diff options
| author | Neil Drumm <drumm@3064.no-reply.drupal.org> | 2006-03-05 02:46:55 +0000 |
|---|---|---|
| committer | Neil Drumm <drumm@3064.no-reply.drupal.org> | 2006-03-05 02:46:55 +0000 |
| commit | 4b663a62af7d8d7437428c7cc192fd3013e4e3f8 (patch) | |
| tree | fe1cb04ea325f8bdd89085aae6cfba14e03c6444 | |
| parent | d797819821900ca328345b5a186ee5859789e654 (diff) | |
| download | brdo-4b663a62af7d8d7437428c7cc192fd3013e4e3f8.tar.gz brdo-4b663a62af7d8d7437428c7cc192fd3013e4e3f8.tar.bz2 | |
#52484 by chx: filter_form needs validation
| -rw-r--r-- | includes/form.inc | 52 | ||||
| -rw-r--r-- | modules/filter.module | 11 | ||||
| -rw-r--r-- | modules/filter/filter.module | 11 |
3 files changed, 49 insertions, 25 deletions
diff --git a/includes/form.inc b/includes/form.inc index 26f32e58d..086152496 100644 --- a/includes/form.inc +++ b/includes/form.inc @@ -170,34 +170,36 @@ function drupal_submit_form($form_id, $form, $callback = NULL) { function _form_validate($elements, $form_id = NULL) { /* Validate the current input */ - if (!$elements['#validated'] && ($elements['#input'] || isset($form_id))) { - // An empty textfield returns '' so we use empty(). An empty checkbox - // and a textfield could return '0' and empty('0') returns TRUE so we - // need a special check for the '0' string. - if ($elements['#required'] && empty($elements['#value']) && $elements['#value'] !== '0') { - form_error($elements, t('%name field is required.', array('%name' => $elements['#title']))); - } - - // Add legal choice check if element has #options. Can be skipped, but then you must validate your own element. - if (isset($elements['#options']) && isset($elements['#value']) && !isset($elements['#DANGEROUS_SKIP_CHECK'])) { - if ($elements['#type'] == 'select') { - $options = form_options_flatten($elements['#options']); + if (!$elements['#validated']) { + if ($elements['#input'] || isset($form_id)) { + // An empty textfield returns '' so we use empty(). An empty checkbox + // and a textfield could return '0' and empty('0') returns TRUE so we + // need a special check for the '0' string. + if ($elements['#required'] && empty($elements['#value']) && $elements['#value'] !== '0') { + form_error($elements, t('%name field is required.', array('%name' => $elements['#title']))); } - else { - $options = $elements['#options']; - } - if (is_array($elements['#value'])) { - $value = $elements['#type'] == 'checkboxes' ? array_keys(array_filter($elements['#value'])) : $elements['#value']; - foreach ($value as $v) { - if (!isset($options[$v])) { - form_error($elements, t('An illegal choice has been detected. Please contact the site administrator.')); - watchdog('form', t('Illegal choice %choice in %name element.', array('%choice' => theme('placeholder', check_plain($v)), '%name' => theme_placeholder(empty($elements['#title']) ? $elements['#parents'][0] : $elements['#title'])), WATCHDOG_ERROR)); + + // Add legal choice check if element has #options. Can be skipped, but then you must validate your own element. + if (isset($elements['#options']) && isset($elements['#value']) && !isset($elements['#DANGEROUS_SKIP_CHECK'])) { + if ($elements['#type'] == 'select') { + $options = form_options_flatten($elements['#options']); + } + else { + $options = $elements['#options']; + } + if (is_array($elements['#value'])) { + $value = $elements['#type'] == 'checkboxes' ? array_keys(array_filter($elements['#value'])) : $elements['#value']; + foreach ($value as $v) { + if (!isset($options[$v])) { + form_error($elements, t('An illegal choice has been detected. Please contact the site administrator.')); + watchdog('form', t('Illegal choice %choice in %name element.', array('%choice' => theme('placeholder', check_plain($v)), '%name' => theme_placeholder(empty($elements['#title']) ? $elements['#parents'][0] : $elements['#title'])), WATCHDOG_ERROR)); + } } } - } - elseif (!isset($options[$elements['#value']])) { - form_error($elements, t('An illegal choice has been detected. Please contact the site administrator.')); - watchdog('form', t('Illegal choice %choice in %name element.', array('%choice' => theme_placeholder(check_plain($v)), '%name' => theme('placeholder', empty($elements['#title']) ? $elements['#parents'][0] : $elements['#title'])), WATCHDOG_ERROR)); + elseif (!isset($options[$elements['#value']])) { + form_error($elements, t('An illegal choice has been detected. Please contact the site administrator.')); + watchdog('form', t('Illegal choice %choice in %name element.', array('%choice' => theme_placeholder(check_plain($v)), '%name' => theme('placeholder', empty($elements['#title']) ? $elements['#parents'][0] : $elements['#title'])), WATCHDOG_ERROR)); + } } } diff --git a/modules/filter.module b/modules/filter.module index 40f53dbd0..e7df3c8fd 100644 --- a/modules/filter.module +++ b/modules/filter.module @@ -802,6 +802,7 @@ function filter_form($value = FILTER_FORMAT_DEFAULT, $weight = NULL, $parents = '#collapsible' => TRUE, '#collapsed' => TRUE, '#weight' => $weight, + '#validate' => array('filter_form_validate' => array()), ); // Multiple formats available: display radio buttons with tips. foreach ($formats as $format) { @@ -829,6 +830,16 @@ function filter_form($value = FILTER_FORMAT_DEFAULT, $weight = NULL, $parents = return $form; } +function filter_form_validate($form) { + foreach (element_children($form) as $key) { + if ($form[$key]['#value'] == $form[$key]['#return_value']) { + return; + } + } + form_error($form, t('An illegal choice has been detected. Please contact the site administrator.')); + watchdog('form', t('Illegal choice %choice in %name element.', array('%choice' => theme('placeholder', check_plain($v)), '%name' => theme_placeholder(empty($form['#title']) ? $form['#parents'][0] : $form['#title'])), WATCHDOG_ERROR)); +} + /** * Returns true if the user is allowed to access this format. */ diff --git a/modules/filter/filter.module b/modules/filter/filter.module index 40f53dbd0..e7df3c8fd 100644 --- a/modules/filter/filter.module +++ b/modules/filter/filter.module @@ -802,6 +802,7 @@ function filter_form($value = FILTER_FORMAT_DEFAULT, $weight = NULL, $parents = '#collapsible' => TRUE, '#collapsed' => TRUE, '#weight' => $weight, + '#validate' => array('filter_form_validate' => array()), ); // Multiple formats available: display radio buttons with tips. foreach ($formats as $format) { @@ -829,6 +830,16 @@ function filter_form($value = FILTER_FORMAT_DEFAULT, $weight = NULL, $parents = return $form; } +function filter_form_validate($form) { + foreach (element_children($form) as $key) { + if ($form[$key]['#value'] == $form[$key]['#return_value']) { + return; + } + } + form_error($form, t('An illegal choice has been detected. Please contact the site administrator.')); + watchdog('form', t('Illegal choice %choice in %name element.', array('%choice' => theme('placeholder', check_plain($v)), '%name' => theme_placeholder(empty($form['#title']) ? $form['#parents'][0] : $form['#title'])), WATCHDOG_ERROR)); +} + /** * Returns true if the user is allowed to access this format. */ |