- Patch #735662 by duellj, tstoeckler: critical bug: hook_form_alter() can easily clobber a text format.

2 files changed, 7 insertions, 6 deletions

diff --git a/modules/block/block.admin.inc b/modules/block/block.admin.inc
index a5187b58e..131b21444 100644
--- a/modules/block/block.admin.inc
+++ b/modules/block/block.admin.inc
@@ -442,9 +442,9 @@ function block_add_block_form_validate($form, &$form_state) {
 function block_add_block_form_submit($form, &$form_state) {
   $delta = db_insert('block_custom')
     ->fields(array(
-      'body' => $form_state['values']['body'],
+      'body' => $form_state['values']['body']['value'],
       'info' => $form_state['values']['info'],
-      'format' => $form_state['values']['format'],
+      'format' => $form_state['values']['body']['format'],
     ))
     ->execute();
   // Store block delta to allow other modules to work with new block.
diff --git a/modules/block/block.module b/modules/block/block.module
index 12b916ad0..3770bb277 100644
--- a/modules/block/block.module
+++ b/modules/block/block.module
@@ -469,8 +469,9 @@ function block_custom_block_form($edit = array()) {
  * @param $edit
  *   Associative array of fields to save. Array keys:
  *   - info: Block description.
- *   - body: Block contents.
- *   - format: Filter ID of the filter format for the body.
+ *   - body: Associative array of body value and format.  Array keys:
+ *     - value: Block contents.
+ *     - format: Filter ID of the filter format for the body.
  * @param $delta
  *   Block ID of the block to save.
  * @return
@@ -479,9 +480,9 @@ function block_custom_block_form($edit = array()) {
 function block_custom_block_save($edit, $delta) {
   db_update('block_custom')
     ->fields(array(
-      'body' => $edit['body'],
+      'body' => $edit['body']['value'],
       'info' => $edit['info'],
-      'format' => $edit['format'],
+      'format' => $edit['body']['format'],
     ))
     ->condition('bid', $delta)
     ->execute();