•  15-10-2022
  •  | 
  •  

Question

I'm trying to modify the

'Token Interceptor' system plugin

by joomunited.com

The original plugin redirects on encountering an invalid token error using register_shutdown_function.

I'm trying to get it to:

  1. Log the user out if they are logged in
  2. Redirect to the login page with the invalid token message

Code:

$app = JFactory::getApplication();
if (!JFactory::getUser()->guest)
{
    $app->logout();
}
$app->redirect('/index.php', JText::_('JINVALID_TOKEN'), 'warning');

I can successfully log the user out and redirect to the login page but the error message is not being displayed.

How can I retain the message after logging the user out?

i've also tried:

$app->enqueueMessage(JText::_('JINVALID_TOKEN'), 'warning');

but that didn't work either...

Was it helpful?

Solution

The solution I came up with was a variation of Alonzo Turner's 2nd post here.

The plugin redirects to the login page with a parameter passed in the url. The onAfterInitialise event then looks for this parameter and displays a message if it's found.

class PlgSystemTokeninterceptor extends JPlugin
{

    public function __construct(&$subject, $config = array())
    {
        parent::__construct($subject, $config);
        $app = JFactory::getApplication();

        if (($app->isSite() && $this->params->get('use_frontend')) || ($app->isAdmin() && $this->params->get('use_backend'))) 
        {
            register_shutdown_function(array($this,'redirectToLogin'));
        }

    }

    public function redirectToLogin()
    {
        $content = ob_get_contents();

        if($content == JText::_('JINVALID_TOKEN') || $content == 'Invalid Token')
        {
            $app = JFactory::getApplication();

            if (!JFactory::getUser()->guest)
            {
                $app->logout();
            }

            $app->redirect(JURI::base().'index.php?invalid_token=true');

            return false;   
        }
    }

    function onAfterInitialise()
    {
        $app = JFactory::getApplication();
        $invalid_token = $app->input->get('invalid_token', 'false');

        if ($invalid_token == 'true')
        {
            $app->enqueueMessage(JText::_('JINVALID_TOKEN'), 'warning');
        }

        return true;
    }

}

OTHER TIPS

When you logout you destroy the session so you are not going to have the message any more.

This will get you a message on redirect.

$this->redirect = JUri::base() . 'index.php?option=com_users&view=login';    
if (!JFactory::getUser()->guest && $app->input->getCmd('option') != 'com_users')

{
    $app->enqueueMessage('message', 'warning');
    //$app->logout();
    $app->redirect($this->redirect);

}

This will not because the session is destroyed

$this->redirect = JUri::base() . 'index.php?option=com_users&view=login';    
if (!JFactory::getUser()->guest && $app->input->getCmd('option') != 'com_users')

{
    $app->enqueueMessage('message', 'warning');
    $app->logout();
    $app->redirect($this->redirect);

}

Not tested but

$app->logout()
echo '<div class="">'. JText::_('whatever you want') . '</div>'; 
$module = JModuleHelper::getModule('login');
$output = JModuleHelper::renderModule($module);

Something like that

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top