diff options
| -rw-r--r-- | includes/form.inc | 65 | ||||
| -rw-r--r-- | modules/simpletest/tests/form.test | 49 | ||||
| -rw-r--r-- | modules/simpletest/tests/form_test.module | 32 | ||||
| -rw-r--r-- | modules/system/system.module | 2 | ||||
| -rw-r--r-- | modules/user/user.module | 3 | ||||
| -rw-r--r-- | modules/user/user.pages.inc | 3 |
6 files changed, 143 insertions, 11 deletions
diff --git a/includes/form.inc b/includes/form.inc index 96a182f64..20b3230b9 100644 --- a/includes/form.inc +++ b/includes/form.inc @@ -1107,14 +1107,6 @@ function form_builder($form_id, $element, &$form_state) { // Internet Explorer button-click scenario. _form_builder_ie_cleanup($element, $form_state); - // We should keep the buttons array until the IE clean up function - // has recognized the submit button so the form has been marked - // as submitted. If we already know which button was submitted, - // we don't need the array. - if (!empty($form_state['submitted'])) { - unset($form_state['buttons']); - } - // If some callback set #cache, we need to flip a flag so later it // can be found. if (!empty($element['#cache'])) { @@ -1291,6 +1283,63 @@ function _form_builder_ie_cleanup($form, &$form_state) { } /** + * Removes internal Form API elements and buttons from submitted form values. + * + * This function can be used when a module wants to store all submitted form + * values, for example, by serializing them into a single database column. In + * such cases, all internal Form API values and all form button elements should + * not be contained, and this function allows to remove them before the module + * proceeds to storage. Next to button elements, the following internal values + * are removed: + * - form_id + * - form_token + * - form_build_id + * - op + * + * @param &$form_state + * A keyed array containing the current state of the form, including + * submitted form values; altered by reference. + */ +function form_state_values_clean(&$form_state) { + // Remove internal Form API values. + unset($form_state['values']['form_id'], $form_state['values']['form_token'], $form_state['values']['form_build_id'], $form_state['values']['op']); + + // Remove button values. + // form_builder() collects all button elements in a form, keyed by button + // type. We remove the button value separately for each button element. + foreach ($form_state['buttons'] as $button_type => $buttons) { + foreach ($buttons as $button) { + // Remove this button's value from the submitted form values by finding + // the value corresponding to this button. + // We iterate over the #parents of this button and move a reference to + // each parent in $form_state['values']. For example, if #parents is: + // array('foo', 'bar', 'baz') + // then the corresponding $form_state['values'] part will look like this: + // array( + // 'foo' => array( + // 'bar' => array( + // 'baz' => 'button_value', + // ), + // ), + // ) + // We start by (re)moving 'baz' to $last_parent, so we are able unset it + // at the end of the iteration. Initially, $values will contain a + // reference to $form_state['values'], but in the iteration we move the + // reference to $form_state['values']['foo'], and finally to + // $form_state['values']['foo']['bar'], which is the level where we can + // unset 'baz' (that is stored in $last_parent). + $parents = $button['#parents']; + $values = &$form_state['values']; + $last_parent = array_pop($parents); + foreach ($parents as $parent) { + $values = &$values[$parent]; + } + unset($values[$last_parent]); + } + } +} + +/** * Helper function to determine the value for an image button form element. * * @param $form diff --git a/modules/simpletest/tests/form.test b/modules/simpletest/tests/form.test index fb922ec8c..f6dbb85b8 100644 --- a/modules/simpletest/tests/form.test +++ b/modules/simpletest/tests/form.test @@ -463,3 +463,52 @@ class FormsFormWrapperTestCase extends DrupalWebTestCase { } } +/** + * Test $form_state clearance. + */ +class FormStateValuesCleanTestCase extends DrupalWebTestCase { + public static function getInfo() { + return array( + 'name' => 'Form state values clearance', + 'description' => 'Test proper removal of submitted form values using form_state_values_clean().', + 'group' => 'Form API', + ); + } + + function setUp() { + parent::setUp('form_test'); + } + + /** + * Tests form_state_values_clean(). + */ + function testFormStateValuesClean() { + $this->drupalPost('form_test/form-state-values-clean', array(), t('Submit')); + $values = json_decode($this->content, TRUE); + + // Setup the expected result. + $result = array( + 'beer' => 1000, + 'baz' => array('beer' => 2000), + ); + + // Verify that all internal Form API elements were removed. + $this->assertFalse(isset($values['form_id']), t('%element was removed.', array('%element' => 'form_id'))); + $this->assertFalse(isset($values['form_token']), t('%element was removed.', array('%element' => 