From 98963b343cc3f21dcc16825c1a0d2673534ad516 Mon Sep 17 00:00:00 2001 From: Ben Edmunds Date: Sat, 20 Aug 2011 14:17:16 -0500 Subject: Resolved issue 65 - made action on form_open_multipart helper function call optional --- system/helpers/form_helper.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index 47f93e748..d9305c00b 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -94,7 +94,7 @@ if ( ! function_exists('form_open')) */ if ( ! function_exists('form_open_multipart')) { - function form_open_multipart($action, $attributes = array(), $hidden = array()) + function form_open_multipart($action = '', $attributes = array(), $hidden = array()) { if (is_string($attributes)) { -- cgit v1.2.3-24-g4f1b From 8cc0cfe1ab1e10aad71d14e0b43e05444c00693d Mon Sep 17 00:00:00 2001 From: freewil Date: Sat, 27 Aug 2011 21:53:00 -0400 Subject: always use charset config item --- system/helpers/form_helper.php | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index d9305c00b..130daee6a 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -642,11 +642,8 @@ if ( ! function_exists('form_prep')) { return $str; } - - $str = htmlspecialchars($str); - - // In case htmlspecialchars misses these. - $str = str_replace(array("'", '"'), array("'", """), $str); + + $str = html_escape($str); if ($field_name != '') { -- cgit v1.2.3-24-g4f1b From f4a4bd8fac188ebc9cda822ffc811c218fd92b45 Mon Sep 17 00:00:00 2001 From: Derek Jones Date: Thu, 20 Oct 2011 12:18:42 -0500 Subject: adding new license file (OSL 3.0) and updating readme to ReST added notice of license to all source files. OSL to all except the few files we ship inside of the application folder, those are AFL. Updated license in user guide. incrementing next dev version to 3.0 due to licensing change --- system/helpers/form_helper.php | 20 ++++++++++++++++---- 1 file changed, 16 insertions(+), 4 deletions(-) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index 130daee6a..0f02bcf75 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -4,10 +4,22 @@ * * An open source application development framework for PHP 5.1.6 or newer * + * NOTICE OF LICENSE + * + * Licensed under the Open Software License version 3.0 + * + * This source file is subject to the Open Software License (OSL 3.0) that is + * bundled with this package in the files license.txt / license.rst. It is + * also available through the world wide web at this URL: + * http://opensource.org/licenses/OSL-3.0 + * If you did not receive a copy of the license and are unable to obtain it + * through the world wide web, please send an email to + * licensing@ellislab.com so we can send you a copy immediately. + * * @package CodeIgniter - * @author ExpressionEngine Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. - * @license http://codeigniter.com/user_guide/license.html + * @author EllisLab Dev Team + * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 * @filesource @@ -21,7 +33,7 @@ * @package CodeIgniter * @subpackage Helpers * @category Helpers - * @author ExpressionEngine Dev Team + * @author EllisLab Dev Team * @link http://codeigniter.com/user_guide/helpers/form_helper.html */ -- cgit v1.2.3-24-g4f1b From 79c1c46c4c99ca143a1231f7fd6b845f7276e1fd Mon Sep 17 00:00:00 2001 From: Joel Kallman Date: Sun, 18 Dec 2011 19:25:45 -0500 Subject: Makes form open properly when empty array of parameters is passed Signed-off-by: Joel Kallman --- system/helpers/form_helper.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index 0f02bcf75..347e8be90 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -1000,7 +1000,7 @@ if ( ! function_exists('_attributes_to_string')) $attributes = (array)$attributes; } - if (is_array($attributes) AND count($attributes) > 0) + if (is_array($attributes) AND ($formtag === TRUE OR count($attributes) > 0)) { $atts = ''; -- cgit v1.2.3-24-g4f1b From 0defe5d33ee2633f377a109519ca818becc60f64 Mon Sep 17 00:00:00 2001 From: Greg Aker Date: Sun, 1 Jan 2012 18:46:41 -0600 Subject: Updating copyright date to 2012 --- system/helpers/form_helper.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index 347e8be90..3a7f8fe3e 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -18,7 +18,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2012, EllisLab, Inc. (http://ellislab.com/) * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 -- cgit v1.2.3-24-g4f1b From 8bf6bb654da32626e9c3a4e40f9ca7ea464a9e19 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 6 Jan 2012 16:11:04 +0200 Subject: Improve email, file & form helpers --- system/helpers/form_helper.php | 74 ++++++++++++++---------------------------- 1 file changed, 25 insertions(+), 49 deletions(-) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index 3a7f8fe3e..bed2cb297 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -1,13 +1,13 @@ -config->site_url($CI->uri->uri_string()); - $form = '
\n"; - $form .= '>'; - - // Add CSRF field if enabled, but leave it out for GET requests and requests to external websites - if ($CI->config->item('csrf_protection') === TRUE AND ! (strpos($action, $CI->config->site_url()) === FALSE OR strpos($form, 'method="get"'))) + // Add CSRF field if enabled, but leave it out for GET requests and requests to external websites + if ($CI->config->item('csrf_protection') === TRUE AND ! (strpos($action, $CI->config->site_url()) === FALSE OR strpos($form, 'method="get"'))) { $hidden[$CI->security->get_csrf_token_name()] = $CI->security->get_csrf_hash(); } @@ -156,7 +152,7 @@ if ( ! function_exists('form_hidden')) if ( ! is_array($value)) { - $form .= ''."\n"; + $form .= '\n"; } else { @@ -188,7 +184,7 @@ if ( ! function_exists('form_input')) { $defaults = array('type' => 'text', 'name' => (( ! is_array($data)) ? $data : ''), 'value' => $value); - return ""; + return '\n"; } } @@ -274,7 +270,7 @@ if ( ! function_exists('form_textarea')) } $name = (is_array($data)) ? $data['name'] : $data; - return ""; + return '\n"; } } @@ -325,13 +321,9 @@ if ( ! function_exists('form_dropdown')) } // If no selected state was submitted we will attempt to set it automatically - if (count($selected) === 0) + if (count($selected) === 0 && isset($_POST[$name])) { - // If the form name appears in the $_POST array we have a winner! - if (isset($_POST[$name])) - { - $selected = array($_POST[$name]); - } + $selected = array($_POST[$name]); } if ($extra != '') $extra = ' '.$extra; @@ -346,12 +338,11 @@ if ( ! function_exists('form_dropdown')) if (is_array($val) && ! empty($val)) { - $form .= ''."\n"; + $form .= '\n"; foreach ($val as $optgroup_key => $optgroup_val) { $sel = (in_array($optgroup_key, $selected)) ? ' selected="selected"' : ''; - $form .= '\n"; } @@ -359,13 +350,11 @@ if ( ! function_exists('form_dropdown')) } else { - $sel = (in_array($key, $selected)) ? ' selected="selected"' : ''; - - $form .= '\n"; + $form .= '\n"; } } - $form .= ''; + $form .= "\n"; return $form; } @@ -412,7 +401,7 @@ if ( ! function_exists('form_checkbox')) unset($defaults['checked']); } - return ""; + return '\n"; } } @@ -458,8 +447,7 @@ if ( ! function_exists('form_submit')) function form_submit($data = '', $value = '', $extra = '') { $defaults = array('type' => 'submit', 'name' => (( ! is_array($data)) ? $data : ''), 'value' => $value); - - return ""; + return '\n"; } } @@ -479,8 +467,7 @@ if ( ! function_exists('form_reset')) function form_reset($data = '', $value = '', $extra = '') { $defaults = array('type' => 'reset', 'name' => (( ! is_array($data)) ? $data : ''), 'value' => $value); - - return ""; + return '\n"; } } @@ -500,14 +487,13 @@ if ( ! function_exists('form_button')) function form_button($data = '', $content = '', $extra = '') { $defaults = array('name' => (( ! is_array($data)) ? $data : ''), 'type' => 'button'); - if ( is_array($data) AND isset($data['content'])) { $content = $data['content']; unset($data['content']); // content is not an attribute } - return ""; + return '\n"; } } @@ -542,9 +528,7 @@ if ( ! function_exists('form_label')) } } - $label .= ">$label_text"; - - return $label; + return $label .= ">$label_text"; } } @@ -564,12 +548,7 @@ if ( ! function_exists('form_fieldset')) { function form_fieldset($legend_text = '', $attributes = array()) { - $fieldset = "\n"; if ($legend_text != '') { $fieldset .= "$legend_text\n"; @@ -654,15 +633,13 @@ if ( ! function_exists('form_prep')) { return $str; } - - $str = html_escape($str); if ($field_name != '') { $prepped_fields[$field_name] = $field_name; } - return $str; + return html_escape($str); } } @@ -992,7 +969,7 @@ if ( ! function_exists('_attributes_to_string')) $attributes .= ' accept-charset="'.strtolower(config_item('charset')).'"'; } - return ' '.$attributes; + return ' '.$attributes; } if (is_object($attributes) AND count($attributes) > 0) @@ -1043,21 +1020,20 @@ if ( ! function_exists('_get_validation_object')) // We set this as a variable since we're returning by reference. $return = FALSE; - + if (FALSE !== ($object = $CI->load->is_loaded('form_validation'))) { if ( ! isset($CI->$object) OR ! is_object($CI->$object)) { return $return; } - + return $CI->$object; } - + return $return; } } - /* End of file form_helper.php */ /* Location: ./system/helpers/form_helper.php */ -- cgit v1.2.3-24-g4f1b From f8f04ce990a46f1967cd58def4929c476f4595a5 Mon Sep 17 00:00:00 2001 From: Phil Sturgeon Date: Sun, 4 Mar 2012 14:21:12 +0000 Subject: Fixed conflicts. --- system/helpers/form_helper.php | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index bed2cb297..6efef2324 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -22,7 +22,6 @@ * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 - * @filesource */ // ------------------------------------------------------------------------ @@ -72,8 +71,8 @@ if ( ! function_exists('form_open')) $form = '\n"; - // Add CSRF field if enabled, but leave it out for GET requests and requests to external websites - if ($CI->config->item('csrf_protection') === TRUE AND ! (strpos($action, $CI->config->site_url()) === FALSE OR strpos($form, 'method="get"'))) + // Add CSRF field if enabled, but leave it out for GET requests and requests to external websites + if ($CI->config->item('csrf_protection') === TRUE AND ! (strpos($action, $CI->config->base_url()) === FALSE OR strpos($form, 'method="get"'))) { $hidden[$CI->security->get_csrf_token_name()] = $CI->security->get_csrf_hash(); } -- cgit v1.2.3-24-g4f1b From 07c1ac830b4e98aa40f48baef3dd05fb68c0a836 Mon Sep 17 00:00:00 2001 From: Phil Sturgeon Date: Fri, 9 Mar 2012 17:03:37 +0000 Subject: Bumped CodeIgniter's PHP requirement to 5.2.4. Yes I know PHP 5.4 just came out, and yes I know PHP 5.3 has lovely features, but there are plenty of corporate systems running on CodeIgniter and PHP 5.3 still is not widely supported enough. CodeIgniter is great for distributed applications, and this is the highest we can reasonably go without breaking support. PHP 5.3 will most likely happen in another year or so. Fingers crossed on that one anyway... --- system/helpers/form_helper.