Bug #24962 ยป 17490.diff
t3lib/formprotection/class.t3lib_formprotection_abstract.php (working copy) | ||
---|---|---|
protected $tokens = array();
|
||
/**
|
||
* Tokens that have been added during this request.
|
||
*
|
||
* @var array<array>
|
||
*/
|
||
protected $addedTokens = array();
|
||
/**
|
||
* Token ids of tokens that have been dropped during this request.
|
||
*
|
||
* @var array
|
||
*/
|
||
protected $droppedTokenIds = array();
|
||
/**
|
||
* Constructor. Makes sure existing tokens are read and available for
|
||
* checking.
|
||
*/
|
||
... | ... | |
'action' => $action,
|
||
'formInstanceName' => $formInstanceName,
|
||
);
|
||
$this->addedTokens[$tokenId] = $this->tokens[$tokenId];
|
||
$this->preventOverflow();
|
||
return $tokenId;
|
||
... | ... | |
protected function dropToken($tokenId) {
|
||
if (isset($this->tokens[$tokenId])) {
|
||
unset($this->tokens[$tokenId]);
|
||
$this->droppedTokenIds[] = $tokenId;
|
||
}
|
||
}
|
||
/**
|
||
* Persisting of tokens is only required, if tokens are
|
||
* deleted or added during this request.
|
||
*
|
||
* @return boolean
|
||
*/
|
||
protected function isPersistingRequired() {
|
||
return !empty($this->droppedTokenIds) || !empty($this->addedTokens);
|
||
}
|
||
/**
|
||
* Reset the arrays of added or deleted tokens.
|
||
*
|
||
* @return void
|
||
*/
|
||
protected function resetPersistingRequiredStatus() {
|
||
$this->droppedTokenIds = array();
|
||
$this->addedTokens = array();
|
||
}
|
||
/**
|
||
* Checks whether the number of current tokens still is at most
|
||
* $this->maximumNumberOfTokens.
|
||
*
|
t3lib/formprotection/class.t3lib_formprotection_backendformprotection.php (working copy) | ||
---|---|---|
}
|
||
/**
|
||
* Overrule the method in the absract class, because we can drop the
|
||
* whole locking procedure, which is done in persistTokens, if we
|
||
* simply want to delete all tokens.
|
||
*
|
||
* @see t3lib/formprotection/t3lib_formprotection_Abstract::clean()
|
||
*/
|
||
public function clean() {
|
||
$this->tokens = array();
|
||
$this->backendUser->setAndSaveSessionData('formTokens', $this->tokens);
|
||
$this->resetPersistingRequiredStatus();
|
||
}
|
||
/**
|
||
* Creates or displayes an error message telling the user that the submitted
|
||
* form token is invalid.
|
||
*
|
||
... | ... | |
protected function updateTokens() {
|
||
$this->backendUser->user = $this->backendUser->fetchUserSession(TRUE);
|
||
$tokens = $this->retrieveTokens();
|
||
$this->tokens = array_merge($this->tokens, $tokens);
|
||
$this->tokens = array_merge($tokens, $this->addedTokens);
|
||
foreach ($this->droppedTokenIds as $tokenId) {
|
||
unset($this->tokens[$tokenId]);
|
||
}
|
||
}
|
||
/**
|
||
... | ... | |
* @return void
|
||
*/
|
||
public function persistTokens() {
|
||
$lockObject = $this->acquireLock();
|
||
if ($this->isPersistingRequired()) {
|
||
$lockObject = $this->acquireLock();
|
||
$this->updateTokens();
|
||
$this->backendUser->setAndSaveSessionData('formTokens', $this->tokens);
|
||
$this->updateTokens();
|
||
$this->backendUser->setAndSaveSessionData('formTokens', $this->tokens);
|
||
$this->resetPersistingRequiredStatus();
|
||
$this->releaseLock($lockObject);
|
||
$this->releaseLock($lockObject);
|
||
}
|
||
}
|
||
/**
|