'form_token'))); + $this->assertFalse(isset($values['form_build_id']), t('%element was removed.', array('%element' => 'form_build_id'))); + $this->assertFalse(isset($values['op']), t('%element was removed.', array('%element' => 'op'))); + + // Verify that all buttons were removed. + $this->assertFalse(isset($values['foo']), t('%element was removed.', array('%element' => 'foo'))); + $this->assertFalse(isset($values['bar']), t('%element was removed.', array('%element' => 'bar'))); + $this->assertFalse(isset($values['baz']['foo']), t('%element was removed.', array('%element' => 'foo'))); + $this->assertFalse(isset($values['baz']['baz']), t('%element was removed.', array('%element' => 'baz'))); + + // Verify that nested form value still exists. + $this->assertTrue(isset($values['baz']['beer']), t('Nested form value still exists.')); + + // Verify that actual form values equal resulting form values. + $this->assertEqual($values, $result, t('Expected form values equal actual form values.')); + } +} + diff --git a/modules/simpletest/tests/form_test.module b/modules/simpletest/tests/form_test.module index ee47b4f14..a502e8e8a 100644 --- a/modules/simpletest/tests/form_test.module +++ b/modules/simpletest/tests/form_test.module @@ -62,6 +62,14 @@ function form_test_menu() { 'type' => MENU_CALLBACK, ); + $items['form_test/form-state-values-clean'] = array( + 'title' => 'Form state values clearance test', + 'page callback' => 'drupal_get_form', + 'page arguments' => array('form_test_form_state_values_clean_form'), + 'access arguments' => array('access content'), + 'type' => MENU_CALLBACK, + ); + return $items; } @@ -361,3 +369,27 @@ function form_test_wrapper_callback_form($form, &$form_state) { return $form; } +/** + * Form builder for form_state_values_clean() test. + */ +function form_test_form_state_values_clean_form($form, &$form_state) { + // Build an example form containing multiple submit and button elements; not + // only on the top-level. + $form = array('#tree' => TRUE); + $form['foo'] = array('#type' => 'submit', '#value' => t('Submit')); + $form['bar'] = array('#type' => 'submit', '#value' => t('Submit')); + $form['beer'] = array('#type' => 'value', '#value' => 1000); + $form['baz']['foo'] = array('#type' => 'button', '#value' => t('Submit')); + $form['baz']['baz'] = array('#type' => 'submit', '#value' => t('Submit')); + $form['baz']['beer'] = array('#type' => 'value', '#value' => 2000); + return $form; +} + +/** + * Form submit handler for form_state_values_clean() test form. + */ +function form_test_form_state_values_clean_form_submit($form, &$form_state) { + form_state_values_clean($form_state); + drupal_json_output($form_state['values']); + exit; +} diff --git a/modules/system/system.module b/modules/system/system.module index a4c1ff883..a6278b485 100644 --- a/modules/system/system.module +++ b/modules/system/system.module @@ -2332,7 +2332,7 @@ function system_settings_form($form, $automatic_defaults = TRUE) { */ function system_settings_form_submit($form, &$form_state) { // Exclude unnecessary elements. - unset($form_state['values']['submit'], $form_state['values']['reset'], $form_state['values']['form_id'], $form_state['values']['op'], $form_state['values']['form_token'], $form_state['values']['form_build_id']); + form_state_values_clean($form_state); foreach ($form_state['values'] as $key => $value) { if (is_array($value) && isset($form_state['values']['array_filter'])) { diff --git a/modules/user/user.module b/modules/user/user.module index 3a0dded2a..2d400f54c 100644 --- a/modules/user/user.module +++ b/modules/user/user.module @@ -3116,7 +3116,8 @@ function user_register_submit($form, &$form_state) { // The unset below is needed to prevent these form values from being saved as // user data. - unset($form_state['values']['form_token'], $form_state['values']['submit'], $form_state['values']['op'], $form_state['values']['notify'], $form_state['values']['form_id'], $form_state['values']['affiliates'], $form_state['values']['destination'], $form_state['values']['form_build_id']); + form_state_values_clean($form_state); + unset($form_state['values']['notify']); $form_state['values']['pass'] = $pass; $form_state['values']['init'] = $form_state['values']['mail']; diff --git a/modules/user/user.pages.inc b/modules/user/user.pages.inc index fc88e395a..1f94e421d 100644 --- a/modules/user/user.pages.inc +++ b/modules/user/user.pages.inc @@ -269,7 +269,8 @@ function user_profile_form_validate($form, &$form_state) { function user_profile_form_submit($form, &$form_state) { $account = $form['#user']; $category = $form['#user_category']; - unset($form_state['values']['op'], $form_state['values']['submit'], $form_state['values']['cancel'], $form_state['values']['form_token'], $form_state['values']['form_id'], $form_state['values']['form_build_id']); + // Remove unneeded values. + form_state_values_clean($form_state); $edit = (object)$form_state['values']; field_attach_submit('user', $edit, $form, $form_state); |