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index 6efef2324..4da07f283 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -2,7 +2,7 @@ /** * CodeIgniter * - * An open source application development framework for PHP 5.1.6 or newer + * An open source application development framework for PHP 5.2.4 or newer * * NOTICE OF LICENSE * -- cgit v1.2.3-24-g4f1b From 0ba29f5aa019b9c4a002fbecacf6ed33f3b68a3d Mon Sep 17 00:00:00 2001 From: nihaopaul Date: Mon, 12 Mar 2012 16:46:58 +0800 Subject: form_dropdown() will now also take an array for unity with other form helpers. --- system/helpers/form_helper.php | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index 4da07f283..9610cee98 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -314,6 +314,23 @@ if ( ! function_exists('form_dropdown')) { function form_dropdown($name = '', $options = array(), $selected = array(), $extra = '') { + // If name is really an array then we'll call the function again using the array + if ( is_array($name) ) { + if ( ! isset($name['options'])) + { + $name['selected'] = false; + } + if ( ! isset($name['selected'])) + { + $name['selected'] = false; + } + if ( ! isset($name['extra'])) + { + $name['extra'] = false; + } + return form_dropdown($name['name'], $name['options'], $name['selected'], $name['extra']); + } + if ( ! is_array($selected)) { $selected = array($selected); -- cgit v1.2.3-24-g4f1b From ca5cabc29483921dba05343cd30734980b696fd1 Mon Sep 17 00:00:00 2001 From: nihaopaul Date: Mon, 12 Mar 2012 16:54:04 +0800 Subject: form_dropdown() will now also take an array for unity with other form helpers., codestyle cleanup only --- system/helpers/form_helper.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index 9610cee98..efe5dbce1 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -315,7 +315,8 @@ if ( ! function_exists('form_dropdown')) function form_dropdown($name = '', $options = array(), $selected = array(), $extra = '') { // If name is really an array then we'll call the function again using the array - if ( is_array($name) ) { + if (is_array($name)) + { if ( ! isset($name['options'])) { $name['selected'] = false; -- cgit v1.2.3-24-g4f1b From 10ecad5238fe1a408e9ecbe6ed3b37c4f3d33863 Mon Sep 17 00:00:00 2001 From: nihaopaul Date: Mon, 12 Mar 2012 16:54:17 +0800 Subject: form_dropdown() will now also take an array for unity with other form helpers., codestyle cleanup only --- system/helpers/form_helper.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index efe5dbce1..ab3a12961 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -315,7 +315,7 @@ if ( ! function_exists('form_dropdown')) function form_dropdown($name = '', $options = array(), $selected = array(), $extra = '') { // If name is really an array then we'll call the function again using the array - if (is_array($name)) + if (is_array($name)) { if ( ! isset($name['options'])) { -- cgit v1.2.3-24-g4f1b From 4252f8d2e72ed25883682e4a7e2c7a221a743dc8 Mon Sep 17 00:00:00 2001 From: nihaopaul Date: Mon, 12 Mar 2012 16:57:44 +0800 Subject: form_dropdown() will now also take an array for unity with other form helpers., false => FALSE and the options check fixed --- system/helpers/form_helper.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index ab3a12961..8ccab99a2 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -319,15 +319,15 @@ if ( ! function_exists('form_dropdown')) { if ( ! isset($name['options'])) { - $name['selected'] = false; + $name['options'] = FALSE; } if ( ! isset($name['selected'])) { - $name['selected'] = false; + $name['selected'] = FALSE; } if ( ! isset($name['extra'])) { - $name['extra'] = false; + $name['extra'] = FALSE; } return form_dropdown($name['name'], $name['options'], $name['selected'], $name['extra']); } -- cgit v1.2.3-24-g4f1b From 8abb67c6a941ea87156f2afe976724ae1cf88c03 Mon Sep 17 00:00:00 2001 From: nihaopaul Date: Mon, 12 Mar 2012 17:00:32 +0800 Subject: code readability improvements --- system/helpers/form_helper.php | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index 8ccab99a2..82a4b9f57 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -317,18 +317,22 @@ if ( ! function_exists('form_dropdown')) // If name is really an array then we'll call the function again using the array if (is_array($name)) { + if ( ! isset($name['options'])) { $name['options'] = FALSE; - } + } + if ( ! isset($name['selected'])) { $name['selected'] = FALSE; } + if ( ! isset($name['extra'])) { $name['extra'] = FALSE; } + return form_dropdown($name['name'], $name['options'], $name['selected'], $name['extra']); } -- cgit v1.2.3-24-g4f1b From b6a84432400736bb7f7b835739b1ffff252f92cd Mon Sep 17 00:00:00 2001 From: nihaopaul Date: Mon, 12 Mar 2012 17:06:42 +0800 Subject: test if isset(['name']) is actually set instead of assuming it to be --- system/helpers/form_helper.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index 82a4b9f57..df28d88eb 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -315,7 +315,7 @@ if ( ! function_exists('form_dropdown')) function form_dropdown($name = '', $options = array(), $selected = array(), $extra = '') { // If name is really an array then we'll call the function again using the array - if (is_array($name)) + if (is_array($name) && isset($name['name'])) { if ( ! isset($name['options'])) -- cgit v1.2.3-24-g4f1b From 08631577a008b0d7544c6092652f6140885298a5 Mon Sep 17 00:00:00 2001 From: nihaopaul Date: Mon, 12 Mar 2012 17:18:57 +0800 Subject: defaults for the function --- system/helpers/form_helper.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index df28d88eb..37337d975 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -320,17 +320,17 @@ if ( ! function_exists('form_dropdown')) if ( ! isset($name['options'])) { - $name['options'] = FALSE; + $name['options'] = array(); } if ( ! isset($name['selected'])) { - $name['selected'] = FALSE; + $name['selected'] = array(); } if ( ! isset($name['extra'])) { - $name['extra'] = FALSE; + $name['extra'] = ''; } return form_dropdown($name['name'], $name['options'], $name['selected'], $name['extra']); -- cgit v1.2.3-24-g4f1b From 93a83c720e69d1d363896f6b685d2b7ef475ebbc Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 26 Mar 2012 21:24:02 +0300 Subject: Remove access description lines and cleanup the form helper --- system/helpers/form_helper.php | 161 ++++++++++++++--------------------------- 1 file changed, 56 insertions(+), 105 deletions(-) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index 37337d975..ada822860 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -24,8 +24,6 @@ * @since Version 1.0 */ -// ------------------------------------------------------------------------ - /** * CodeIgniter Form Helpers * @@ -43,7 +41,6 @@ * * Creates the opening portion of the form. * - * @access public * @param string the URI segments of the form destination * @param array a key/value pair of attributes * @param array a key/value pair hidden data @@ -71,15 +68,15 @@ if ( ! function_exists('form_open')) $form = '\n"; - // Add CSRF field if enabled, but leave it out for GET requests and requests to external websites - if ($CI->config->item('csrf_protection') === TRUE AND ! (strpos($action, $CI->config->base_url()) === FALSE OR strpos($form, 'method="get"'))) + // Add CSRF field if enabled, but leave it out for GET requests and requests to external websites + if ($CI->config->item('csrf_protection') === TRUE && ! (strpos($action, $CI->config->base_url()) === FALSE OR strpos($form, 'method="get"'))) { $hidden[$CI->security->get_csrf_token_name()] = $CI->security->get_csrf_hash(); } - if (is_array($hidden) AND count($hidden) > 0) + if (is_array($hidden) && count($hidden) > 0) { - $form .= sprintf("
%s
", form_hidden($hidden)); + $form .= sprintf('
%s
', form_hidden($hidden)); } return $form; @@ -93,7 +90,6 @@ if ( ! function_exists('form_open')) * * Creates the opening portion of the form, but with "multipart/form-data". * - * @access public * @param string the URI segments of the form destination * @param array a key/value pair of attributes * @param array a key/value pair hidden data @@ -121,10 +117,9 @@ if ( ! function_exists('form_open_multipart')) /** * Hidden Input Field * - * Generates hidden fields. You can pass a simple key/value string or an associative - * array with multiple values. + * Generates hidden fields. You can pass a simple key/value string or + * an associative array with multiple values. * - * @access public * @param mixed * @param string * @return string @@ -157,7 +152,7 @@ if ( ! function_exists('form_hidden')) { foreach ($value as $k => $v) { - $k = (is_int($k)) ? '' : $k; + $k = is_int($k) ? '' : $k; form_hidden($name.'['.$k.']', $v, TRUE); } } @@ -171,7 +166,6 @@ if ( ! function_exists('form_hidden')) /** * Text Input Field * - * @access public * @param mixed * @param string * @param string @@ -181,7 +175,7 @@ if ( ! function_exists('form_input')) { function form_input($data = '', $value = '', $extra = '') { - $defaults = array('type' => 'text', 'name' => (( ! is_array($data)) ? $data : ''), 'value' => $value); + $defaults = array('type' => 'text', 'name' => ( ! is_array($data) ? $data : ''), 'value' => $value); return '\n"; } @@ -194,7 +188,6 @@ if ( ! function_exists('form_input')) * * Identical to the input function but adds the "password" type * - * @access public * @param mixed * @param string * @param string @@ -221,7 +214,6 @@ if ( ! function_exists('form_password')) * * Identical to the input function but adds the "file" type * - * @access public * @param mixed * @param string * @param string @@ -246,7 +238,6 @@ if ( ! function_exists('form_upload')) /** * Textarea field * - * @access public * @param mixed * @param string * @param string @@ -256,7 +247,7 @@ if ( ! function_exists('form_textarea')) { function form_textarea($data = '', $value = '', $extra = '') { - $defaults = array('name' => (( ! is_array($data)) ? $data : ''), 'cols' => '40', 'rows' => '10'); + $defaults = array('name' => ( ! is_array($data) ? $data : ''), 'cols' => '40', 'rows' => '10'); if ( ! is_array($data) OR ! isset($data['value'])) { @@ -268,7 +259,7 @@ if ( ! function_exists('form_textarea')) unset($data['value']); // textareas don't use the value attribute } - $name = (is_array($data)) ? $data['name'] : $data; + $name = is_array($data) ? $data['name'] : $data; return '\n"; } } @@ -278,12 +269,11 @@ if ( ! function_exists('form_textarea')) /** * Multi-select menu * - * @access public * @param string * @param array * @param mixed * @param string - * @return type + * @return string */ if ( ! function_exists('form_multiselect')) { @@ -303,7 +293,6 @@ if ( ! function_exists('form_multiselect')) /** * Drop-down Menu * - * @access public * @param string * @param array * @param string @@ -314,28 +303,16 @@ if ( ! function_exists('form_dropdown')) { function form_dropdown($name = '', $options = array(), $selected = array(), $extra = '') { - // If name is really an array then we'll call the function again using the array - if (is_array($name) && isset($name['name'])) - { - - if ( ! isset($name['options'])) - { - $name['options'] = array(); - } - - if ( ! isset($name['selected'])) - { - $name['selected'] = array(); - } - - if ( ! isset($name['extra'])) - { - $name['extra'] = ''; - } - - return form_dropdown($name['name'], $name['options'], $name['selected'], $name['extra']); - } - + // If name is really an array then we'll call the function again using the array + if (is_array($name) && isset($name['name'])) + { + isset($name['options']) OR $name['options'] = array(); + isset($name['selected']) OR $name['selected'] = array(); + isset($name['extra']) OR $name['extra'] = array(); + + return form_dropdown($name['name'], $name['options'], $name['selected'], $name['extra']); + } + if ( ! is_array($selected)) { $selected = array($selected); @@ -363,11 +340,11 @@ if ( ! function_exists('form_dropdown')) foreach ($val as $optgroup_key => $optgroup_val) { - $sel = (in_array($optgroup_key, $selected)) ? ' selected="selected"' : ''; + $sel = in_array($optgroup_key, $selected) ? ' selected="selected"' : ''; $form .= '\n"; } - $form .= ''."\n"; + $form .= "\n"; } else { @@ -375,9 +352,7 @@ if ( ! function_exists('form_dropdown')) } } - $form .= "\n"; - - return $form; + return $form."