TYPO3 CMS  TYPO3_8-7
FrontendFormProtection.php
Go to the documentation of this file.
1 <?php
3 
4 /*
5  * This file is part of the TYPO3 CMS project.
6  *
7  * It is free software; you can redistribute it and/or modify it under
8  * the terms of the GNU General Public License, either version 2
9  * of the License, or any later version.
10  *
11  * For the full copyright and license information, please read the
12  * LICENSE.txt file that was distributed with this source code.
13  *
14  * The TYPO3 project - inspiring people to share!
15  */
16 
18 
71 {
78  protected $frontendUser;
79 
88  {
89  $this->frontendUser = $frontendUser;
90  $this->validationFailedCallback = $validationFailedCallback;
91  if (!$this->isAuthorizedFrontendSession()) {
92  throw new \TYPO3\CMS\Core\Error\Exception('A front-end form protection may only be instantiated if there is an active front-end session.', 1460975777);
93  }
94  }
95 
101  protected function retrieveSessionToken()
102  {
103  $this->sessionToken = $this->frontendUser->getSessionData('formProtectionSessionToken');
104  if (empty($this->sessionToken)) {
105  $this->sessionToken = $this->generateSessionToken();
106  $this->persistSessionToken();
107  }
108  return $this->sessionToken;
109  }
110 
117  public function persistSessionToken()
118  {
119  $this->frontendUser->setAndSaveSessionData('formProtectionSessionToken', $this->sessionToken);
120  }
121 
127  protected function isAuthorizedFrontendSession()
128  {
129  return !empty($this->frontendUser->user['uid']);
130  }
131 }
__construct(FrontendUserAuthentication $frontendUser, \Closure $validationFailedCallback=null)