I'm using TYPO3 11.3.3 for my server and i need a PHP Script, that can read and check the typo3_fe cookie. Are there any solutions? I can't use an extension and I have to keep it simple.
What exactly should the PHP script do apart from reading the cookie?
You can use a TypoScript condition to check if the cookie is present:
[request.getCookieParams()['foo'] == 1]
See the documentation for details.
The only way would be a content object USER. Check out the documentation.
Example
page = PAGE
page.10 = USER_INT
page.10 {
userFunc = Vendor\ExtensionName\ExampleTime->printTime
}
However the doc also states
The property includeLibs has been removed in TYPO3 8.0. In earlier
versions the userFunc classes were sometimes stored in fileadmin/ -
this is no longer possible out of the box and not recommended.
For the best result you should always, without exception, place your
class files in an extension, define composer class loading for this
extension and add this extension as a dependency of your project.
Then, your classes will load without issues when you refer to them by
their class name.
Cookies are being sent along with the request. With that being said, the best way to check for the cookies is Middlewares. With the middlewares you can check for the sent cookies and evaluate them with your script.
Here is the documentation about middlewares.
This might be helpful as well https://stackoverflow.com/a/63951593/7162477
Best regards
Related
I'm providing an eID page as an REST interface. Now I want to protect this page with an API key or similar. How can this be achieved in Typo3 8.7?
Actually it looks like this can only be done by logging in via frontend (FE) or backend (BE) and check the login status in the eID controller class.
For TYPO3 v8, you should check out the EXT:restler extension instead of using eID.
eID is meant for calls where you have to do basically everything on your own.
For TYPO3 v9, the PSR-15 middleware concept allows to individually build custom REST APIs and integrations with other solutions like SlimPHP: https://github.com/b13/slimphp-bridge
You can expect a given URL-paramter, maybe even as a post param.
Put your eID-page-configuration (typoscript) in a condition requesting this paramter to be set. Otherwise genate an error-page.
If you want to handle multiple keys (maybe from a database table) you could use a userfunc for conditions.
If you want to handle a login in the call you need to initialize more from the TYPO3 frontend. then identify the paramters from the login form (some are hidden) and provide them. AFAIK POST and GEt paramaters work.
I worked with older TYPO3 versions (< v9)
I am not able to fetch the logged in backend user in my frontend extension.
In earlier TYPO3 versions I was able to do that.
Now when I logged in in TYPO3 backend and ask for it now it won't work anymore.
My approach is:
$context = \TYPO3\CMS\Core\Utility\GeneralUtility::makeInstance(\TYPO3\CMS\Core\Context\Context::class);
$be_username = $context->getPropertyFromAspect('backend.user', 'username');
I am getting an empty string. I know that backend user might be not available for FE.
But I need to check on him.
Thank you for any suggestions.
If you want to find out if a Backend user is currently logged in, then the code is exactly right (you don't even need to check on the username).
$context = \TYPO3\CMS\Core\Utility\GeneralUtility::makeInstance(\TYPO3\CMS\Core\Context\Context::class);
$isLoggedIn = $context->getPropertyFromAspect('backend.user', 'isLoggedIn');
However, if you do this in your extension in a Plugin, that is cacheable ("USER" cObject, or a "non-cacheable action" in an Extbase Plugin), this information could be cached, which can lead to serious! sideffects.
In general, you should only check for a backend user in Frontend-related events, PSR-15 middlewares or hooks from TSFE, not in plugins/cObjects etc. unless you really know what you are doing.
All the best,
Benni-
I am using version 8.7 of TYPO3 and intended to use a link that leads directly to the backend to edit a record (page). I tried anything like typo3/backend.php?edit=57 but got a error:
file not found
typo3/backend.php?edit=57 was the way to do it up until TYPO3 6.2, but the backend URL changed to typo3/index.php in TYPO3 7.6. It still works kind of, however you need a security token which is generated by the core. The URL now is typo3/index.php?route=%2Fmain&edit=57&token=.... There isn't really an easy way to generate URL with a valid token like that from outside TYPO3 though.
If you want to create a link inside a custom module to edit a record you can use \TYPO3\CMS\Backend\Utility\BackendUtility::editOnClick() or if you're using a Fluid template, the \TYPO3\CMS\Backend\ViewHelpers\Link\EditRecordViewHelper ViewHelper. More on that you can find here: https://docs.typo3.org/typo3cms/CoreApiReference/8.7/ApiOverview/Examples/EditLinks/
Using the extension pxa_siteimprove deep links are of the following form:
https://example.com/typo3/index.php?tx_siteimprove_goto=page:{page_uid}:{language_uid}
The parameter language_uid is optional. An example link to a page with uid 42 looks like this:
https://example.com/typo3/index.php?tx_siteimprove_goto=page:42
Optionally we can include a language uid (e.g. 1). Without a language uid set it defaults to 0:
https://example.com/typo3/index.php?tx_siteimprove_goto=page:42:1
If you want to create deep links for other purposes, you can look how this extension creates the deep link in Pixelant\PxaSiteimprove\Hooks\DeepLinkingHandler. In a first hook it just saves the page uid to the backend user session and in a later hook reuses this information to redirect to the desired page by setting the following global variable:
$GLOBALS['BE_USER']->uc['startModuleOnFirstLogin'] = 'web_layout->id=' . (int)$pageId . '&SET[language]=' . (int)$languageId;
I try to write a service module, that fetches userdata from a webservice. I found this tutorial, but it shows the 'old' way of building extensions. Is it possible to write a extbase-extension like this? How it should look like?
Extbase ("the new way") is about MVC, not about auth services, thus this tutorial is still valid.
Claus Due (an Extbase specialist) wrote an auth extension, maybe you want to study his code: https://github.com/NamelessCoder/google_auth
I have a toy facebook app I'm playing with so I can understand how it all works. It's fine if you go the the app like this: http://apps.facebook.com/pushup-challenge/ (and connect it). But if you then go to it from your facebook page, FB uses the URL http://apps.facebook.com/pushup-challenge/?ref=bookmarks.
In my log file, I see that FB is POSTing the data and including the /?ref=bookmarks to it's call to my codeigniter system. This is causing it to either say "invalid URI parameters" or give me a 404, depending on if I've edited the system/core/URI.php file to add rawurlencode() to a particular call.
I've tried using mod_rewrite to get rid of the query_string, too, but since it's POSTing, it doesn't appear to be working (though I'm not exactly sure why).
Has anyone else run into this? How did you fix it?
Thanks in advance,
Hans
try $config['uri_protocol'] = “PATH_INFO”; and set enable_query_strings = TRUE
or
set
$config['permitted_uri_chars'] = 'a-z 0-9~%.:_\-?=';
in config.php
Because it isn't calling your file by name (just ?ref=bookmarks) the server runs thru the standard default files: index.htm, index.html, index.asp. Because you need to accept a POST, you need a server that allows POSTs to htm & html if you choose to use those. Index.asp will accept POSTs on most servers, and that works for me.
SOLUTION: Add a file (index.asp), that calls the real app that you named in the App settings.