\n"; } } @@ -386,7 +361,6 @@ if ( ! function_exists('form_dropdown')) /** * Checkbox Field * - * @access public * @param mixed * @param string * @param bool @@ -397,9 +371,9 @@ if ( ! function_exists('form_checkbox')) { function form_checkbox($data = '', $value = '', $checked = FALSE, $extra = '') { - $defaults = array('type' => 'checkbox', 'name' => (( ! is_array($data)) ? $data : ''), 'value' => $value); + $defaults = array('type' => 'checkbox', 'name' => ( ! is_array($data) ? $data : ''), 'value' => $value); - if (is_array($data) AND array_key_exists('checked', $data)) + if (is_array($data) && array_key_exists('checked', $data)) { $checked = $data['checked']; @@ -431,7 +405,6 @@ if ( ! function_exists('form_checkbox')) /** * Radio Button * - * @access public * @param mixed * @param string * @param bool @@ -457,7 +430,6 @@ if ( ! function_exists('form_radio')) /** * Submit Button * - * @access public * @param mixed * @param string * @param string @@ -467,7 +439,7 @@ if ( ! function_exists('form_submit')) { function form_submit($data = '', $value = '', $extra = '') { - $defaults = array('type' => 'submit', 'name' => (( ! is_array($data)) ? $data : ''), 'value' => $value); + $defaults = array('type' => 'submit', 'name' => ( ! is_array($data) ? $data : ''), 'value' => $value); return '\n"; } } @@ -477,7 +449,6 @@ if ( ! function_exists('form_submit')) /** * Reset Button * - * @access public * @param mixed * @param string * @param string @@ -487,7 +458,7 @@ if ( ! function_exists('form_reset')) { function form_reset($data = '', $value = '', $extra = '') { - $defaults = array('type' => 'reset', 'name' => (( ! is_array($data)) ? $data : ''), 'value' => $value); + $defaults = array('type' => 'reset', 'name' => ( ! is_array($data) ? $data : ''), 'value' => $value); return '\n"; } } @@ -497,7 +468,6 @@ if ( ! function_exists('form_reset')) /** * Form Button * - * @access public * @param mixed * @param string * @param string @@ -507,8 +477,8 @@ if ( ! function_exists('form_button')) { function form_button($data = '', $content = '', $extra = '') { - $defaults = array('name' => (( ! is_array($data)) ? $data : ''), 'type' => 'button'); - if ( is_array($data) AND isset($data['content'])) + $defaults = array('name' => ( ! is_array($data) ? $data : ''), 'type' => 'button'); + if (is_array($data) && isset($data['content'])) { $content = $data['content']; unset($data['content']); // content is not an attribute @@ -523,7 +493,6 @@ if ( ! function_exists('form_button')) /** * Form Label Tag * - * @access public * @param string The text to appear onscreen * @param string The id the label applies to * @param string Additional attributes @@ -538,10 +507,10 @@ if ( ! function_exists('form_label')) if ($id != '') { - $label .= " for=\"$id\""; + $label .= ' for="'.$id.'"'; } - if (is_array($attributes) AND count($attributes) > 0) + if (is_array($attributes) && count($attributes) > 0) { foreach ($attributes as $key => $val) { @@ -549,7 +518,7 @@ if ( ! function_exists('form_label')) } } - return $label .= ">$label_text"; + return $label.'>'.$label_text.''; } } @@ -560,7 +529,6 @@ if ( ! function_exists('form_label')) * Used to produce
text. To close fieldset * use form_fieldset_close() * - * @access public * @param string The legend text * @param string Additional attributes * @return string @@ -572,7 +540,7 @@ if ( ! function_exists('form_fieldset')) $fieldset = '\n"; if ($legend_text != '') { - $fieldset .= "$legend_text\n"; + return $fieldset.''.$legend_text."\n"; } return $fieldset; @@ -584,7 +552,6 @@ if ( ! function_exists('form_fieldset')) /** * Fieldset Close Tag * - * @access public * @param string * @return string */ @@ -592,7 +559,7 @@ if ( ! function_exists('form_fieldset_close')) { function form_fieldset_close($extra = '') { - return "
".$extra; + return ''.$extra; } } @@ -601,7 +568,6 @@ if ( ! function_exists('form_fieldset_close')) /** * Form Close Tag * - * @access public * @param string * @return string */ @@ -609,7 +575,7 @@ if ( ! function_exists('form_close')) { function form_close($extra = '') { - return "
".$extra; + return ''.$extra; } } @@ -670,10 +636,9 @@ if ( ! function_exists('form_prep')) * Form Value * * Grabs a value from the POST array for the specified field so you can - * re-populate an input field or textarea. If Form Validation + * re-populate an input field or textarea. If Form Validation * is active it retrieves the info from the validation class * - * @access public * @param string * @return mixed */ @@ -703,7 +668,6 @@ if ( ! function_exists('set_value')) * Let's you set the selected value of a menu via data in the POST array. - * If Form Validation is active it retrieves the info from the validation class - * - * @param string - * @param string - * @param bool - * @return string - */ if ( ! function_exists('set_select')) { + /** + * Set Select + * + * Let's you set the selected value of a \n"; + $form .= '\n"; } else { @@ -263,7 +263,7 @@ if ( ! function_exists('form_textarea')) } $name = is_array($data) ? $data['name'] : $data; - return '\n"; + return '\n"; } } @@ -600,44 +600,15 @@ if ( ! function_exists('form_prep')) * * Formats text so that it can be safely placed in a form field in the event it has HTML tags. * - * @param string - * @param string + * @deprecated 3.0.0 This function has been broken for a long time + * and is now just an alias for html_escape(). It's + * second argument is ignored. + * @param string $str = '' + * @param string $field_name = '' * @return string */ function form_prep($str = '', $field_name = '') { - static $prepped_fields = array(); - - // if the field name is an array we do this recursively - if (is_array($str)) - { - foreach ($str as $key => $val) - { - $str[$key] = form_prep($val); - } - - return $str; - } - - if ($str === '') - { - return ''; - } - - // we've already prepped a field with this name - // @todo need to figure out a way to namespace this so - // that we know the *exact* field and not just one with - // the same name - if (isset($prepped_fields[$field_name])) - { - return $str; - } - - if ($field_name !== '') - { - $prepped_fields[$field_name] = $field_name; - } - return html_escape($str); } } @@ -663,13 +634,13 @@ if ( ! function_exists('set_value')) { if ( ! isset($_POST[$field])) { - return $default; + return html_escape($default); } - return form_prep($_POST[$field], $field); + return html_escape($_POST[$field]); } - return form_prep($OBJ->set_value($field, $default), $field); + return html_escape($OBJ->set_value($field, $default)); } } @@ -919,7 +890,7 @@ if ( ! function_exists('_parse_form_attributes')) { if ($key === 'value') { - $val = form_prep($val, $default['name']); + $val = html_escape($val); } elseif ($key === 'name' && ! strlen($default['name'])) { -- cgit v1.2.3-24-g4f1b From 582ebcb3b7eebd12605804577710cf73f0362001 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 27 Oct 2012 00:52:15 +0300 Subject: Fix #142 --- system/helpers/form_helper.php | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index d81bb7c08..a09cb36dd 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -298,10 +298,10 @@ if ( ! function_exists('form_dropdown')) /** * Drop-down Menu * - * @param string - * @param array - * @param string - * @param string + * @param mixed $name = '' + * @param mixed $options = array() + * @param mixed $selected = array() + * @param mixed $extra = array() * @return string */ function form_dropdown($name = '', $options = array(), $selected = array(), $extra = '') @@ -316,10 +316,7 @@ if ( ! function_exists('form_dropdown')) return form_dropdown($name['name'], $name['options'], $name['selected'], $name['extra']); } - if ( ! is_array($selected)) - { - $selected = array($selected); - } + is_array($selected) OR $selected = array($selected); // If no selected state was submitted we will attempt to set it automatically if (count($selected) === 0 && isset($_POST[$name])) @@ -352,14 +349,17 @@ if ( ! function_exists('form_dropdown')) foreach ($val as $optgroup_key => $optgroup_val) { $sel = in_array($optgroup_key, $selected) ? ' selected="selected"' : ''; - $form .= '\n"; + $form .= '\n"; } $form .= "\n"; } else { - $form .= '\n"; + $form .= '\n"; } } -- cgit v1.2.3-24-g4f1b From 29d909d5d1a14efc2e316650946bf43ddf03f1fd Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 27 Oct 2012 01:05:09 +0300 Subject: [ci skip] Update docblocks for deprecated functions --- system/helpers/form_helper.php | 1 + 1 file changed, 1 insertion(+) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index a09cb36dd..622622c0e 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -600,6 +600,7 @@ if ( ! function_exists('form_prep')) * * Formats text so that it can be safely placed in a form field in the event it has HTML tags. * + * @todo Remove in version 3.1+. * @deprecated 3.0.0 This function has been broken for a long time * and is now just an alias for html_escape(). It's * second argument is ignored. -- cgit v1.2.3-24-g4f1b From 7c4d10660a0a47446474bf97e3cb65f80693f1ee Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 1 Nov 2012 15:14:34 +0200 Subject: Fix issue #1953 (form values being escaped twice) Re-instaing an improved form_prep() function, reverting most of the changes from 74ffd17ab06327ca62ddfe28a186cae7ba6bd459. --- system/helpers/form_helper.php | 83 +++++++++++++++++++++++------------------- 1 file changed, 46 insertions(+), 37 deletions(-) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index 622622c0e..9c4c4dae6 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -124,9 +124,9 @@ if ( ! function_exists('form_hidden')) * Generates hidden fields. You can pass a simple key/value string or * an associative array with multiple values. * - * @param mixed - * @param string - * @param bool + * @param mixed $name Field name + * @param string $value Field value + * @param bool $recursing * @return string */ function form_hidden($name, $value = '', $recursing = FALSE) @@ -149,7 +149,7 @@ if ( ! function_exists('form_hidden')) if ( ! is_array($value)) { - $form .= '\n"; + $form .= '\n"; } else { @@ -243,9 +243,9 @@ if ( ! function_exists('form_textarea')) /** * Textarea field * - * @param mixed - * @param string - * @param string + * @param mixed $data + * @param string $value + * @param string $extra * @return string */ function form_textarea($data = '', $value = '', $extra = '') @@ -263,7 +263,7 @@ if ( ! function_exists('form_textarea')) } $name = is_array($data) ? $data['name'] : $data; - return '\n"; + return '\n"; } } @@ -298,10 +298,10 @@ if ( ! function_exists('form_dropdown')) /** * Drop-down Menu * - * @param mixed $name = '' - * @param mixed $options = array() - * @param mixed $selected = array() - * @param mixed $extra = array() + * @param mixed $name + * @param mixed $options + * @param mixed $selected + * @param mixed $extra * @return string */ function form_dropdown($name = '', $options = array(), $selected = array(), $extra = '') @@ -349,7 +349,7 @@ if ( ! function_exists('form_dropdown')) foreach ($val as $optgroup_key => $optgroup_val) { $sel = in_array($optgroup_key, $selected) ? ' selected="selected"' : ''; - $form .= '\n"; } @@ -357,7 +357,7 @@ if ( ! function_exists('form_dropdown')) } else { - $form .