Index: index.php
===================================================================
RCS file: /cvs/drupal/drupal/index.php,v
retrieving revision 1.82
diff -u -F^f -r1.82 index.php
--- index.php 21 Aug 2004 06:42:34 -0000 1.82
+++ index.php 23 Apr 2005 13:23:04 -0000
@@ -14,6 +14,7 @@
include_once 'includes/common.inc';
fix_gpc_magic();
+fix_form();
$status = menu_execute_active_handler();
switch ($status) {
Index: includes/common.inc
===================================================================
RCS file: /cvs/drupal/drupal/includes/common.inc,v
retrieving revision 1.437
diff -u -F^f -r1.437 common.inc
--- includes/common.inc 11 Apr 2005 22:48:27 -0000 1.437
+++ includes/common.inc 23 Apr 2005 13:23:05 -0000
@@ -397,6 +397,23 @@ function _fix_gpc_magic(&$item) {
}
}
+function fix_form() {
+ if (isset($_POST['form_array'])) {
+ foreach ($_POST['form_array'] as $key) {
+ if (!isset($_POST['edit'][$key])) {
+ $_POST['edit'][$key] = array();
+ }
+ }
+ }
+ if (isset($_POST['form_zero'])) {
+ foreach ($_POST['form_zero'] as $key) {
+ if (!isset($_POST['edit'][$key])) {
+ $_POST['edit'][$key] = 0;
+ }
+ }
+ }
+}
+
/**
* Correct double-escaping problems caused by "magic quotes" in some PHP
* installations.
@@ -1112,7 +1129,7 @@ function form_radios($title, $name, $val
foreach ($options as $key => $choice) {
$choices .= '
';
}
- return theme('form_element', $title, $choices, $description, NULL, $required, _form_get_error($name));
+ return form_hidden($name, 1, 'form_array][') . theme('form_element', $title, $choices, $description, NULL, $required, _form_get_error($name));
}
}
@@ -1141,9 +1158,7 @@ function form_checkbox($title, $name, $v
if (!is_null($title)) {
$element = '';
}
- // Note: because unchecked boxes are not included in the POST data, we include
- // a form_hidden() which will be overwritten for a checked box.
- return form_hidden($name, 0) . theme('form_element', NULL, $element, $description, $name, $required, _form_get_error($name));
+ return form_hidden($name, 1, 'form_zero][') . theme('form_element', NULL, $element, $description, $name, $required, _form_get_error($name));
}
/**
@@ -1176,10 +1191,7 @@ function form_checkboxes($title, $name,
foreach ($options as $key => $choice) {
$choices .= '
';
}
- // Note: because unchecked boxes are not included in the POST data, we
- // include a form_hidden() which will be overwritten as soon as there is at
- // least one checked box.
- return form_hidden($name, 0) . theme('form_element', $title, $choices, $description, NULL, $required, _form_get_error($name));
+ return form_hidden($name, 1, 'form_array][') . theme('form_element', $title, $choices, $description, NULL, $required, _form_get_error($name));
}
}
@@ -1317,7 +1329,7 @@ function form_select($title, $name, $val
$select .= '';
}
}
- return theme('form_element', $title, '', $description, 'edit-'. $name, $required, _form_get_error($name));
+ return ($multiple ? form_hidden($name, 1, 'form_array][') : '') . theme('form_element', $title, '', $description, 'edit-'. $name, $required, _form_get_error($name));
}
/**
@@ -1357,8 +1369,8 @@ function form_file($title, $name, $size,
* but be sure to validate the data on the receiving page as it is possible for
* an attacker to change the value before it is submitted.
*/
-function form_hidden($name, $value) {
- return '\n";
+function form_hidden($name, $value, $edit = 'edit') {
+ return '\n";
}
/**