2 namespace TYPO3\CMS\Core\ExtDirect;
38 $rawPostData = file_get_contents(
'php://input');
41 $extResponse = array();
43 $isValidRequest =
true;
44 if (!empty($postParameters[
'extAction'])) {
46 $isUpload = $postParameters[
'extUpload'] ===
'true';
47 $extRequest = new \stdClass();
48 $extRequest->action = $postParameters[
'extAction'];
49 $extRequest->method = $postParameters[
'extMethod'];
50 $extRequest->tid = $postParameters[
'extTID'];
51 unset($_POST[
'securityToken']);
52 $extRequest->data = array($_POST + $_FILES);
53 $extRequest->data[] = $postParameters[
'securityToken'];
54 }
elseif (!empty($rawPostData)) {
55 $extRequest = json_decode($rawPostData);
57 $extResponse[] = array(
58 'type' =>
'exception',
59 'message' =>
'Something went wrong with an ExtDirect call!',
62 $isValidRequest =
false;
64 if (!is_array($extRequest)) {
65 $extRequest = array($extRequest);
67 if ($isValidRequest) {
70 foreach ($extRequest as $index => $singleRequest) {
71 $extResponse[$index] = array(
72 'tid' => $singleRequest->tid,
73 'action' => $singleRequest->action,
74 'method' => $singleRequest->method
76 $token = array_pop($singleRequest->data);
79 $formprotection = \TYPO3\CMS\Core\FormProtection\FormProtectionFactory::get();
80 $validToken = $formprotection->validateToken($token,
'extDirect');
84 throw new \TYPO3\CMS\Core\FormProtection\Exception(
'ExtDirect: Invalid Security Token!');
86 $extResponse[$index][
'type'] =
'rpc';
87 $extResponse[$index][
'result'] = $this->
processRpc($singleRequest, $namespace);
88 $extResponse[$index][
'debug'] =
$GLOBALS[
'error']->toString();
90 $extResponse[$index][
'type'] =
'exception';
91 $extResponse[$index][
'message'] = $exception->getMessage();
92 $extResponse[$index][
'code'] =
'router';
96 if ($isForm && $isUpload) {
97 $extResponse = json_encode($extResponse);
98 $extResponse = preg_replace(
'/"/',
'\\"', $extResponse);
100 '<html><body><textarea>' . $extResponse .
'</textarea></body></html>'
103 $extResponse = json_encode($extResponse);
105 $response->
getBody()->write($extResponse);
121 $endpointName = $namespace .
'.' . $singleRequest->action;
122 if (!isset(
$GLOBALS[
'TYPO3_CONF_VARS'][
'SC_OPTIONS'][
'ExtDirect'][$endpointName])) {
123 throw new \UnexpectedValueException(
'ExtDirect: Call to undefined endpoint: ' . $endpointName, 1294586450);
125 if (is_array(
$GLOBALS[
'TYPO3_CONF_VARS'][
'SC_OPTIONS'][
'ExtDirect'][$endpointName])) {
126 if (!isset(
$GLOBALS[
'TYPO3_CONF_VARS'][
'SC_OPTIONS'][
'ExtDirect'][$endpointName][
'callbackClass'])) {
127 throw new \UnexpectedValueException(
'ExtDirect: Call to undefined endpoint: ' . $endpointName, 1294586451);
129 $callbackClass =
$GLOBALS[
'TYPO3_CONF_VARS'][
'SC_OPTIONS'][
'ExtDirect'][$endpointName][
'callbackClass'];
130 $configuration =
$GLOBALS[
'TYPO3_CONF_VARS'][
'SC_OPTIONS'][
'ExtDirect'][$endpointName];
131 if (!is_null($configuration[
'moduleName']) && !is_null($configuration[
'accessLevel'])) {
132 $GLOBALS[
'BE_USER']->modAccess(array(
133 'name' => $configuration[
'moduleName'],
134 'access' => $configuration[
'accessLevel']
139 return call_user_func_array(array($endpointObject, $singleRequest->method), is_array($singleRequest->data) ? $singleRequest->data : array());