= '\n"; } @@ -600,17 +600,28 @@ if ( ! function_exists('form_prep')) * * Formats text so that it can be safely placed in a form field in the event it has HTML tags. * - * @todo Remove in version 3.1+. - * @deprecated 3.0.0 This function has been broken for a long time - * and is now just an alias for html_escape(). It's - * second argument is ignored. - * @param string $str = '' - * @param string $field_name = '' - * @return string + * @param string|string[] $str Value to escape + * @param bool $is_textarea Whether we're escaping for a textarea element + * @return string|string[] Escaped values */ - function form_prep($str = '', $field_name = '') + function form_prep($str = '', $is_textarea = FALSE) { - return html_escape($str); + if (is_array($str)) + { + foreach (array_keys($str) as $key) + { + $str[$key] = form_prep($str[$key], $is_textarea); + } + + return $str; + } + + if ($is_textarea === TRUE) + { + return str_replace(array('<', '>'), array('<', '>'), stripslashes($str)); + } + + return str_replace(array("'", '"'), array(''', '"'), stripslashes($data)); } } @@ -625,23 +636,21 @@ if ( ! function_exists('set_value')) * re-populate an input field or textarea. If Form Validation * is active it retrieves the info from the validation class * - * @param string - * @param string - * @return mixed + * @param string $field Field name + * @param string $default Default value + * @param bool $is_textarea Whether the field is a textarea element + * @return string */ - function set_value($field = '', $default = '') + function set_value($field = '', $default = '', $is_textarea = FALSE) { if (FALSE === ($OBJ =& _get_validation_object())) { - if ( ! isset($_POST[$field])) - { - return html_escape($default); - } - - return html_escape($_POST[$field]); + return isset($_POST[$field]) + ? form_prep($_POST[$field], $is_textarea) + : form_prep($default, $is_textarea); } - return html_escape($OBJ->set_value($field, $default)); + return form_prep($OBJ->set_value($field, $default), $is_textarea); } } @@ -862,8 +871,8 @@ if ( ! function_exists('_parse_form_attributes')) * * Helper function used by some of the form helpers * - * @param array - * @param array + * @param array $attributes List of attributes + * @param array $default Default values * @return string */ function _parse_form_attributes($attributes, $default) @@ -891,7 +900,7 @@ if ( ! function_exists('_parse_form_attributes')) { if ($key === 'value') { - $val = html_escape($val); + $val = form_prep($val); } elseif ($key === 'name' && ! strlen($default['name'])) { -- cgit v1.2.3-24-g4f1b From 075f6fa31aab069aaa21a4d6f13e3ca850012d05 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 1 Nov 2012 15:18:44 +0200 Subject: Fix an erroneous variable name --- system/helpers/form_helper.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index 9c4c4dae6..2f451b402 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -621,7 +621,7 @@ if ( ! function_exists('form_prep')) return str_replace(array('<', '>'), array('<', '>'), stripslashes($str)); } - return str_replace(array("'", '"'), array(''', '"'), stripslashes($data)); + return str_replace(array("'", '"'), array(''', '"'), stripslashes($str)); } } -- cgit v1.2.3-24-g4f1b From c5536aac5752054f7f76e448d58b86407d8f574e Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 1 Nov 2012 17:33:58 +0200 Subject: Manually apply PR #1594 (fixing phpdoc page-level generation/warnings) Also partially fixes issue #1295, fixes inconsistencies in some page-level docblocks and adds include checks in language files. --- system/helpers/form_helper.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index 2f451b402..e7bea92cc 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -1,4 +1,4 @@ - Date: Mon, 3 Dec 2012 14:37:47 +0200 Subject: [ci skip] Cleaned some spaces --- system/helpers/form_helper.php | 1 - 1 file changed, 1 deletion(-) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index e7bea92cc..c7e6d4933 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -814,7 +814,6 @@ if ( ! function_exists('set_radio')) // ------------------------------------------------------------------------ - if ( ! function_exists('form_error')) { /** -- cgit v1.2.3-24-g4f1b From 80500afbd188600212ca913a7bac073009feac73 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 1 Jan 2013 08:16:53 +0200 Subject: [ci skip] Happy new year --- system/helpers/form_helper.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index c7e6d4933..f343b6c71 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -18,7 +18,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2012, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2013, EllisLab, Inc. (http://ellislab.com/) * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 -- cgit v1.2.3-24-g4f1b From 99ba3a26973848604719db08bbcafbfa82ca087f Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 15 Feb 2013 22:42:22 +0200 Subject: Fix #2247 --- system/helpers/form_helper.php | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index f343b6c71..d6e3e85fa 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -228,13 +228,10 @@ if ( ! function_exists('form_upload')) */ function form_upload($data = '', $value = '', $extra = '') { - if ( ! is_array($data)) - { - $data = array('name' => $data); - } - + $default = array('type' => 'file', 'name' => ''); + is_array($data) OR $data = array('name' => $data); $data['type'] = 'file'; - return form_input($data, $value, $extra); + return '\n"; } } -- cgit v1.2.3-24-g4f1b From 06ddcf05c6861a908a0b3b57c6ba4a05bb82e10a Mon Sep 17 00:00:00 2001 From: Bo-Yi Wu Date: Mon, 18 Feb 2013 08:52:05 +0800 Subject: Fixed form helper variable error Signed-off-by: Bo-Yi Wu --- system/helpers/form_helper.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index d6e3e85fa..692909c79 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -228,7 +228,7 @@ if ( ! function_exists('form_upload')) */ function form_upload($data = '', $value = '', $extra = '') { - $default = array('type' => 'file', 'name' => ''); + $defaults = array('type' => 'file', 'name' => ''); is_array($data) OR $data = array('name' => $data); $data['type'] = 'file'; return '\n"; -- cgit v1.2.3-24-g4f1b From a7447d205296eeead94617f4b66707e336547b51 Mon Sep 17 00:00:00 2001 From: nisheeth-barthwal Date: Thu, 21 Mar 2013 15:48:10 +0530 Subject: Added array notation for keys in Input library --- system/helpers/form_helper.php | 44 +++++++++++++++++++++++++++++++++++++----- 1 file changed, 39 insertions(+), 5 deletions(-) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index 692909c79..d2c22b05c 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -642,14 +642,17 @@ if ( ! function_exists('set_value')) */ function set_value($field = '', $default = '', $is_textarea = FALSE) { - if (FALSE === ($OBJ =& _get_validation_object())) + if (FALSE !== ($OBJ =& _get_validation_object()) && $OBJ->has_rule($field)) + { + return form_prep($OBJ->set_value($field, $default), $is_textarea); + } + + if (FALSE !== ($OBJ =& _get_input_object()) && ($value = $OBJ->post($field, FALSE, TRUE))) { - return isset($_POST[$field]) - ? form_prep($_POST[$field], $is_textarea) - : form_prep($default, $is_textarea); + return form_prep($value, $is_textarea); } - return form_prep($OBJ->set_value($field, $default), $is_textarea); + return form_prep($default, $is_textarea); } } @@ -1004,5 +1007,36 @@ if ( ! function_exists('_get_validation_object')) } } +// ------------------------------------------------------------------------ + +if ( ! function_exists('_get_input_object')) +{ + /** + * Input Object + * + * Fetches the input object + * + * @return mixed + */ + function &_get_input_object() + { + $CI =& get_instance(); + + // We set this as a variable since we're returning by reference. + $return = FALSE; + + if ( ! isset($CI->input) OR ! is_object($CI->input)) + { + return $return; + } + else + { + $return = $CI->input; + } + + return $return; + } +} + /* End of file form_helper.php */ /* Location: ./system/helpers/form_helper.php */ \ No newline at end of file -- cgit v1.2.3-24-g4f1b From e15d1be514dad1df7a3c38d6265566692ecf1260 Mon Sep 17 00:00:00 2001 From: Zach Cardoza Date: Fri, 22 Mar 2013 14:50:39 -0700 Subject: Fixed error in Form Helper textarea function Function had declaration of unused $name variable which caused errors. --- system/helpers/form_helper.php | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index 692909c79..84a3e80cf 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -261,7 +261,6 @@ if ( ! function_exists('form_textarea')) unset($data['value']); // textareas don't use the value attribute } - $name = is_array($data) ? $data['name'] : $data; return '\n"; } } @@ -1005,4 +1004,4 @@ if ( ! function_exists('_get_validation_object')) } /* End of file form_helper.php */ -/* Location: ./system/helpers/form_helper.php */ \ No newline at end of file +/* Location: ./system/helpers/form_helper.php */ -- cgit v1.2.3-24-g4f1b From a5bcfb1d291d42521b0dc420b1b501c36710277d Mon Sep 17 00:00:00 2001 From: nisheeth-barthwal Date: Sat, 23 Mar 2013 10:53:51 +0530 Subject: Removed $recurse parameter in lieu of auto parsing. Changed "provision" entry. --- system/helpers/form_helper.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index d2c22b05c..2238af92a 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -647,7 +647,7 @@ if ( ! function_exists('set_value')) return form_prep($OBJ->set_value($field, $default), $is_textarea); } - if (FALSE !== ($OBJ =& _get_input_object()) && ($value = $OBJ->post($field, FALSE, TRUE))) + if (FALSE !== ($OBJ =& _get_input_object()) && ($value = $OBJ->post($field, FALSE))) { return form_prep($value, $is_textarea); } -- cgit v1.2.3-24-g4f1b From 9f27a3e0a86c7ffb1751a6815eaf475c28ca96ba Mon Sep 17 00:00:00 2001 From: Zachary Cardoza Date: Sat, 23 Mar 2013 21:59:20 -0700 Subject: Revert "Fixed error in Form Helper textarea function" This reverts commit e15d1be514dad1df7a3c38d6265566692ecf1260. --- system/helpers/form_helper.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index 84a3e80cf..692909c79 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -261,6 +261,7 @@ if ( ! function_exists('form_textarea')) unset($data['value']); // textareas don't use the value attribute } + $name = is_array($data) ? $data['name'] : $data; return '\n"; } } @@ -1004,4 +1005,4 @@ if ( ! function_exists('_get_validation_object')) } /* End of file form_helper.php */ -/* Location: ./system/helpers/form_helper.php */ +/* Location: ./system/helpers/form_helper.php */ \ No newline at end of file -- cgit v1.2.3-24-g4f1b From d4d6e093cc706535398ea0a3800530d1b305f3a8 Mon Sep 17 00:00:00 2001 From: Zachary Cardoza Date: Sat, 23 Mar 2013 22:02:07 -0700 Subject: Fixed error in form_textarea helper function Reverted from GitHub edited version to remove document line end character. Good to merge now. --- system/helpers/form_helper.php | 1 - 1 file changed, 1 deletion(-) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index 692909c79..fd9e7be7c 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -261,7 +261,6 @@ if ( ! function_exists('form_textarea')) unset($data['value']); // textareas don't use the value attribute } - $name = is_array($data) ? $data['name'] : $data; return '\n"; } } -- cgit v1.2.3-24-g4f1b From 77236e055234cbbc9f6ca6be472c70077a1f5856 Mon Sep 17 00:00:00 2001 From: nisheeth-barthwal Date: Mon, 25 Mar 2013 23:42:36 +0530 Subject: Simplified notation parsing and other cosmetic fixes --- system/helpers/form_helper.php | 34 ++-------------------------------- 1 file changed, 2 insertions(+), 32 deletions(-) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index 2238af92a..443a06a2d 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -647,7 +647,8 @@ if ( ! function_exists('set_value')) return form_prep($OBJ->set_value($field, $default), $is_textarea); } - if (FALSE !== ($OBJ =& _get_input_object()) && ($value = $OBJ->post($field, FALSE))) + $CI =& get_instance(); + if (NULL !