‪TYPO3CMS  ‪main
FrontendFormProtection.php
Go to the documentation of this file.
1 <?php
2 
3 /*
4  * This file is part of the TYPO3 CMS project.
5  *
6  * It is free software; you can redistribute it and/or modify it under
7  * the terms of the GNU General Public License, either version 2
8  * of the License, or any later version.
9  *
10  * For the full copyright and license information, please read the
11  * LICENSE.txt file that was distributed with this source code.
12  *
13  * The TYPO3 project - inspiring people to share!
14  */
15 
16 namespace ‪TYPO3\CMS\Core\FormProtection;
17 
18 use ‪TYPO3\CMS\Core\Error\Exception;
19 use ‪TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication;
20 
72 class ‪FrontendFormProtection extends ‪AbstractFormProtection
73 {
80  protected ‪$frontendUser;
81 
87  public function ‪__construct(‪FrontendUserAuthentication ‪$frontendUser, \Closure ‪$validationFailedCallback = null)
88  {
89  $this->frontendUser = ‪$frontendUser;
90  $this->validationFailedCallback = ‪$validationFailedCallback;
91  if (!$this->‪isAuthorizedFrontendSession()) {
92  throw new ‪Exception('A front-end form protection may only be instantiated if there is an active front-end session.', 1460975777);
93  }
94  }
95 
101  protected function ‪retrieveSessionToken()
102  {
103  $this->sessionToken = $this->frontendUser->getSessionData('formProtectionSessionToken');
104  if (empty($this->sessionToken)) {
105  $this->sessionToken = $this->‪generateSessionToken();
106  $this->‪persistSessionToken();
107  }
108  return ‪$this->sessionToken;
109  }
110 
117  public function ‪persistSessionToken()
118  {
119  $this->frontendUser->setAndSaveSessionData('formProtectionSessionToken', $this->sessionToken);
120  }
121 
127  protected function ‪isAuthorizedFrontendSession()
128  {
129  return !empty($this->frontendUser->user['uid']);
130  }
131 }
‪TYPO3\CMS\Core\FormProtection\FrontendFormProtection\isAuthorizedFrontendSession
‪bool isAuthorizedFrontendSession()
Definition: FrontendFormProtection.php:126
‪TYPO3\CMS\Core\FormProtection\AbstractFormProtection\$sessionToken
‪string null $sessionToken
Definition: AbstractFormProtection.php:41
‪TYPO3\CMS\Core\FormProtection\FrontendFormProtection\persistSessionToken
‪persistSessionToken()
Definition: FrontendFormProtection.php:116
‪TYPO3\CMS\Core\FormProtection
Definition: AbstractFormProtection.php:16
‪TYPO3\CMS\Core\FormProtection\FrontendFormProtection
Definition: FrontendFormProtection.php:73
‪TYPO3\CMS\Core\Error\Exception
Definition: Exception.php:21
‪TYPO3\CMS\Core\FormProtection\AbstractFormProtection
Definition: AbstractFormProtection.php:31
‪TYPO3\CMS\Core\FormProtection\FrontendFormProtection\$frontendUser
‪FrontendUserAuthentication $frontendUser
Definition: FrontendFormProtection.php:79
‪TYPO3\CMS\Core\FormProtection\AbstractFormProtection\$validationFailedCallback
‪Closure null $validationFailedCallback
Definition: AbstractFormProtection.php:35
‪TYPO3\CMS\Core\FormProtection\FrontendFormProtection\__construct
‪__construct(FrontendUserAuthentication $frontendUser, \Closure $validationFailedCallback=null)
Definition: FrontendFormProtection.php:86
‪TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication
Definition: FrontendUserAuthentication.php:33
‪TYPO3\CMS\Core\FormProtection\FrontendFormProtection\retrieveSessionToken
‪string retrieveSessionToken()
Definition: FrontendFormProtection.php:100
‪TYPO3\CMS\Core\FormProtection\AbstractFormProtection\generateSessionToken
‪string generateSessionToken()
Definition: AbstractFormProtection.php:115