot()

TYPO3\CMS\Backend\Http\AjaxRequestHandler::boot (   $proceedIfNoUserIsLoggedIn)
protected

Start the Backend bootstrap part

Parameters
bool$proceedIfNoUserIsLoggedIna flag if a backend user is required

Definition at line 134 of file AjaxRequestHandler.php.

References $GLOBALS, TYPO3\CMS\Core\Utility\GeneralUtility\callUserFunction(), TYPO3\CMS\Backend\Http\AjaxRequestHandler\isValidRequest(), and TYPO3\CMS\Core\Utility\GeneralUtility\makeInstance().

Referenced by TYPO3\CMS\Backend\Http\AjaxRequestHandler\handleRequest().

◆ canHandleRequest()

TYPO3\CMS\Backend\Http\AjaxRequestHandler::canHandleRequest ( ServerRequestInterface  $request)

This request handler can handle any backend request having an ajaxID as parameter (see Application.php in EXT:backend)

Parameters
ServerRequestInterface$request
Returns
bool If the request is an AJAX backend request, TRUE otherwise FALSE

Definition at line 102 of file AjaxRequestHandler.php.

◆ getFormProtection()

TYPO3\CMS\Backend\Http\AjaxRequestHandler::getFormProtection ( )
protected

Wrapper method for static form protection utility

Returns

Definition at line 219 of file AjaxRequestHandler.php.

References TYPO3\CMS\Core\FormProtection\FormProtectionFactory\get().

Referenced by TYPO3\CMS\Backend\Http\AjaxRequestHandler\isValidRequest().

◆ getPriority()

TYPO3\CMS\Backend\Http\AjaxRequestHandler::getPriority ( )

Returns the priority - how eager the handler is to actually handle the request.

Returns
int The priority of the request handler.

Implements TYPO3\CMS\Core\Http\RequestHandlerInterface.

Definition at line 112 of file AjaxRequestHandler.php.

◆ handleRequest()

TYPO3\CMS\Backend\Http\AjaxRequestHandler::handleRequest ( ServerRequestInterface  $request)

Handles any AJAX request in the TYPO3 Backend

Parameters
ServerRequestInterface$request
Returns
NULL|

Definition at line 75 of file AjaxRequestHandler.php.

References $GLOBALS, TYPO3\CMS\Backend\Http\AjaxRequestHandler\boot(), and TYPO3\CMS\Backend\Http\AjaxRequestHandler\isLoggedInBackendUserRequired().

◆ isLoggedInBackendUserRequired()

TYPO3\CMS\Backend\Http\AjaxRequestHandler::isLoggedInBackendUserRequired (   $ajaxId)
protected

Check if the user is required for the request If we're trying to do an ajax login, don't require a user

Parameters
string$ajaxIdthe Ajax ID to check against
Returns
bool whether the request can proceed without a login required

Definition at line 124 of file AjaxRequestHandler.php.

Referenced by TYPO3\CMS\Backend\Http\AjaxRequestHandler\handleRequest().

◆ isValidRequest()

TYPO3\CMS\Backend\Http\AjaxRequestHandler::isValidRequest ( ServerRequestInterface  $request)
protected

Checks if the request token is valid. This is checked to see if the route is really created by the same instance. Should be called for all routes in the backend except for the ones that don't require a login.

Parameters
ServerRequestInterface$request
Returns
bool
See also
where the token is generated.

Definition at line 233 of file AjaxRequestHandler.php.

References TYPO3\CMS\Backend\Http\AjaxRequestHandler\getFormProtection().

Referenced by TYPO3\CMS\Backend\Http\AjaxRequestHandler\boot().

Member Data Documentation

◆ $bootstrap

TYPO3\CMS\Backend\Http\AjaxRequestHandler::$bootstrap
protected

Definition at line 45 of file AjaxRequestHandler.php.

Referenced by TYPO3\CMS\Backend\Http\AjaxRequestHandler\__construct().

◆ $publicAjaxIds

TYPO3\CMS\Backend\Http\AjaxRequestHandler::$publicAjaxIds
protected
Initial value:
= [
'/ajax/login',
'/ajax/logout',
'/ajax/login/refresh',
'/ajax/login/timedout',
'/ajax/rsa/publickey'
]

Definition at line 51 of file AjaxRequestHandler.php.