== ($value = $CI->input->post($field, FALSE))) { return form_prep($value, $is_textarea); } @@ -1007,36 +1008,5 @@ if ( ! function_exists('_get_validation_object')) } } -// ------------------------------------------------------------------------ - -if ( ! function_exists('_get_input_object')) -{ - /** - * Input Object - * - * Fetches the input object - * - * @return mixed - */ - function &_get_input_object() - { - $CI =& get_instance(); - - // We set this as a variable since we're returning by reference. - $return = FALSE; - - if ( ! isset($CI->input) OR ! is_object($CI->input)) - { - return $return; - } - else - { - $return = $CI->input; - } - - return $return; - } -} - /* End of file form_helper.php */ /* Location: ./system/helpers/form_helper.php */ \ No newline at end of file -- cgit v1.2.3-24-g4f1b From 47ea5a8b99e17e9513be57d0af92f9e2637569b2 Mon Sep 17 00:00:00 2001 From: nisheeth-barthwal Date: Tue, 26 Mar 2013 18:57:28 +0530 Subject: Code fixes in line with suggestions --- system/helpers/form_helper.php | 15 +++++---------- 1 file changed, 5 insertions(+), 10 deletions(-) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index 443a06a2d..e2c0cc4c5 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -642,18 +642,13 @@ if ( ! function_exists('set_value')) */ function set_value($field = '', $default = '', $is_textarea = FALSE) { - if (FALSE !== ($OBJ =& _get_validation_object()) && $OBJ->has_rule($field)) - { - return form_prep($OBJ->set_value($field, $default), $is_textarea); - } - $CI =& get_instance(); - if (NULL !== ($value = $CI->input->post($field, FALSE))) - { - return form_prep($value, $is_textarea); - } - return form_prep($default, $is_textarea); + $value = (isset($CI->form_validation) && is_object($CI->form_validation) && $CI->form_validation->has_rule($field)) + ? $CI->form_validation->set_value($field, $default) + : $CI->input->post($field, FALSE); + + return form_prep($value === NULL ? $default : $value, $is_textarea); } } -- cgit v1.2.3-24-g4f1b From 519f87a07bd1fe3a9ec037f727628bb6c7c8e251 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 23 Jul 2013 17:16:10 +0300 Subject: Loader changes & optimizations related to issue #2551 --- system/helpers/form_helper.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index 2002d4269..bc14df221 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -988,7 +988,7 @@ if ( ! function_exists('_get_validation_object')) // We set this as a variable since we're returning by reference. $return = FALSE; - if (FALSE !== ($object = $CI->load->is_loaded('form_validation'))) + if (FALSE !== ($object = $CI->load->is_loaded('Form_validation'))) { if ( ! isset($CI->$object) OR ! is_object($CI->$object)) { -- cgit v1.2.3-24-g4f1b From 122ca9bd8b055eaabee2ec54f476749107533565 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 26 Jul 2013 18:16:26 +0300 Subject: Fix #2560 --- system/helpers/form_helper.php | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index bc14df221..7f4276bc7 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -54,10 +54,18 @@ if ( ! function_exists('form_open')) { $CI =& get_instance(); - if ($attributes === '') + if (empty($attributes)) { $attributes = 'method="post"'; } + elseif (is_array($attributes) && ! isset($attributes['method'])) + { + $attributes['method'] = 'post'; + } + elseif (stripos($attributes, 'method=') === FALSE) + { + $attributes .= ' method="post"'; + } // If an action is not a full URL then turn it into one if ($action && strpos($action, '://') === FALSE) @@ -73,7 +81,7 @@ if ( ! function_exists('form_open')) $form = '
\n"; // Add CSRF field if enabled, but leave it out for GET requests and requests to external websites - if ($CI->config->item('csrf_protection') === TRUE && ! (strpos($action, $CI->config->base_url()) === FALSE OR strpos($form, 'method="get"'))) + if ($CI->config->item('csrf_protection') === TRUE && ! (strpos($action, $CI->config->base_url()) === FALSE OR stripos($form, 'method="get"'))) { $hidden[$CI->security->get_csrf_token_name()] = $CI->security->get_csrf_hash(); } -- cgit v1.2.3-24-g4f1b From ea19bc4f8fea2a7b6d0b1d85c279369ec8fce06e Mon Sep 17 00:00:00 2001 From: vlakoff Date: Sat, 27 Jul 2013 10:07:43 +0200 Subject: Form helper: refactor form_open() and _attributes_to_string() --- system/helpers/form_helper.php | 56 ++++++++++++++---------------------------- 1 file changed, 18 insertions(+), 38 deletions(-) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index 7f4276bc7..f28296c2e 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -50,21 +50,20 @@ if ( ! function_exists('form_open')) * @param array a key/value pair hidden data * @return string */ - function form_open($action = '', $attributes = '', $hidden = array()) + function form_open($action = '', $attributes = array(), $hidden = array()) { $CI =& get_instance(); - if (empty($attributes)) - { - $attributes = 'method="post"'; - } - elseif (is_array($attributes) && ! isset($attributes['method'])) + $attributes = _attributes_to_string($attributes); + + if (stripos($attributes, 'method=') === FALSE) { - $attributes['method'] = 'post'; + $attributes .= ' method="post"'; } - elseif (stripos($attributes, 'method=') === FALSE) + + if (stripos($attributes, 'accept-charset=') === FALSE) { - $attributes .= ' method="post"'; + $attributes .= ' accept-charset="'.strtolower(config_item('charset')).'"'; } // If an action is not a full URL then turn it into one @@ -78,7 +77,7 @@ if ( ! function_exists('form_open')) $action = $CI->config->site_url($CI->uri->uri_string()); } - $form = '\n"; + $form = '\n"; // Add CSRF field if enabled, but leave it out for GET requests and requests to external websites if ($CI->config->item('csrf_protection') === TRUE && ! (strpos($action, $CI->config->base_url()) === FALSE OR stripos($form, 'method="get"'))) @@ -550,12 +549,12 @@ if ( ! function_exists('form_fieldset')) * use form_fieldset_close() * * @param string The legend text - * @param string Additional attributes + * @param array Additional attributes * @return string */ function form_fieldset($legend_text = '', $attributes = array()) { - $fieldset = '\n"; + $fieldset = '\n"; if ($legend_text !== '') { return $fieldset.''.$legend_text."\n"; @@ -928,45 +927,24 @@ if ( ! function_exists('_attributes_to_string')) * Helper function used by some of the form helpers * * @param mixed - * @param bool * @return string */ - function _attributes_to_string($attributes, $formtag = FALSE) + function _attributes_to_string($attributes) { - if (is_string($attributes) && strlen($attributes) > 0) + if (is_string($attributes)) { - if ($formtag === TRUE && strpos($attributes, 'method=') === FALSE) - { - $attributes .= ' method="post"'; - } - - if ($formtag === TRUE && strpos($attributes, 'accept-charset=') === FALSE) - { - $attributes .= ' accept-charset="'.strtolower(config_item('charset')).'"'; - } - - return ' '.$attributes; + return ($attributes === '' ? '' : ' '.$attributes); } - if (is_object($attributes) && count($attributes) > 0) + if (is_object($attributes)) { $attributes = (array) $attributes; } - if (is_array($attributes) && ($formtag === TRUE OR count($attributes) > 0)) + if (is_array($attributes)) { $atts = ''; - if ( ! isset($attributes['method']) && $formtag === TRUE) - { - $atts .= ' method="post"'; - } - - if ( ! isset($attributes['accept-charset']) && $formtag === TRUE) - { - $atts .= ' accept-charset="'.strtolower(config_item('charset')).'"'; - } - foreach ($attributes as $key => $val) { $atts .= ' '.$key.'="'.$val.'"'; @@ -974,6 +952,8 @@ if ( ! function_exists('_attributes_to_string')) return $atts; } + + return FALSE; } } -- cgit v1.2.3-24-g4f1b From c4f9c62a604079fe3c2ab7637ffad894188fb429 Mon Sep 17 00:00:00 2001 From: vlakoff Date: Sat, 27 Jul 2013 10:08:00 +0200 Subject: More logical order --- system/helpers/form_helper.php | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index f28296c2e..6fca73f85 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -54,6 +54,17 @@ if ( ! function_exists('form_open')) { $CI =& get_instance(); + // If an action is not a full URL then turn it into one + if ($action && strpos($action, '://') === FALSE) + { + $action = $CI->config->site_url($action); + } + elseif ( ! $action) + { + // If no action is provided then set to the current url + $action = $CI->config->site_url($CI->uri->uri_string()); + } + $attributes = _attributes_to_string($attributes); if (stripos($attributes, 'method=') === FALSE) @@ -66,17 +77,6 @@ if ( ! function_exists('form_open')) $attributes .= ' accept-charset="'.strtolower(config_item('charset')).'"'; } - // If an action is not a full URL then turn it into one - if ($action && strpos($action, '://') === FALSE) - { - $action = $CI->config->site_url($action); - } - elseif ( ! $action) - { - // If no action is provided then set to the current url - $action = $CI->config->site_url($CI->uri->uri_string()); - } - $form = '\n"; // Add CSRF field if enabled, but leave it out for GET requests and requests to external websites -- cgit v1.2.3-24-g4f1b From f746475e80a2734277eb1e76bb916ae3b2863423 Mon Sep 17 00:00:00 2001 From: vlakoff Date: Sun, 28 Jul 2013 22:23:21 +0200 Subject: Form helper _attributes_to_string() micro-optimization As $attributes should be most of the times an array, let's save an is_string() call. --- system/helpers/form_helper.php | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index 6fca73f85..5ba5b556c 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -931,11 +931,6 @@ if ( ! function_exists('_attributes_to_string')) */ function _attributes_to_string($attributes) { - if (is_string($attributes)) - { - return ($attributes === '' ? '' : ' '.$attributes); - } - if (is_object($attributes)) { $attributes = (array) $attributes; @@ -953,6 +948,11 @@ if ( ! function_exists('_attributes_to_string')) return $atts; } + if (is_string($attributes)) + { + return ($attributes === '' ? '' : ' '.$attributes); + } + return FALSE; } } -- cgit v1.2.3-24-g4f1b From bb8b08982369dd6a2d321844dced488f92134f20 Mon Sep 17 00:00:00 2001 From: vlakoff Date: Sun, 28 Jul 2013 22:35:04 +0200 Subject: Polishing Form helper --- system/helpers/form_helper.php | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index 5ba5b556c..146c0f588 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -931,6 +931,11 @@ if ( ! function_exists('_attributes_to_string')) */ function _attributes_to_string($attributes) { + if (empty($attributes)) + { + return ''; + } + if (is_object($attributes)) { $attributes = (array) $attributes; @@ -950,7 +955,7 @@ if ( ! function_exists('_attributes_to_string')) if (is_string($attributes)) { - return ($attributes === '' ? '' : ' '.$attributes); + return ' '.$attributes; } return FALSE; -- cgit v1.2.3-24-g4f1b From ae50f5537718431af05037c857d1c303e25a76f6 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 13 Sep 2013 16:17:41 +0300 Subject: Fix #2639 --- system/helpers/form_helper.php | 79 ++++++++++-------------------------------- 1 file changed, 19 insertions(+), 60 deletions(-) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index 146c0f588..424bb7e64 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -726,37 +726,18 @@ if ( ! function_exists('set_checkbox')) */ function set_checkbox($field = '', $value = '', $default = FALSE) { - $OBJ =& _get_validation_object(); + $CI =& get_instance(); - if ($OBJ === FALSE) + if (isset($CI->form_validation) && is_object($CI->form_validation) && $CI->form_validation->has_rule($field)) { - if ( ! isset($_POST[$field])) - { - if (count($_POST) === 0 && $default === TRUE) - { - return ' checked="checked"'; - } - return ''; - } - - $field = $_POST[$field]; - - if (is_array($field)) - { - if ( ! in_array($value, $field)) - { - return ''; - } - } - elseif (($field == '' OR $value == '') OR $field !