diff options
| author | Gábor Hojtsy <gabor@hojtsy.hu> | 2007-11-09 22:14:41 +0000 |
|---|---|---|
| committer | Gábor Hojtsy <gabor@hojtsy.hu> | 2007-11-09 22:14:41 +0000 |
| commit | a42a9d3efd6b705ad4d53f347348779114666332 (patch) | |
| tree | acf45e186ceda210ecce073c053e9849d7c35943 /includes | |
| parent | 0ff81a7e1393073edc8944a8c9389524625d77c9 (diff) | |
| download | brdo-a42a9d3efd6b705ad4d53f347348779114666332.tar.gz brdo-a42a9d3efd6b705ad4d53f347348779114666332.tar.bz2 | |
#178608 by chx: convert menu overview page to a form to overcome any CSRF vulnerabilities
Diffstat (limited to 'includes')
| -rw-r--r-- | includes/menu.inc | 19 |
1 files changed, 10 insertions, 9 deletions
diff --git a/includes/menu.inc b/includes/menu.inc index ac835c243..1fb8b972d 100644 --- a/includes/menu.inc +++ b/includes/menu.inc @@ -838,7 +838,6 @@ function menu_tree_page_data($menu_name = 'navigation') { * Recursive helper function - collect node links. */ function menu_tree_collect_node_links(&$tree, &$node_links) { - foreach ($tree as $key => $v) { if ($tree[$key]['link']['router_path'] == 'node/%') { $nid = substr($tree[$key]['link']['link_path'], 5); @@ -911,7 +910,6 @@ function _menu_tree_check_access(&$tree) { * See menu_tree_page_data for a description of the data structure. */ function menu_tree_data($result = NULL, $parents = array(), $depth = 1) { - list(, $tree) = _menu_tree_data($result, $parents, $depth); return $tree; } @@ -930,16 +928,19 @@ function _menu_tree_data($result, $parents, $depth, $previous_element = '') { // We need to determine if we're on the path to root so we can later build // the correct active trail and breadcrumb. $item['in_active_trail'] = in_array($item['mlid'], $parents); - - $index = $previous_element ? ($previous_element['mlid']) : ''; // The current item is the first in a new submenu. if ($item['depth'] > $depth) { // _menu_tree returns an item and the menu tree structure. list($item, $below) = _menu_tree_data($result, $parents, $item['depth'], $item); - $tree[$index] = array( - 'link' => $previous_element, - 'below' => $below, - ); + if ($previous_element) { + $tree[$previous_element['mlid']] = array( + 'link' => $previous_element, + 'below' => $below, + ); + } + else { + $tree = $below; + } // We need to fall back one level. if (!isset($item) || $item['depth'] < $depth) { return array($item, $tree); @@ -951,7 +952,7 @@ function _menu_tree_data($result, $parents, $depth, $previous_element = '') { elseif ($item['depth'] == $depth) { if ($previous_element) { // Only the first time. - $tree[$index] = array( + $tree[$previous_element['mlid']] = array( 'link' => $previous_element, 'below' => FALSE, ); |