diff options
| -rw-r--r-- | includes/form.inc | 23 |
1 files changed, 20 insertions, 3 deletions
diff --git a/includes/form.inc b/includes/form.inc index 61251f41a..292bc6398 100644 --- a/includes/form.inc +++ b/includes/form.inc @@ -53,11 +53,11 @@ function drupal_get_form($form_id) { // then go on to the one that was requested if everything works. $form_build_id = md5(mt_rand()); - if (isset($_POST['form_build_id']) && isset($_SESSION['form'][$_POST['form_build_id']]) && $_POST['form_id'] == $form_id) { + if (isset($_POST['form_build_id']) && isset($_SESSION['form'][$_POST['form_build_id']]['args']) && $_POST['form_id'] == $form_id) { // There's a previously stored multi-step form. We should handle // IT first. $stored = TRUE; - $args = $_SESSION['form'][$_POST['form_build_id']]; + $args = $_SESSION['form'][$_POST['form_build_id']]['args']; $form = call_user_func_array('drupal_retrieve_form', $args); } else { @@ -67,7 +67,9 @@ function drupal_get_form($form_id) { $args = func_get_args(); $form = call_user_func_array('drupal_retrieve_form', $args); if (isset($form['#multistep']) && $form['#multistep']) { - $_SESSION['form'][$form_build_id] = $args; + // Clean up old multistep form session data. + _drupal_clean_form_sessions(); + $_SESSION['form'][$form_build_id] = array('timestamp' => time(), 'args' => $args); $form['#build_id'] = $form_build_id; } $stored = FALSE; @@ -98,6 +100,21 @@ function drupal_get_form($form_id) { /** + * Remove form information that's at least a day old from the + * $_SESSION['form'] array. + */ +function _drupal_clean_form_sessions() { + if (isset($_SESSION['form'])) { + foreach ($_SESSION['form'] as $build_id => $data) { + if ($data['timestamp'] < (time() - 84600)) { + unset($_SESSION['form'][$build_id]); + } + } + } +} + + +/** * Retrieves a form using a form_id, populates it with $form_values, * processes it, and returns any validation errors encountered. This * function is the programmatic counterpart to drupal_get_form(). |