diff options
| author | Dries Buytaert <dries@buytaert.net> | 2009-11-28 14:39:31 +0000 |
|---|---|---|
| committer | Dries Buytaert <dries@buytaert.net> | 2009-11-28 14:39:31 +0000 |
| commit | b6084826787b316595307d1dbbd6876508a60d28 (patch) | |
| tree | 9d6688cc03f771f6b3982c41cc5832edd6f1fd00 /includes/form.inc | |
| parent | 0ba214f9436a3893c9e0a57f7caad56d07300f2f (diff) | |
| download | brdo-b6084826787b316595307d1dbbd6876508a60d28.tar.gz brdo-b6084826787b316595307d1dbbd6876508a60d28.tar.bz2 | |
- Patch #642702 by sun: form validation handlers cannot alter structure.
Diffstat (limited to 'includes/form.inc')
| -rw-r--r-- | includes/form.inc | 12 |
1 files changed, 9 insertions, 3 deletions
diff --git a/includes/form.inc b/includes/form.inc index 04be2cba9..113c0b00b 100644 --- a/includes/form.inc +++ b/includes/form.inc @@ -726,7 +726,13 @@ function drupal_prepare_form($form_id, &$form, &$form_state) { * A unique string identifying the form for validation, submission, * theming, and hook_form_alter functions. * @param $form - * An associative array containing the structure of the form. + * An associative array containing the structure of the form, which is passed + * by reference. Form validation handlers are able to alter the form structure + * (like #process and #after_build callbacks during form building) in case of + * a validation error. If a validation handler alters the form structure, it + * is responsible for validating the values of changed form elements in + * $form_state['values'] to prevent form submit handlers from receiving + * unvalidated values. * @param $form_state * A keyed array containing the current state of the form. The current * user-submitted data is stored in $form_state['values'], though @@ -738,7 +744,7 @@ function drupal_prepare_form($form_id, &$form, &$form_state) { * web service requests, or other expensive requests that should * not be repeated in the submission step. */ -function drupal_validate_form($form_id, $form, &$form_state) { +function drupal_validate_form($form_id, &$form, &$form_state) { $validated_forms = &drupal_static(__FUNCTION__, array()); if (isset($validated_forms[$form_id]) && empty($form_state['must_validate'])) { @@ -846,7 +852,7 @@ function drupal_redirect_form($form_state) { * A unique string identifying the form for validation, submission, * theming, and hook_form_alter functions. */ -function _form_validate($elements, &$form_state, $form_id = NULL) { +function _form_validate(&$elements, &$form_state, $form_id = NULL) { // Also used in the installer, pre-database setup. $t = get_t(); |