== $value) - { - return ''; - } - - return ' checked="checked"'; + return $CI->form_validation->set_checkbox($field, $value, $default); + } + elseif (($input = $CI->input->post($field, FALSE)) === NULL) + { + return ($default === TRUE) ? ' checked="checked"' : ''; } - return $OBJ->set_checkbox($field, $value, $default); + return ($input === $value) ? ' checked="checked"' : ''; } } @@ -770,47 +751,25 @@ if ( ! function_exists('set_radio')) * Let's you set the selected value of a radio field via info in the POST array. * If Form Validation is active it retrieves the info from the validation class * - * @param string - * @param string - * @param bool + * @param string $field + * @param string $value + * @param bool $default * @return string */ function set_radio($field = '', $value = '', $default = FALSE) { - $OBJ =& _get_validation_object(); + $CI =& get_instance(); - if ($OBJ === FALSE) + if (isset($CI->form_validation) && is_object($CI->form_validation) && $CI->form_validation->has_rule($field)) { - if ( ! isset($_POST[$field])) - { - if (count($_POST) === 0 && $default === TRUE) - { - return ' checked="checked"'; - } - return ''; - } - - $field = $_POST[$field]; - - if (is_array($field)) - { - if ( ! in_array($value, $field)) - { - return ''; - } - } - else - { - if (($field == '' OR $value == '') OR $field !== $value) - { - return ''; - } - } - - return ' checked="checked"'; + return $CI->form_validation->set_radio($field, $value, $default); + } + elseif (($input = $CI->input->post($field, FALSE)) === NULL) + { + return ($default === TRUE) ? ' checked="checked"' : ''; } - return $OBJ->set_radio($field, $value, $default); + return ($input === $value) ? ' checked="checked"' : ''; } } -- cgit v1.2.3-24-g4f1b From 67f6a5e0321cc5d71dc2adc8dc72c71e96408dac Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 13 Sep 2013 16:21:31 +0300 Subject: Fix array notation fields for set_select() as well --- system/helpers/form_helper.php | 35 ++++++++--------------------------- 1 file changed, 8 insertions(+), 27 deletions(-) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index 424bb7e64..20379efa7 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -675,37 +675,18 @@ if ( ! function_exists('set_select')) */ function set_select($field = '', $value = '', $default = FALSE) { - $OBJ =& _get_validation_object(); + $CI =& get_instance(); - if ($OBJ === FALSE) + if (isset($CI->form_validation) && is_object($CI->form_validation) && $CI->form_validation->has_rule($field)) { - if ( ! isset($_POST[$field])) - { - if (count($_POST) === 0 && $default === TRUE) - { - return ' selected="selected"'; - } - return ''; - } - - $field = $_POST[$field]; - - if (is_array($field)) - { - if ( ! in_array($value, $field)) - { - return ''; - } - } - elseif (($field == '' OR $value == '') OR $field !== $value) - { - return ''; - } - - return ' selected="selected"'; + return $CI->form_validation->set_select($field, $value, $default); + } + elseif (($input = $CI->input->post($field, FALSE)) === NULL) + { + return ($default === TRUE) ? ' selected="selected"' : ''; } - return $OBJ->set_select($field, $value, $default); + return ($input === $value) ? ' checked="selected"' : ''; } } -- cgit v1.2.3-24-g4f1b From e8a23a532a4974773067903bf96200fa12fa4d41 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 13 Sep 2013 18:29:29 +0300 Subject: An update to the #2639 fix --- system/helpers/form_helper.php | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index 20379efa7..7112a99b7 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -717,6 +717,10 @@ if ( ! function_exists('set_checkbox')) { return ($default === TRUE) ? ' checked="checked"' : ''; } + elseif (is_array($input) && in_array($value, $input, TRUE)) + { + return ' checked="checked"'; + } return ($input === $value) ? ' checked="checked"' : ''; } -- cgit v1.2.3-24-g4f1b From d3b7e24b708623be425dc03c3bb429bf0e4741c8 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 13 Sep 2013 18:36:29 +0300 Subject: Another one following #2639 --- system/helpers/form_helper.php | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index 7112a99b7..0cc5bd157 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -685,8 +685,12 @@ if ( ! function_exists('set_select')) { return ($default === TRUE) ? ' selected="selected"' : ''; } + elseif (is_array($input) && in_array($value, $input, TRUE)) + { + return ' selected="selected"'; + } - return ($input === $value) ? ' checked="selected"' : ''; + return ($input === $value) ? ' selected="selected"' : ''; } } -- cgit v1.2.3-24-g4f1b From 8e7cc7a18086ad32c8e13525b643aadde054bf40 Mon Sep 17 00:00:00 2001 From: Ahmad Anbar Date: Fri, 4 Oct 2013 02:45:28 +0300 Subject: parse $extra attributes in form_dropdown. --- system/helpers/form_helper.php | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index 0cc5bd157..85f1f4e01 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -328,11 +328,8 @@ if ( ! function_exists('form_dropdown')) { $selected = array($_POST[$name]); } - - if ($extra != '') - { - $extra = ' '.$extra; - } + + $extra = _attributes_to_string($extra); $multiple = (count($selected) > 1 && strpos($extra, 'multiple') === FALSE) ? ' multiple="multiple"' : ''; -- cgit v1.2.3-24-g4f1b From 7f5f8aaa01764f266b41791568863ec6bfda7e83 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 21 Oct 2013 14:37:40 +0300 Subject: Manually apply PR #2656 Fixes an 'Array to string conversion' notice in form_dropdown() --- system/helpers/form_helper.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index 85f1f4e01..400a91faa 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -316,7 +316,7 @@ if ( ! function_exists('form_dropdown')) { isset($name['options']) OR $name['options'] = array(); isset($name['selected']) OR $name['selected'] = array(); - isset($name['extra']) OR $name['extra'] = array(); + isset($name['extra']) OR $name['extra'] = ''; return form_dropdown($name['name'], $name['options'], $name['selected'], $name['extra']); } @@ -328,7 +328,7 @@ if ( ! function_exists('form_dropdown')) { $selected = array($_POST[$name]); } - + $extra = _attributes_to_string($extra); $multiple = (count($selected) > 1 && strpos($extra, 'multiple') === FALSE) ? ' multiple="multiple"' : ''; -- cgit v1.2.3-24-g4f1b From a587a939ce0b8e7d1dfe0830ac83d881e151d6e0 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 23 Oct 2013 19:57:46 +0300 Subject: Fix issue #2695 --- system/helpers/form_helper.php | 32 +++++++++++++++++++++++++++----- 1 file changed, 27 insertions(+), 5 deletions(-) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index 400a91faa..a3d299b0d 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -682,9 +682,20 @@ if ( ! function_exists('set_select')) { return ($default === TRUE) ? ' selected="selected"' : ''; } - elseif (is_array($input) && in_array($value, $input, TRUE)) + + $value = (string) $value; + if (is_array($input)) { - return ' selected="selected"'; + // Note: in_array('', array(0)) returns TRUE, do not use it + foreach ($input as &$v) + { + if ($value === $v) + { + return ' selected="selected"'; + } + } + + return ''; } return ($input === $value) ? ' selected="selected"' : ''; @@ -718,9 +729,20 @@ if ( ! function_exists('set_checkbox')) { return ($default === TRUE) ? ' checked="checked"' : ''; } - elseif (is_array($input) && in_array($value, $input, TRUE)) + + $value = (string) $value; + if (is_array($input)) { - return ' checked="checked"'; + // Note: in_array('', array(0)) returns TRUE, do not use it + foreach ($input as &$v) + { + if ($value === $v) + { + return ' checked="checked"'; + } + } + + return ''; } return ($input === $value) ? ' checked="checked"' : ''; @@ -755,7 +777,7 @@ if ( ! function_exists('set_radio')) return ($default === TRUE) ? ' checked="checked"' : ''; } - return ($input === $value) ? ' checked="checked"' : ''; + return ($input === (string) $value) ? ' checked="checked"' : ''; } } -- cgit v1.2.3-24-g4f1b From 871754af60251993d640981e107d2def5f2db396 Mon Sep 17 00:00:00 2001 From: darwinel Date: Tue, 11 Feb 2014 17:34:57 +0100 Subject: 2013 > 2014 Update copyright notices from 2013 to 2014. And update one calendar example in user_guide from year 2013/2014 to 2014/2015. --- system/helpers/form_helper.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index a3d299b0d..40852faf8 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -18,7 +18,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2013, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 -- cgit v1.2.3-24-g4f1b From 40cd60024d4b18fd26a6cc17ed37cbcc403569e8 Mon Sep 17 00:00:00 2001 From: Brennan Thompson Date: Fri, 14 Feb 2014 12:06:38 -0700 Subject: Made form_dropdown compatible with the other form helper methods --- system/helpers/form_helper.php | 41 ++++++++++++++++++++++------------------- 1 file changed, 22 insertions(+), 19 deletions(-) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index 40852faf8..54e2401be 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -303,22 +303,21 @@ if ( ! function_exists('form_dropdown')) /** * Drop-down Menu * - * @param mixed $name + * @param mixed $data * @param mixed $options * @param mixed $selected * @param mixed $extra * @return string */ - function form_dropdown($name = '', $options = array(), $selected = array(), $extra = '') + function form_dropdown($data = '', $options = array(), $selected = array(), $extra = '') { - // If name is really an array then we'll call the function again using the array - if (is_array($name) && isset($name['name'])) + $name = ! is_array($data) ? $data : ''; + $defaults = array('name' => ( $name)); + + if ( is_array($data) && isset($data['selected'])) { - isset($name['options']) OR $name['options'] = array(); - isset($name['selected']) OR $name['selected'] = array(); - isset($name['extra']) OR $name['extra'] = ''; - - return form_dropdown($name['name'], $name['options'], $name['selected'], $name['extra']); + $selected = $data['selected']; + unset($data['selected']); // selects don't have a selected attribute } is_array($selected) OR $selected = array($selected); @@ -328,13 +327,17 @@ if ( ! function_exists('form_dropdown')) { $selected = array($_POST[$name]); } - - $extra = _attributes_to_string($extra); - + + if ( is_array($data) && isset($data['options'])) + { + $options = $data['options']; + unset($data['options']); // selects don't use an options attribute + } + $multiple = (count($selected) > 1 && strpos($extra, 'multiple') === FALSE) ? ' multiple="multiple"' : ''; - - $form = '\n"; + foreach ($options as $key => $val) { $key = (string) $key; @@ -352,7 +355,7 @@ if ( ! function_exists('form_dropdown')) { $sel = in_array($optgroup_key, $selected) ? ' selected="selected"' : ''; $form .= '\n"; + .(string) $optgroup_val."\n"; } $form .= "\n"; @@ -360,11 +363,11 @@ if ( ! function_exists('form_dropdown')) else { $form .= '\n"; + .(in_array($key, $selected) ? ' selected="selected"' : '').'>' + .(string) $val."\n"; } } - + return $form."\n"; } } -- cgit v1.2.3-24-g4f1b From 06a0d625beed35d23ede1b599e4ef532a0f819f9 Mon Sep 17 00:00:00 2001 From: Brennan Thompson Date: Fri, 14 Feb 2014 12:17:48 -0700 Subject: Fix for selected being NULL from set_value --- system/helpers/form_helper.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index 54e2401be..31c274ced 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -314,7 +314,7 @@ if ( ! function_exists('form_dropdown')) $name = ! is_array($data) ? $data : ''; $defaults = array('name' => ( $name)); - if ( is_array($data) && isset($data['selected'])) + if ( is_array($data) AND isset($data['selected']) AND $data['selected'] !