[BUGFIX] Do not save failed token messages in session 79/27879/2
authorHelmut Hummel <helmut.hummel@typo3.org>
Wed, 26 Feb 2014 19:20:07 +0000 (20:20 +0100)
committerAnja Leichsenring <aleichsenring@ab-softlab.de>
Wed, 26 Feb 2014 20:25:37 +0000 (21:25 +0100)
In #30272 the backend formprotection has been changed
to not save flash messages in the user session if
the current request is an Ajax request.

Unfortunately the check for that is broken
since the TYPO3_AJAX global is reset in the
bootstrap now.

Introduce a method which uses the request type
constants and adapt the tests accordingly.

Resolves: #56357
Releases: 6.2
Change-Id: Idae8be036b3747ea71509cc37008a4d694390627
Reviewed-on: https://review.typo3.org/27879
Reviewed-by: Wouter Wolters
Tested-by: Wouter Wolters
Reviewed-by: Anja Leichsenring
Tested-by: Anja Leichsenring
typo3/sysext/core/Classes/FormProtection/BackendFormProtection.php
typo3/sysext/core/Classes/Messaging/FlashMessage.php
typo3/sysext/core/Tests/Unit/FormProtection/BackendFormProtectionTest.php

index 2ea698b..8c8e23b 100644 (file)
@@ -124,7 +124,7 @@ class BackendFormProtection extends \TYPO3\CMS\Core\FormProtection\AbstractFormP
                        $this->getLanguageService()->sL('LLL:EXT:lang/locallang_core.xlf:error.formProtection.tokenInvalid'),
                        '',
                        \TYPO3\CMS\Core\Messaging\FlashMessage::ERROR,
-                       !(isset($GLOBALS['TYPO3_AJAX']) && $GLOBALS['TYPO3_AJAX'] === TRUE)
+                       !$this->isAjaxRequest()
                );
                /** @var $flashMessageService \TYPO3\CMS\Core\Messaging\FlashMessageService */
                $flashMessageService = \TYPO3\CMS\Core\Utility\GeneralUtility::makeInstance(
@@ -136,6 +136,15 @@ class BackendFormProtection extends \TYPO3\CMS\Core\FormProtection\AbstractFormP
        }
 
        /**
+        * Checks if the current request is an Ajax request
+        *
+        * @return bool
+        */
+       protected function isAjaxRequest() {
+               return (bool)(TYPO3_REQUESTTYPE & TYPO3_REQUESTTYPE_AJAX);
+       }
+
+       /**
         * Retrieves the saved session token or generates a new one.
         *
         * @return array<array>
index 40b45fa..7b4f347 100644 (file)
@@ -79,11 +79,11 @@ class FlashMessage extends \TYPO3\CMS\Core\Messaging\AbstractMessage {
        /**
         * Sets the message's storeInSession flag
         *
-        * @param boolean The persistence flag
+        * @param boolean $storeInSession The persistence flag
         * @return void
         */
        public function setStoreInSession($storeInSession) {
-               $this->storeInSession = (bool) $storeInSession;
+               $this->storeInSession = (bool)$storeInSession;
        }
 
        /**
index 81776ee..4847d71 100644 (file)
@@ -55,7 +55,7 @@ class BackendFormProtectionTest extends \TYPO3\CMS\Core\Tests\UnitTestCase {
 
                $this->subject = $this->getAccessibleMock(
                        'TYPO3\\CMS\\Core\\FormProtection\BackendFormProtection',
-                       array('acquireLock', 'releaseLock', 'getLanguageService')
+                       array('acquireLock', 'releaseLock', 'getLanguageService', 'isAjaxRequest')
                );
        }
 
@@ -232,7 +232,7 @@ class BackendFormProtectionTest extends \TYPO3\CMS\Core\Tests\UnitTestCase {
                $languageServiceMock->expects($this->once())->method('sL')->will($this->returnValue('foo'));
                $this->subject->expects($this->once())->method('getLanguageService')->will($this->returnValue($languageServiceMock));
 
-               $GLOBALS['TYPO3_AJAX'] = TRUE;
+               $this->subject->expects($this->any())->method('isAjaxRequest')->will($this->returnValue(TRUE));
                $this->subject->_call('createValidationErrorMessage');
        }