diff options
| author | Gábor Hojtsy <gabor@hojtsy.hu> | 2007-10-11 09:22:39 +0000 |
|---|---|---|
| committer | Gábor Hojtsy <gabor@hojtsy.hu> | 2007-10-11 09:22:39 +0000 |
| commit | 3fb218cb7e89e28422f79fe7394f18821e1c9d2a (patch) | |
| tree | 4c1306b0d0a49f0df9cc760dba36b7437aa22b9a | |
| parent | 8cf6fefe54f47e792cfd92c917c2c41d4523da7b (diff) | |
| download | brdo-3fb218cb7e89e28422f79fe7394f18821e1c9d2a.tar.gz brdo-3fb218cb7e89e28422f79fe7394f18821e1c9d2a.tar.bz2 | |
#182310 by chx: remove #DANGEROUS_SKIP_CHECK, as with the AHAH functionality now we have safer methods to add things in the cached form for validation, so we don't need this security hole possibility kept anymore.
| -rw-r--r-- | includes/form.inc | 4 |
1 files changed, 1 insertions, 3 deletions
diff --git a/includes/form.inc b/includes/form.inc index 87a0a762d..786390ab5 100644 --- a/includes/form.inc +++ b/includes/form.inc @@ -567,9 +567,7 @@ function _form_validate($elements, &$form_state, $form_id = NULL) { form_error($elements, t('!name cannot be longer than %max characters but is currently %length characters long.', array('!name' => empty($elements['#title']) ? $elements['#parents'][0] : $elements['#title'], '%max' => $elements['#maxlength'], '%length' => drupal_strlen($elements['#value'])))); } - // Add legal choice check if element has #options. Can be skipped, but - // then you must validate your own element. - if (isset($elements['#options']) && isset($elements['#value']) && !isset($elements['#DANGEROUS_SKIP_CHECK'])) { + if (isset($elements['#options']) && isset($elements['#value'])) { if ($elements['#type'] == 'select') { $options = form_options_flatten($elements['#options']); } |