== NULL) { $selected = $data['selected']; unset($data['selected']); // selects don't have a selected attribute -- cgit v1.2.3-24-g4f1b From 5c2a6bb7daf97195296291e6a12ac7340de42554 Mon Sep 17 00:00:00 2001 From: Brennan Thompson Date: Fri, 14 Feb 2014 13:16:37 -0700 Subject: Removed space for travis ci checks --- system/helpers/form_helper.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index 31c274ced..23ce9d12d 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -336,7 +336,7 @@ if ( ! function_exists('form_dropdown')) $multiple = (count($selected) > 1 && strpos($extra, 'multiple') === FALSE) ? ' multiple="multiple"' : ''; - $form = '\n"; foreach ($options as $key => $val) { -- cgit v1.2.3-24-g4f1b From 87f6000df9b54c7b624a213eddd629ab0121963a Mon Sep 17 00:00:00 2001 From: Brennan Thompson Date: Fri, 14 Feb 2014 14:03:25 -0700 Subject: Actual fix for extra whitespace --- system/helpers/form_helper.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index 23ce9d12d..0f85fdedd 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -336,7 +336,7 @@ if ( ! function_exists('form_dropdown')) $multiple = (count($selected) > 1 && strpos($extra, 'multiple') === FALSE) ? ' multiple="multiple"' : ''; - $form = '\n"; foreach ($options as $key => $val) { -- cgit v1.2.3-24-g4f1b From 21ef97ecfaef8392ded81606ada2e4bbdc7e064c Mon Sep 17 00:00:00 2001 From: Brennan Thompson Date: Sun, 16 Feb 2014 11:01:03 -0700 Subject: Dropdown should match style guide now. --- system/helpers/form_helper.php | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index 0f85fdedd..9fd5d1e61 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -287,6 +287,8 @@ if ( ! function_exists('form_multiselect')) */ function form_multiselect($name = '', $options = array(), $selected = array(), $extra = '') { + $extra = _attributes_to_string($extra); + if ( ! strpos($extra, 'multiple')) { $extra .= ' multiple="multiple"'; @@ -333,10 +335,14 @@ if ( ! function_exists('form_dropdown')) $options = $data['options']; unset($data['options']); // selects don't use an options attribute } + + is_array($options) OR $options = array($options); + + $extra = _attributes_to_string($extra); $multiple = (count($selected) > 1 && strpos($extra, 'multiple') === FALSE) ? ' multiple="multiple"' : ''; - $form = '\n"; foreach ($options as $key => $val) { @@ -925,7 +931,7 @@ if ( ! function_exists('_attributes_to_string')) if (is_string($attributes)) { - return ' '.$attributes; + return $attributes; } return FALSE; -- cgit v1.2.3-24-g4f1b From 7a772e5b4a145eef7457d5a1667d716348ea071b Mon Sep 17 00:00:00 2001 From: Brennan Thompson Date: Sun, 16 Feb 2014 19:22:54 -0700 Subject: Removed non permitted changes --- system/helpers/form_helper.php | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index 9fd5d1e61..2c1a639df 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -287,8 +287,6 @@ if ( ! function_exists('form_multiselect')) */ function form_multiselect($name = '', $options = array(), $selected = array(), $extra = '') { - $extra = _attributes_to_string($extra); - if ( ! strpos($extra, 'multiple')) { $extra .= ' multiple="multiple"'; @@ -931,7 +929,7 @@ if ( ! function_exists('_attributes_to_string')) if (is_string($attributes)) { - return $attributes; + return ' '.$attributes; } return FALSE; -- cgit v1.2.3-24-g4f1b From c8ba6630167df5682fc0be2ae2d1352554374d1f Mon Sep 17 00:00:00 2001 From: Brennan Thompson Date: Sun, 16 Feb 2014 19:36:00 -0700 Subject: Updated code to match style guide --- system/helpers/form_helper.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index 2c1a639df..03839e0ed 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -312,9 +312,9 @@ if ( ! function_exists('form_dropdown')) function form_dropdown($data = '', $options = array(), $selected = array(), $extra = '') { $name = ! is_array($data) ? $data : ''; - $defaults = array('name' => ( $name)); + $defaults = array('name' => $name); - if ( is_array($data) AND isset($data['selected']) AND $data['selected'] !== NULL) + if (is_array($data) && isset($data['selected']) && $data['selected'] !== NULL) { $selected = $data['selected']; unset($data['selected']); // selects don't have a selected attribute @@ -328,7 +328,7 @@ if ( ! function_exists('form_dropdown')) $selected = array($_POST[$name]); } - if ( is_array($data) && isset($data['options'])) + if (is_array($data) && isset($data['options'])) { $options = $data['options']; unset($data['options']); // selects don't use an options attribute -- cgit v1.2.3-24-g4f1b From 82c78a9c70e65793b7590ebe049e5d2632d04504 Mon Sep 17 00:00:00 2001 From: Brennan Thompson Date: Mon, 17 Feb 2014 10:02:19 -0700 Subject: Removed extra spaces and irrelevant condition --- system/helpers/form_helper.php | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index 03839e0ed..da4646dd1 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -313,8 +313,8 @@ if ( ! function_exists('form_dropdown')) { $name = ! is_array($data) ? $data : ''; $defaults = array('name' => $name); - - if (is_array($data) && isset($data['selected']) && $data['selected'] !== NULL) + + if (is_array($data) && isset($data['selected'])) { $selected = $data['selected']; unset($data['selected']); // selects don't have a selected attribute @@ -327,7 +327,7 @@ if ( ! function_exists('form_dropdown')) { $selected = array($_POST[$name]); } - + if (is_array($data) && isset($data['options'])) { $options = $data['options']; @@ -335,13 +335,13 @@ if ( ! function_exists('form_dropdown')) } is_array($options) OR $options = array($options); - + $extra = _attributes_to_string($extra); - + $multiple = (count($selected) > 1 && strpos($extra, 'multiple') === FALSE) ? ' multiple="multiple"' : ''; - + $form = '\n"; } } -- cgit v1.2.3-24-g4f1b From 1d03ef480c52546f6016cfda98dd82f341197a17 Mon Sep 17 00:00:00 2001 From: Brennan Thompson Date: Mon, 17 Feb 2014 12:08:22 -0700 Subject: Removed extra space, condensed $defaults --- system/helpers/form_helper.php | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index da4646dd1..a724406f0 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -311,8 +311,7 @@ if ( ! function_exists('form_dropdown')) */ function form_dropdown($data = '', $options = array(), $selected = array(), $extra = '') { - $name = ! is_array($data) ? $data : ''; - $defaults = array('name' => $name); + $defaults = array('name' => is_array($data) ? '' : $data); if (is_array($data) && isset($data['selected'])) { @@ -336,11 +335,11 @@ if ( ! function_exists('form_dropdown')) is_array($options) OR $options = array($options); - $extra = _attributes_to_string($extra); + $extra = _attributes_to_string($extra); $multiple = (count($selected) > 1 && strpos($extra, 'multiple') === FALSE) ? ' multiple="multiple"' : ''; - $form = '\n"; foreach ($options as $key => $val) { -- cgit v1.2.3-24-g4f1b From ea41c8aa1951216b6a9ccc99832d69d2b41c5ead Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 26 Feb 2014 18:31:02 +0200 Subject: Don't use error suppression on realpath() + style adjustments --- system/helpers/form_helper.php | 59 ++++++++++++++++++++++++++---------------- 1 file changed, 37 insertions(+), 22 deletions(-) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index a724406f0..2592890cd 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -54,15 +54,15 @@ if ( ! function_exists('form_open')) { $CI =& get_instance(); - // If an action is not a full URL then turn it into one - if ($action && strpos($action, '://') === FALSE) + // If no action is provided then set to the current url + if ( ! $action) { - $action = $CI->config->site_url($action); + $action = $CI->config->site_url($CI->uri->uri_string()); } - elseif ( ! $action) + // If an action is not a full URL then turn it into one + elseif (strpos($action, '://') === FALSE) { - // If no action is provided then set to the current url - $action = $CI->config->site_url($CI->uri->uri_string()); + $action = $CI->config->site_url($action); } $attributes = _attributes_to_string($attributes); @@ -80,7 +80,7 @@ if ( ! function_exists('form_open')) $form = '\n"; // Add CSRF field if enabled, but leave it out for GET requests and requests to external websites - if ($CI->config->item('csrf_protection') === TRUE && ! (strpos($action, $CI->config->base_url()) === FALSE OR stripos($form, 'method="get"'))) + if ($CI->config->item('csrf_protection') === TRUE && strpos($action, $CI->config->base_url()) !== FALSE && ! stripos($form, 'method="get"')) { $hidden[$CI->security->get_csrf_token_name()] = $CI->security->get_csrf_hash(); } @@ -153,6 +153,7 @@ if ( ! function_exists('form_hidden')) { form_hidden($key, $val, TRUE); } + return $form; } @@ -187,7 +188,11 @@ if ( ! function_exists('form_input')) */ function form_input($data = '', $value = '', $extra = '') { - $defaults = array('type' => 'text', 'name' => ( ! is_array($data) ? $data : ''), 'value' => $value); + $defaults = array( + 'type' => 'text', + 'name' => is_array($data) ? '' : $data, + 'value' => $value + ); return '\n"; } @@ -209,11 +214,7 @@ if ( ! function_exists('form_password')) */ function form_password($data = '', $value = '', $extra = '') { - if ( ! is_array($data)) - { - $data = array('name' => $data); - } - + is_array($data) OR $data = array('name' => $data); $data['type'] = 'password'; return form_input($data, $value, $extra); } @@ -256,7 +257,11 @@ if ( ! function_exists('form_textarea')) */ function form_textarea($data = '', $value = '', $extra = '') { - $defaults = array('name' => ( ! is_array($data) ? $data : ''), 'cols' => '40', 'rows' => '10'); + $defaults = array( + 'name' => is_array($data) ? '' : $data, + 'cols' => '40', + 'rows' => '10' + ); if ( ! is_array($data) OR ! isset($data['value'])) { @@ -434,11 +439,7 @@ if ( ! function_exists('form_radio')) */ function form_radio($data = '', $value = '', $checked = FALSE, $extra = '') { - if ( ! is_array($data)) - { - $data = array('name' => $data); - } - + is_array($data) OR $data = array('name' => $data); $data['type'] = 'radio'; return form_checkbox($data, $value, $checked, $extra); } @@ -458,7 +459,12 @@ if ( ! function_exists('form_submit')) */ function form_submit($data = '', $value = '', $extra = '') { - $defaults = array('type' => 'submit', 'name' => ( ! is_array($data) ? $data : ''), 'value' => $value); + $defaults = array( + 'type' => 'submit', + 'name' => is_array($data) ? '' : $data, + 'value' => $value + ); + return '\n"; } } @@ -477,7 +483,12 @@ if ( ! function_exists('form_reset')) */ function form_reset($data = '', $value = '', $extra = '') { - $defaults = array('type' => 'reset', 'name' => ( ! is_array($data) ? $data : ''), 'value' => $value); + $defaults = array( + 'type' => 'reset', + 'name' => is_array($data) ? '' : $data, + 'value' => $value + ); + return '\n"; } } @@ -496,7 +507,11 @@ if ( ! function_exists('form_button')) */ function form_button($data = '', $content = '', $extra = '') { - $defaults = array('name' => ( ! is_array($data) ? $data : ''), 'type' => 'button'); + $defaults = array( + 'name' => is_array($data) ? '' : $data, + 'type' => 'button' + ); + if (is_array($data) && isset($data['content'])) { $content = $data['content']; -- cgit v1.2.3-24-g4f1b From 93b4e788796d6da181512702d6431ffd7e199bee Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 4 Mar 2014 17:48:21 +0200 Subject: Fix #2916 --- system/helpers/form_helper.php | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index 2592890cd..fe6b6ce11 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -85,9 +85,12 @@ if ( ! function_exists('form_open')) $hidden[$CI->security->get_csrf_token_name()] = $CI->security->get_csrf_hash(); } - if (is_array($hidden) && count($hidden) > 0) + if (is_array($hidden)) { - $form .= '
'.form_hidden($hidden).'
