Fixed bug #17305: Login/ Logout was not possible after introducing the locking in...
[Packages/TYPO3.CMS.git] / t3lib / extjs / class.t3lib_extjs_extdirectrouter.php
1 <?php
2 /***************************************************************
3 * Copyright notice
4 *
5 * (c) 2010-2011 Sebastian Kurf├╝rst <sebastian@typo3.org>
6 * (c) 2010-2011 Stefan Galinski <stefan.galinski@gmail.com>
7 * All rights reserved
8 *
9 * This script is part of the TYPO3 project. The TYPO3 project is
10 * free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published by
12 * the Free Software Foundation; either version 2 of the License, or
13 * (at your option) any later version.
14 *
15 * The GNU General Public License can be found at
16 * http://www.gnu.org/copyleft/gpl.html.
17 * A copy is found in the textfile GPL.txt and important notices to the license
18 * from the author is found in LICENSE.txt distributed with these scripts.
19 *
20 *
21 * This script is distributed in the hope that it will be useful,
22 * but WITHOUT ANY WARRANTY; without even the implied warranty of
23 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
24 * GNU General Public License for more details.
25 *
26 * This copyright notice MUST APPEAR in all copies of the script!
27 ***************************************************************/
28
29 /**
30 * Ext Direct Router
31 *
32 * @author Sebastian Kurf├╝rst <sebastian@typo3.org>
33 * @author Stefan Galinski <stefan.galinski@gmail.com>
34 * @package TYPO3
35 */
36 class t3lib_extjs_ExtDirectRouter {
37 /**
38 * Dispatches the incoming calls to methods about the ExtDirect API.
39 *
40 * @param aray $ajaxParams ajax parameters
41 * @param TYPO3AJAX $ajaxObj typo3ajax instance
42 * @return void
43 */
44 public function route($ajaxParams, TYPO3AJAX $ajaxObj) {
45 $GLOBALS['error'] = t3lib_div::makeInstance('t3lib_extjs_ExtDirectDebug');
46
47 $isForm = FALSE;
48 $isUpload = FALSE;
49 $rawPostData = file_get_contents('php://input');
50 $postParameters = t3lib_div::_POST();
51 $namespace = t3lib_div::_GET('namespace');
52 $response = array();
53 $request = NULL;
54
55 if (!empty($postParameters['extAction'])) {
56 $isForm = TRUE;
57 $isUpload = $postParameters['extUpload'] === 'true';
58
59 $request = new stdClass;
60 $request->action = $postParameters['extAction'];
61 $request->method = $postParameters['extMethod'];
62 $request->tid = $postParameters['extTID'];
63
64 unset($_POST['securityToken']);
65 $request->data = array($_POST + $_FILES);
66 $request->data[] = $postParameters['securityToken'];
67 } elseif (!empty($rawPostData)) {
68 $request = json_decode($rawPostData);
69 } else {
70 $response[] = array(
71 'type' => 'exception',
72 'message' => 'Something went wrong with an ExtDirect call!'
73 );
74 }
75
76 if (!is_array($request)) {
77 $request = array($request);
78 }
79
80 $validToken = FALSE;
81 $firstCall = TRUE;
82 foreach ($request as $index => $singleRequest) {
83 $response[$index] = array(
84 'tid' => $singleRequest->tid,
85 'action' => $singleRequest->action,
86 'method' => $singleRequest->method
87 );
88
89 $token = array_pop($singleRequest->data);
90 if ($firstCall) {
91 $firstCall = FALSE;
92 $formprotection = t3lib_formprotection_Factory::get();
93 $validToken = $formprotection->validateToken($token, 'extDirect');
94 }
95
96 try {
97 if (!$validToken) {
98 throw new t3lib_formprotection_InvalidTokenException('ExtDirect: Invalid Security Token!');
99 }
100
101 $response[$index]['type'] = 'rpc';
102 $response[$index]['result'] = $this->processRpc($singleRequest, $namespace);
103 $response[$index]['debug'] = $GLOBALS['error']->toString();
104
105 } catch (Exception $exception) {
106 $response[$index]['type'] = 'exception';
107 $response[$index]['message'] = $exception->getMessage();
108 $response[$index]['where'] = $exception->getTraceAsString();
109 }
110 }
111
112 if ($isForm && $isUpload) {
113 $ajaxObj->setContentFormat('plain');
114 $response = json_encode($response);
115 $response = preg_replace('/&quot;/', '\\&quot;', $response);
116
117 $response = array(
118 '<html><body><textarea>' .
119 $response .
120 '</textarea></body></html>'
121 );
122 } else {
123 $ajaxObj->setContentFormat('jsonbody');
124 }
125
126 $ajaxObj->setContent($response);
127 }
128
129
130 /**
131 * Processes an incoming extDirect call by executing the defined method. The configuration
132 * array "$GLOBALS['TYPO3_CONF_VARS']['BE']['ExtDirect']" is taken to find the class/method
133 * information.
134 *
135 * @param object $singleRequest request object from extJS
136 * @param string $namespace namespace like TYPO3.Backend
137 * @throws UnexpectedValueException if the remote method couldn't be found
138 * @return mixed return value of the called method
139 */
140 protected function processRpc($singleRequest, $namespace) {
141 $endpointName = $namespace . '.' . $singleRequest->action;
142
143 // theoretically this can never happen, because of an javascript error on
144 // the client side due the missing namespace/endpoint
145 if (!isset($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['ExtDirect'][$endpointName])) {
146 throw new UnexpectedValueException('ExtDirect: Call to undefined endpoint: ' . $endpointName);
147 }
148
149 $endpointObject = t3lib_div::getUserObj(
150 $GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['ExtDirect'][$endpointName],
151 FALSE
152 );
153
154 return call_user_func_array(
155 array($endpointObject, $singleRequest->method),
156 is_array($singleRequest->data) ? $singleRequest->data : array()
157 );
158 }
159 }
160
161 if (defined('TYPO3_MODE') && isset($GLOBALS['TYPO3_CONF_VARS'][TYPO3_MODE]['XCLASS']['t3lib/extjs/class.t3lib_extjs_extdirectrouter.php'])) {
162 include_once($GLOBALS['TYPO3_CONF_VARS'][TYPO3_MODE]['XCLASS']['t3lib/extjs/class.t3lib_extjs_extdirectrouter.php']);
163 }
164
165 ?>