Bug #24689 ยป 17173.diff
| typo3/sysext/setup/mod/index.php (working copy) | ||
|---|---|---|
|
protected $installToolFileExists = FALSE;
|
||
|
protected $installToolFileKeep = FALSE;
|
||
|
/**
|
||
|
* Form protection instance
|
||
|
*
|
||
|
* @var t3lib_formprotection_BackendFormProtection
|
||
|
*/
|
||
|
protected $formProtection;
|
||
|
/******************************
|
||
|
*
|
||
| ... | ... | |
|
*
|
||
|
******************************/
|
||
|
/**
|
||
|
* Instanciate the form protection before a simulated user is initialized.
|
||
|
*/
|
||
|
public function __construct() {
|
||
|
$this->formProtection = t3lib_formProtection_Factory::get(
|
||
|
't3lib_formprotection_BackendFormProtection'
|
||
|
);
|
||
|
}
|
||
|
/**
|
||
|
* Getter for the form protection instance.
|
||
|
*/
|
||
|
public function getFormProtection() {
|
||
|
return $this->formProtection;
|
||
|
}
|
||
|
/**
|
||
|
* If settings are submitted to _POST[DATA], store them
|
||
|
* NOTICE: This method is called before the template.php is included. See
|
||
| ... | ... | |
|
$storeRec = array();
|
||
|
$fieldList = $this->getFieldsFromShowItem();
|
||
|
$formProtection = t3lib_formProtection_Factory::get(
|
||
|
't3lib_formprotection_BackendFormProtection'
|
||
|
);
|
||
|
if (is_array($d) && $formProtection->validateToken(
|
||
|
if (is_array($d) && $this->formProtection->validateToken(
|
||
|
(string) t3lib_div::_POST('formToken'),
|
||
|
'BE user setup', 'edit'
|
||
|
)
|
||
| ... | ... | |
|
$this->content .= $this->doc->spacer(20) . $this->doc->getDynTabMenu($menuItems, 'user-setup', FALSE, FALSE, 0, 1, FALSE, 1, $this->dividers2tabs);
|
||
|
$formProtection = t3lib_formProtection_Factory::get(
|
||
|
't3lib_formprotection_BackendFormProtection'
|
||
|
);
|
||
|
$formToken = $formProtection->generateToken('BE user setup', 'edit');
|
||
|
$formToken = $this->formProtection->generateToken('BE user setup', 'edit');
|
||
|
// Submit and reset buttons
|
||
|
$this->content .= $this->doc->spacer(20);
|
||
| ... | ... | |
|
$SOBE->main();
|
||
|
$SOBE->printContent();
|
||
|
t3lib_formProtection_Factory::get('t3lib_formprotection_BackendFormProtection')
|
||
|
->persistTokens();
|
||
|
$SOBE->getFormProtection()->persistTokens();
|
||
|
?>
|
||
| t3lib/formprotection/class.t3lib_formprotection_backendformprotection.php (working copy) | ||
|---|---|---|
|
protected $maximumNumberOfTokens = 20000;
|
||
|
/**
|
||
|
* Keeps the instance of the user which existed during creation
|
||
|
* of the object.
|
||
|
*
|
||
|
* @var t3lib_beUserAuth
|
||
|
*/
|
||
|
protected $backendUser;
|
||
|
/**
|
||
|
* Only allow construction if we have a backend session
|
||
|
*/
|
||
|
public function __construct() {
|
||
| ... | ... | |
|
1285067843
|
||
|
);
|
||
|
}
|
||
|
$this->backendUser = $GLOBALS['BE_USER'];
|
||
|
parent::__construct();
|
||
|
}
|
||
| ... | ... | |
|
* the saved tokens as, will be empty if no tokens have been saved
|
||
|
*/
|
||
|
protected function retrieveTokens() {
|
||
|
$tokens = $GLOBALS['BE_USER']->getSessionData('formTokens');
|
||
|
$tokens = $this->backendUser->getSessionData('formTokens');
|
||
|
if (!is_array($tokens)) {
|
||
|
$tokens = array();
|
||
|
}
|
||
| ... | ... | |
|
* @return void
|
||
|
*/
|
||
|
public function persistTokens() {
|
||
|
$GLOBALS['BE_USER']->setAndSaveSessionData('formTokens', $this->tokens);
|
||
|
$this->backendUser->setAndSaveSessionData('formTokens', $this->tokens);
|
||
|
}
|
||
|
}
|
||