Fixed bug #17500: Improve error handling in ExtDirect router (Thanks to Helmut Hummel)

git-svn-id: https://svn.typo3.org/TYPO3v4/Core/branches/TYPO3_4-5@10405 709f56b5-9817-0410-a4d7-c38de5d9e867

diff --git a/ChangeLog b/ChangeLog
index 5d163aa..65d4160 100755 (executable)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,7 @@
+2011-02-07 Steffen Kamper  <steffen@typo3.org>
+
+       * Fixed bug #17500: Improve error handling in ExtDirect router (Thanks to Helmut Hummel)
+
 2011-02-07  Ernesto Baschny  <ernst@cron-it.de>
 
        * Fixed bug #17478: Wrong behaviour of "$TYPO3_CONF_VARS['SYS']['sqlDebug'] = TRUE" (since #15425)

diff --git a/t3lib/extjs/class.t3lib_extjs_extdirectrouter.php b/t3lib/extjs/class.t3lib_extjs_extdirectrouter.php
index 6578ebb..c7bfed2 100644 (file)
--- a/t3lib/extjs/class.t3lib_extjs_extdirectrouter.php
+++ b/t3lib/extjs/class.t3lib_extjs_extdirectrouter.php
@@ -51,6 +51,7 @@ class t3lib_extjs_ExtDirectRouter {
                $namespace = t3lib_div::_GET('namespace');
                $response = array();
                $request = NULL;
+               $isValidRequest = TRUE;
 
                if (!empty($postParameters['extAction'])) {
                        $isForm = TRUE;
@@ -71,44 +72,46 @@ class t3lib_extjs_ExtDirectRouter {
                                'type' => 'exception',
                                'message' => 'Something went wrong with an ExtDirect call!'
                        );
+                       $isValidRequest = FALSE;
                }
 
                if (!is_array($request)) {
                        $request = array($request);
                }
-               
-               $validToken = FALSE;
-               $firstCall = TRUE;
-               foreach ($request as $index => $singleRequest) {
-                       $response[$index] = array(
-                               'tid' => $singleRequest->tid,
-                               'action' => $singleRequest->action,
-                               'method' => $singleRequest->method
-                       );
-
-                       $token = array_pop($singleRequest->data);
-                       if ($firstCall) {
-                               $firstCall = FALSE;
-                               $formprotection = t3lib_formprotection_Factory::get();
-                               $validToken = $formprotection->validateToken($token, 'extDirect');
-                       }
 
-                       try {
-                               if (!$validToken) {
-                                       throw new t3lib_formprotection_InvalidTokenException('ExtDirect: Invalid Security Token!');
+               if ($isValidRequest) {
+                       $validToken = FALSE;
+                       $firstCall = TRUE;
+                       foreach ($request as $index => $singleRequest) {
+                               $response[$index] = array(
+                                       'tid' => $singleRequest->tid,
+                                       'action' => $singleRequest->action,
+                                       'method' => $singleRequest->method
+                               );
+
+                               $token = array_pop($singleRequest->data);
+                               if ($firstCall) {
+                                       $firstCall = FALSE;
+                                       $formprotection = t3lib_formprotection_Factory::get();
+                                       $validToken = $formprotection->validateToken($token, 'extDirect');
                                }
 
-                               $response[$index]['type'] = 'rpc';
-                               $response[$index]['result'] = $this->processRpc($singleRequest, $namespace);
-                               $response[$index]['debug'] = $GLOBALS['error']->toString();
+                               try {
+                                       if (!$validToken) {
+                                               throw new t3lib_formprotection_InvalidTokenException('ExtDirect: Invalid Security Token!');
+                                       }
 
-                       } catch (Exception $exception) {
-                               $response[$index]['type'] = 'exception';
-                               $response[$index]['message'] = $exception->getMessage();
-                               $response[$index]['where'] = $exception->getTraceAsString();
+                                       $response[$index]['type'] = 'rpc';
+                                       $response[$index]['result'] = $this->processRpc($singleRequest, $namespace);
+                                       $response[$index]['debug'] = $GLOBALS['error']->toString();
+
+                               } catch (Exception $exception) {
+                                       $response[$index]['type'] = 'exception';
+                                       $response[$index]['message'] = $exception->getMessage();
+                                       $response[$index]['where'] = $exception->getTraceAsString();
+                               }
                        }
                }
-
                if ($isForm && $isUpload) {
                        $ajaxObj->setContentFormat('plain');
                        $response = json_encode($response);