Bug #24962 ยป 17490.diff

Administrator Admin, 2011-02-04 21:08

View differences:

t3lib/formprotection/class.t3lib_formprotection_abstract.php (working copy)
56 56
	protected $tokens = array();
57 57

  
58 58
	/**
59
	 * Tokens that have been added during this request.
60
	 *
61
	 * @var array<array>
62
	 */
63
	protected $addedTokens = array();
64

  
65
	/**
66
	 * Token ids of tokens that have been dropped during this request.
67
	 *
68
	 * @var array
69
	 */
70
	protected $droppedTokenIds = array();
71

  
72
	/**
59 73
	 * Constructor. Makes sure existing tokens are read and available for
60 74
	 * checking.
61 75
	 */
......
123 137
			'action' => $action,
124 138
			'formInstanceName' => $formInstanceName,
125 139
		);
140
		$this->addedTokens[$tokenId] = $this->tokens[$tokenId];
126 141
		$this->preventOverflow();
127 142

  
128 143
		return $tokenId;
......
219 234
	protected function dropToken($tokenId) {
220 235
		if (isset($this->tokens[$tokenId])) {
221 236
			unset($this->tokens[$tokenId]);
237
			$this->droppedTokenIds[] = $tokenId;
222 238
		}
223 239
	}
224 240

  
225 241
	/**
242
	 * Persisting of tokens is only required, if tokens are
243
	 * deleted or added during this request.
244
	 *
245
	 * @return boolean
246
	 */
247
	protected function isPersistingRequired() {
248
		return !empty($this->droppedTokenIds) || !empty($this->addedTokens);
249
	}
250

  
251
	/**
252
	 * Reset the arrays of added or deleted tokens.
253
	 *
254
	 * @return void
255
	 */
256
	protected function resetPersistingRequiredStatus() {
257
		$this->droppedTokenIds = array();
258
		$this->addedTokens = array();
259
	}
260

  
261
	/**
226 262
	 * Checks whether the number of current tokens still is at most
227 263
	 * $this->maximumNumberOfTokens.
228 264
	 *
t3lib/formprotection/class.t3lib_formprotection_backendformprotection.php (working copy)
139 139
	}
140 140

  
141 141
	/**
142
	 * Overrule the method in the absract class, because we can drop the
143
	 * whole locking procedure, which is done in persistTokens, if we
144
	 * simply want to delete all tokens.
145
	 *
146
	 * @see t3lib/formprotection/t3lib_formprotection_Abstract::clean()
147
	 */
148
	public function clean() {
149
		$this->tokens = array();
150
		$this->backendUser->setAndSaveSessionData('formTokens', $this->tokens);
151
		$this->resetPersistingRequiredStatus();
152
	}
153

  
154
	/**
142 155
	 * Creates or displayes an error message telling the user that the submitted
143 156
	 * form token is invalid.
144 157
	 *
......
184 197
	protected function updateTokens() {
185 198
		$this->backendUser->user = $this->backendUser->fetchUserSession(TRUE);
186 199
		$tokens = $this->retrieveTokens();
187
		$this->tokens = array_merge($this->tokens, $tokens);
200
		$this->tokens = array_merge($tokens, $this->addedTokens);
201
		foreach ($this->droppedTokenIds as $tokenId) {
202
			unset($this->tokens[$tokenId]);
203
		}
188 204
	}
189 205

  
190 206
	/**
......
194 210
	 * @return void
195 211
	 */
196 212
	public function persistTokens() {
197
		$lockObject = $this->acquireLock();
213
		if ($this->isPersistingRequired()) {
214
			$lockObject = $this->acquireLock();
198 215

  
199
		$this->updateTokens();
200
		$this->backendUser->setAndSaveSessionData('formTokens', $this->tokens);
216
			$this->updateTokens();
217
			$this->backendUser->setAndSaveSessionData('formTokens', $this->tokens);
218
			$this->resetPersistingRequiredStatus();
201 219

  
202
		$this->releaseLock($lockObject);
220
			$this->releaseLock($lockObject);
221
		}
203 222
	}
204 223

  
205 224
	/**
    (1-1/1)