Project

General

Profile

Bug #24873 » 17383.diff

Administrator Admin, 2011-01-30 16:09

View differences:

typo3/classes/class.ajaxlogin.php (working copy)
*/
public function login(array $parameters, TYPO3AJAX $ajaxObj) {
if ($GLOBALS['BE_USER']->user['uid']) {
$tokens = new stdClass();
$formprotection = t3lib_formprotection_Factory::get();
$token = $formprotection->generateToken('extDirect');
$tokens->extDirectToken = $formprotection->generateToken('extDirect');
$tokens->clearCacheTokens = array();
for ($i = 0; $i < 3; $i++) {
$tokens->clearCacheTokens[] = $formprotection->generateToken('tceAction');
}
$tokens->editRecordToken = $formprotection->generateToken('editRecord');
$formprotection->persistTokens();
$json = array(
'success' => TRUE,
'token' => $token
'tokens' => $tokens
);
} else {
$json = array('success' => FALSE);
typo3/js/loginrefresh.js (working copy)
// User is logged in
Ext.getCmp("loginformWindow").hide();
TYPO3.loginRefresh.startTimer();
TYPO3.ExtDirectToken = result.token;
// Refresh all kind of tokens
TYPO3.ExtDirectToken = result.tokens.extDirectToken;
var clearCacheTags = Ext.query("#clear-cache-actions-menu ul a");
Ext.each(clearCacheTags, function(tag, index) {
var url = Ext.urlDecode(tag.href);
if (typeof url.formToken !== "undefined") {
url.formToken = result.tokens.clearCacheTokens[index];
tag.href = unescape(Ext.urlEncode(url));
}
});
var contentFrame = window.frames["content"].document.window;
var contentForms = contentFrame.Ext.query("form");
if (contentForms.length > 0 && contentForms.pop().action.indexOf("alt_doc.php") !== -1) {
var hiddenTokenField = contentFrame.Ext.query("form input[name=formToken]").pop();
hiddenTokenField.value = result.tokens.editRecordToken;
}
} else {
// TODO: add failure to notification system instead of alert
Ext.Msg.alert(TYPO3.LLL.core.refresh_login_failed, TYPO3.LLL.core.refresh_login_failed_message);
typo3/index.php (working copy)
t3lib_utility_Http::redirect($this->redirectToURL);
} else {
$formprotection = t3lib_formprotection_Factory::get();
$token = $formprotection->generateToken('extDirect');
$extDirectToken = $formprotection->generateToken('extDirect');
$tceActionTokens = array();
for ($i = 0; $i < 3; $i++) {
$tceActionTokens[] = $formprotection->generateToken('tceAction');
}
$editRecordToken = $formprotection->generateToken('editRecord');
$TBE_TEMPLATE->JScode.=$TBE_TEMPLATE->wrapScriptTags('
if (parent.opener && (parent.opener.busy || parent.opener.TYPO3.loginRefresh)) {
if (parent.opener.TYPO3.loginRefresh) {
......
} else {
parent.opener.busy.loginRefreshed();
}
parent.opener.TYPO3.ExtDirectToken = "' . $token . '";
// Refresh all kind of tokens
parent.opener.TYPO3.ExtDirectToken = "' . $extDirectToken . '";
var clearCacheTokens = [\'' . $tceActionTokens[0] . '\',\'' . $tceActionTokens[1] . '\',\'' . $tceActionTokens[2] . '\'];
var clearCacheTags = parent.opener.Ext.query("#clear-cache-actions-menu ul a");
parent.opener.Ext.each(clearCacheTags, function(tag, index) {
var url = parent.opener.Ext.urlDecode(tag.href);
if (typeof url.formToken !== "undefined") {
url.formToken = clearCacheTokens[index];
tag.href = unescape(parent.opener.Ext.urlEncode(url));
}
});
var contentFrame = parent.opener.window.frames["content"].document.window;
var contentForms = contentFrame.Ext.query("form");
if (contentForms && contentForms.pop().action.indexOf("alt_doc.php") !== -1) {
var hiddenTokenField = contentFrame.Ext.query("form input[name=formToken]").pop();
hiddenTokenField.value = "' . $editRecordToken . '";
}
parent.close();
}
');
t3lib/class.t3lib_pagerenderer.php (working copy)
var provider = Ext.Direct.addProvider(Ext.app.ExtDirectAPI[api]);
provider.on("beforecall", function(provider, transaction, meta) {
if (transaction.data) {
transaction.data[transaction.data.length] = TYPO3.ExtDirectToken;
transaction.data[transaction.data.length] = top.TYPO3.ExtDirectToken;
} else {
transaction.data = [TYPO3.ExtDirectToken];
transaction.data = [top.TYPO3.ExtDirectToken];
}
});
provider.on("call", function(provider, transaction, meta) {
if (transaction.isForm) {
transaction.params.securityToken = TYPO3.ExtDirectToken;
transaction.params.securityToken = top.TYPO3.ExtDirectToken;
}
});
}
(1-1/2)