adulau/cakephp2-php8
1
0
Fork 0
mirror of https://github.com/kamilwylegala/cakephp2-php8.git synced 2025-01-19 02:56:15 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Making FormHelper clear fields on create() as well as end() this ensures that GET forms don't leak fields. Fixes #571

Browse source
This commit is contained in:
mark_story 2010-06-12 22:50:09 -04:00
parent d1651db9a8
commit 50144d6b5b
2 changed files with 12 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
cake/libs/view/helpers/form.php
View file

@ -306,6 +306,7 @@ class FormHelper extends AppHelper {
unset($options['default']);
$htmlAttributes = array_merge($options, $htmlAttributes);
$this->fields = array();
if (isset($this->params['_Token']) && !empty($this->params['_Token'])) {
$append .= $this->hidden('_Token.key', array(
'value' => $this->params['_Token']['key'], 'id' => 'Token' . mt_rand())

11
cake/tests/cases/libs/view/helpers/form.test.php
View file

@ -751,6 +751,17 @@ class FormHelperTest extends CakeTestCase {
$this->assertTags($result, $expected);
}
/**
* test that create() clears the fields property so it starts fresh
*
* @return void
*/
function testCreateClearingFields() {
$this->Form->fields = array('model_id');
$this->Form->create('Contact');
$this->assertEqual($this->Form->fields, array());
}
/**
* Tests form hash generation with model-less data
*