/** * Render the a hidden field with a CSRF token * * @return string the CSRF token field */ protected function renderCsrfTokenField() { if (!$this->securityContext->isInitialized()) { return ''; } $csrfToken = $this->securityContext->getCsrfProtectionToken(); return '<input type="hidden" name="__csrfToken" value="' . htmlspecialchars($csrfToken) . '" />' . chr(10); }
/** * Render the a hidden field with a CSRF token * * @return string the CSRF token field */ protected function renderCsrfTokenField() { if (strtolower($this->arguments['method']) === 'get') { return ''; } if (!$this->securityContext->isInitialized() || !$this->authenticationManager->isAuthenticated()) { return ''; } $csrfToken = $this->securityContext->getCsrfProtectionToken(); return '<input type="hidden" name="__csrfToken" value="' . htmlspecialchars($csrfToken) . '" />' . chr(10); }
/** * @param string $presetName * @return string */ public function render($presetName = 'default') { $mergedConfiguration = array(); $presetConfiguration = $this->formBuilderFactory->getPresetConfiguration($presetName); $supertypeResolver = new \TYPO3\Form\Utility\SupertypeResolver($presetConfiguration['formElementTypes']); $mergedConfiguration['formElementTypes'] = $supertypeResolver->getCompleteMergedTypeDefinition(TRUE); $mergedConfiguration['formElementGroups'] = isset($presetConfiguration['formElementGroups']) ? $presetConfiguration['formElementGroups'] : array(); $stylesheets = isset($presetConfiguration['stylesheets']) ? $presetConfiguration['stylesheets'] : array(); $mergedConfiguration['stylesheets'] = array(); foreach ($stylesheets as $stylesheet) { if (isset($stylesheet['skipInFormBuilder']) && $stylesheet['skipInFormBuilder'] === TRUE) { continue; } $mergedConfiguration['stylesheets'][] = $this->resolveResourcePath($stylesheet['source']); } $javaScripts = isset($presetConfiguration['javaScripts']) ? $presetConfiguration['javaScripts'] : array(); $mergedConfiguration['javaScripts'] = array(); foreach ($javaScripts as $javaScript) { if (isset($javaScript['skipInFormBuilder']) && $javaScript['skipInFormBuilder'] === TRUE) { continue; } $mergedConfiguration['javaScripts'][] = $this->resolveResourcePath($javaScript['source']); } $mergedConfiguration['endpoints']['formPageRenderer'] = $this->controllerContext->getUriBuilder()->uriFor('renderformpage'); $mergedConfiguration['endpoints']['loadForm'] = $this->controllerContext->getUriBuilder()->uriFor('loadform'); $mergedConfiguration['endpoints']['saveForm'] = $this->controllerContext->getUriBuilder()->uriFor('saveform'); $mergedConfiguration['endpoints']['editForm'] = $this->controllerContext->getUriBuilder()->uriFor('index'); $mergedConfiguration['endpoints']['previewForm'] = $this->controllerContext->getUriBuilder()->uriFor('show', array(), 'FormManager'); $mergedConfiguration['csrfToken'] = $this->securityContext->getCsrfProtectionToken(); $mergedConfiguration['formPersistenceIdentifier'] = $this->controllerContext->getArguments()->getArgument('formPersistenceIdentifier')->getValue(); $mergedConfiguration['presetName'] = $presetName; $availablePresets = array(); foreach ($this->formBuilderFactory->getPresetNames() as $presetName) { $presetConfiguration = $this->formBuilderFactory->getPresetConfiguration($presetName); $availablePresets[] = array('name' => $presetName, 'title' => isset($presetConfiguration['title']) ? $presetConfiguration['title'] : $presetName); } $mergedConfiguration['availablePresets'] = $availablePresets; return json_encode($mergedConfiguration); }
/** * Creates an entity as an array that you can submit as if you used a form * * @param string $argumentName the name * @param Object $persistedEntity the Entity that you'd like to create this argument from * @param array $customProperties the properties to set if wished * @param array $additionalTrustedProperties more properties to be trusted * @return array the argument you can then submit */ public function getSubmitArgumentsForPersistedEntity($argumentName, $persistedEntity, $customProperties = array(), $additionalTrustedProperties = array()) { $arguments = array($argumentName => $this->getIdentityArgumentFromPersistedEntity($persistedEntity)); $propertyNamesForMappingService = array($argumentName . '[__identity]') + $additionalTrustedProperties; // set the properties foreach ($customProperties as $propertyName => $propertyValue) { $arguments[$argumentName][$propertyName] = $propertyValue; $propertyNamesForMappingService[] = $argumentName . '[' . $propertyName . ']'; } $propertyNamesForMappingService[] = ''; // add __trustedProperties $arguments['__trustedProperties'] = $this->mvcPropertyMappingConfigurationService->generateTrustedPropertiesToken($propertyNamesForMappingService, ''); // add __csrfToken $arguments['__csrfToken'] = $this->securityContext->getCsrfProtectionToken(); return $arguments; }
/** * @return string */ public function render() { return $this->securityContext->getCsrfProtectionToken(); }