Index: index.php
===================================================================
RCS file: /cvs/drupal/drupal/index.php,v
retrieving revision 1.82
diff -u -F^f -r1.82 index.php
--- index.php 21 Aug 2004 06:42:34 -0000 1.82
+++ index.php 24 Apr 2005 09:11:31 -0000
@@ -14,6 +14,7 @@
include_once 'includes/common.inc';
fix_gpc_magic();
+fix_form();
$status = menu_execute_active_handler();
switch ($status) {
Index: includes/common.inc
===================================================================
RCS file: /cvs/drupal/drupal/includes/common.inc,v
retrieving revision 1.437
diff -u -F^f -r1.437 common.inc
--- includes/common.inc 11 Apr 2005 22:48:27 -0000 1.437
+++ includes/common.inc 24 Apr 2005 09:11:31 -0000
@@ -397,6 +397,32 @@ function _fix_gpc_magic(&$item) {
}
}
+function fix_form() {
+ if (isset($_POST['form_array'])) {
+ $_POST['edit'] = _fix_form($_POST['edit'], $_POST['form_array'], array());
+ }
+ if (isset($_POST['form_zero'])) {
+ $_POST['edit'] = _fix_form($_POST['edit'], $_POST['form_zero'], 0);
+ }
+}
+
+function _fix_form($array1, $array2, $value) {
+ if (is_array($array2) && count($array2)) {
+ foreach ($array2 as $k => $v) {
+ if (is_array($v) && count($v)) {
+ $array1[$k] = _fix_form($array1[$k], $v, $value);
+ }
+ else if (!isset($array1[$k])) {
+ $array1[$k] = $value;
+ }
+ }
+ }
+ else {
+ $array1 = $value;
+ }
+ return $array1;
+}
+
/**
* Correct double-escaping problems caused by "magic quotes" in some PHP
* installations.
@@ -1112,7 +1138,7 @@ function form_radios($title, $name, $val
foreach ($options as $key => $choice) {
$choices .= '
';
}
- return theme('form_element', $title, $choices, $description, NULL, $required, _form_get_error($name));
+ return form_hidden($name, 1, 'form_array') . theme('form_element', $title, $choices, $description, NULL, $required, _form_get_error($name));
}
}
@@ -1141,9 +1167,7 @@ function form_checkbox($title, $name, $v
if (!is_null($title)) {
$element = '';
}
- // Note: because unchecked boxes are not included in the POST data, we include
- // a form_hidden() which will be overwritten for a checked box.
- return form_hidden($name, 0) . theme('form_element', NULL, $element, $description, $name, $required, _form_get_error($name));
+ return form_hidden($name, 1, 'form_zero') . theme('form_element', NULL, $element, $description, $name, $required, _form_get_error($name));
}
/**
@@ -1176,10 +1200,7 @@ function form_checkboxes($title, $name,
foreach ($options as $key => $choice) {
$choices .= '
';
}
- // Note: because unchecked boxes are not included in the POST data, we
- // include a form_hidden() which will be overwritten as soon as there is at
- // least one checked box.
- return form_hidden($name, 0) . theme('form_element', $title, $choices, $description, NULL, $required, _form_get_error($name));
+ return form_hidden($name, 1, 'form_array') . theme('form_element', $title, $choices, $description, NULL, $required, _form_get_error($name));
}
}
@@ -1317,7 +1338,7 @@ function form_select($title, $name, $val
$select .= '';
}
}
- return theme('form_element', $title, '', $description, 'edit-'. $name, $required, _form_get_error($name));
+ return ($multiple ? form_hidden($name, 1, 'form_array') : '') . theme('form_element', $title, '', $description, 'edit-'. $name, $required, _form_get_error($name));
}
/**
@@ -1357,8 +1378,8 @@ function form_file($title, $name, $size,
* but be sure to validate the data on the receiving page as it is possible for
* an attacker to change the value before it is submitted.
*/
-function form_hidden($name, $value) {
- return '\n";
+function form_hidden($name, $value, $edit = 'edit') {
+ return '\n";
}
/**