'; + foreach ($hidden as $name => $value) + { + $form .= ''."\n"; + } } return $form; -- cgit v1.2.3-24-g4f1b From 15662dd3d6a21a9602034759129a83e584c3a0d2 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 6 Mar 2014 13:45:33 +0200 Subject: Fix #2919 --- system/helpers/form_helper.php | 44 ++++++++++++++++++++++++++++-------------- 1 file changed, 30 insertions(+), 14 deletions(-) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index fe6b6ce11..a23ffcae2 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -319,30 +319,46 @@ if ( ! function_exists('form_dropdown')) */ function form_dropdown($data = '', $options = array(), $selected = array(), $extra = '') { - $defaults = array('name' => is_array($data) ? '' : $data); + $defaults = array(); - if (is_array($data) && isset($data['selected'])) + if (is_array($data)) { - $selected = $data['selected']; - unset($data['selected']); // selects don't have a selected attribute + if (isset($data['selected'])) + { + $selected = $data['selected']; + unset($data['selected']); // select tags don't have a selected attribute + } + + if (isset($data['options'])) + { + $options = $data['options']; + unset($data['options']); // select tags don't use an options attribute + } + } + else + { + $defaults = array('name' => $data); } is_array($selected) OR $selected = array($selected); + is_array($options) OR $options = array($options); // If no selected state was submitted we will attempt to set it automatically - if (count($selected) === 0 && isset($_POST[$name])) - { - $selected = array($_POST[$name]); - } - - if (is_array($data) && isset($data['options'])) + if (empty($selected)) { - $options = $data['options']; - unset($data['options']); // selects don't use an options attribute + if (is_array($data)) + { + if (isset($data['name'], $_POST[$data['name']])) + { + $selected = array($_POST[$data['name']]); + } + } + elseif (isset($_POST[$data])) + { + $selected = array($_POST[$data]); + } } - is_array($options) OR $options = array($options); - $extra = _attributes_to_string($extra); $multiple = (count($selected) > 1 && strpos($extra, 'multiple') === FALSE) ? ' multiple="multiple"' : ''; -- cgit v1.2.3-24-g4f1b From bdb96ca1b1dbfc1791172fd169d7751cbc4d7d55 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 28 Oct 2014 00:13:31 +0200 Subject: [ci skip] Switch to MIT license; close #3293 --- system/helpers/form_helper.php | 39 +++++++++++++++++++++++++-------------- 1 file changed, 25 insertions(+), 14 deletions(-) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index a23ffcae2..1447b4c58 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -4,24 +4,35 @@ * * An open source application development framework for PHP 5.2.4 or newer * - * NOTICE OF LICENSE + * This content is released under the MIT License (MIT) * - * Licensed under the Open Software License version 3.0 + * Copyright (c) 2014, British Columbia Institute of Technology * - * This source file is subject to the Open Software License (OSL 3.0) that is - * bundled with this package in the files license.txt / license.rst. It is - * also available through the world wide web at this URL: - * http://opensource.org/licenses/OSL-3.0 - * If you did not receive a copy of the license and are unable to obtain it - * through the world wide web, please send an email to - * licensing@ellislab.com so we can send you a copy immediately. + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: * - * @package CodeIgniter - * @author EllisLab Dev Team + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN + * THE SOFTWARE. + * + * @package CodeIgniter + * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) - * @link http://codeigniter.com - * @since Version 1.0 + * @copyright Copyright (c) 2014, British Columbia Institute of Technology (http://bcit.ca/) + * @license http://opensource.org/licenses/MIT MIT License + * @link http://codeigniter.com + * @since Version 1.0.0 * @filesource */ defined('BASEPATH') OR exit('No direct script access allowed'); -- cgit v1.2.3-24-g4f1b From fe9309d22c1b088f5363954d6dac013c8c955894 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 9 Jan 2015 17:48:58 +0200 Subject: Bulk (mostly documentation) update - Remove PHP version from license notices - Bump year number in copyright notices - Recommend PHP 5.4 or newer to be used - Tell Travis-CI to test on PHP 5.3.0 instead of the latest 5.3 version Related: #3450 --- system/helpers/form_helper.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index 1447b4c58..0e9207ee2 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -2,11 +2,11 @@ /** * CodeIgniter * - * An open source application development framework for PHP 5.2.4 or newer + * An open source application development framework for PHP * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014, British Columbia Institute of Technology + * Copyright (c) 2014 - 2015, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -29,7 +29,7 @@ * @package CodeIgniter * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link http://codeigniter.com * @since Version 1.0.0 -- cgit v1.2.3-24-g4f1b From 2c245616a7bc89e842b4f39693751c3d28c034f2 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 20 Jan 2015 15:40:27 +0200 Subject: Revert 7c4d10660a0a47446474bf97e3cb65f80693f1ee Deprecates form_prep() in favor of html_escape() (again). Related: issue #1953, which was the reason for the reverted commit, but was wrongly interpreted and that shouldn't have happened. Close #2477 --- system/helpers/form_helper.php | 44 ++++++++++++++---------------------------- 1 file changed, 14 insertions(+), 30 deletions(-) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index 0e9207ee2..007db4cab 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -100,7 +100,7 @@ if ( ! function_exists('form_open')) { foreach ($hidden as $name => $value) { - $form .= ''."\n"; + $form .= ''."\n"; } } @@ -173,7 +173,7 @@ if ( ! function_exists('form_hidden')) if ( ! is_array($value)) { - $form .= '\n"; + $form .= '\n"; } else { @@ -287,7 +287,7 @@ if ( ! function_exists('form_textarea')) unset($data['value']); // textareas don't use the value attribute } - return '\n"; + return '\n"; } } @@ -392,7 +392,7 @@ if ( ! function_exists('form_dropdown')) foreach ($val as $optgroup_key => $optgroup_val) { $sel = in_array($optgroup_key, $selected) ? ' selected="selected"' : ''; - $form .= '\n"; } @@ -400,7 +400,7 @@ if ( ! function_exists('form_dropdown')) } else { - $form .= '\n"; } @@ -653,28 +653,13 @@ if ( ! function_exists('form_prep')) * * Formats text so that it can be safely placed in a form field in the event it has HTML tags. * + * @deprecated 3.0.0 An alias for html_escape() * @param string|string[] $str Value to escape - * @param bool $is_textarea Whether we're escaping for a textarea element * @return string|string[] Escaped values */ - function form_prep($str = '', $is_textarea = FALSE) + function form_prep($str) { - if (is_array($str)) - { - foreach (array_keys($str) as $key) - { - $str[$key] = form_prep($str[$key], $is_textarea); - } - - return $str; - } - - if ($is_textarea === TRUE) - { - return str_replace(array('<', '>'), array('<', '>'), stripslashes($str)); - } - - return str_replace(array("'", '"'), array(''', '"'), stripslashes($str)); + return html_escape($str, TRUE); } } @@ -691,10 +676,9 @@ if ( ! function_exists('set_value')) * * @param string $field Field name * @param string $default Default value - * @param bool $is_textarea Whether the field is a textarea element * @return string */ - function set_value($field = '', $default = '', $is_textarea = FALSE) + function set_value($field, $default = '') { $CI =& get_instance(); @@ -702,7 +686,7 @@ if ( ! function_exists('set_value')) ? $CI->form_validation->set_value($field, $default) : $CI->input->post($field, FALSE); - return form_prep($value === NULL ? $default : $value, $is_textarea); + return html_escape($value === NULL ? $default : $value); } } @@ -721,7 +705,7 @@ if ( ! function_exists('set_select')) * @param bool * @return string */ - function set_select($field = '', $value = '', $default = FALSE) + function set_select($field, $value = '', $default = FALSE) { $CI =& get_instance(); @@ -768,7 +752,7 @@ if ( ! function_exists('set_checkbox')) * @param bool * @return string */ - function set_checkbox($field = '', $value = '', $default = FALSE) + function set_checkbox($field, $value = '', $default = FALSE) { $CI =& get_instance(); @@ -815,7 +799,7 @@ if ( ! function_exists('set_radio')) * @param bool $default * @return string */ - function set_radio($field = '', $value = '', $default = FALSE) + function set_radio($field, $value = '', $default = FALSE) { $CI =& get_instance(); @@ -921,7 +905,7 @@ if ( ! function_exists('_parse_form_attributes')) { if ($key === 'value') { - $val = form_prep($val); + $val = html_escape($val); } elseif ($key === 'name' && ! strlen($default['name'])) { -- cgit v1.2.3-24-g4f1b From 4cbe463b4c442e0e2dae2f43565e77f7ac5ecb86 Mon Sep 17 00:00:00 2001 From: vlakoff Date: Wed, 21 Jan 2015 22:56:22 +0100 Subject: Remove closing blocks at end of PHP files --- system/helpers/form_helper.php | 3 --- 1 file changed, 3 deletions(-) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index 007db4cab..fb235291e 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -996,6 +996,3 @@ if ( ! function_exists('_get_validation_object')) return $return; } } - -/* End of file form_helper.php */ -/* Location: ./system/helpers/form_helper.php */ \ No newline at end of file -- cgit v1.2.3-24-g4f1b From 11bf768f557e7c63f8702648705536773b37c9b8 Mon Sep 17 00:00:00 2001 From: Adrian Voicu Date: Thu, 5 Feb 2015 12:14:55 +0200 Subject: Allow not-escaping the value in set_value() Wouldn't it be a good idea to allow for not escaped html in set_value()? --- system/helpers/form_helper.php | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index fb235291e..f6d6b433e 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -676,17 +676,18 @@ if ( ! function_exists('set_value')) * * @param string $field Field name * @param string $default Default value + * @param bool $escaped Escaped value * @return string */ - function set_value($field, $default = '') + function set_value($field, $default = '',$escaped = TRUE) { $CI =& get_instance(); $value = (isset($CI->form_validation) && is_object($CI->form_validation) && $CI->form_validation->has_rule($field)) ? $CI->form_validation->set_value($field, $default) : $CI->input->post($field, FALSE); - - return html_escape($value === NULL ? $default : $value); + $value = ($value === NULL) ? $default : $value; + return $escaped ? html_escape($value) : $value; } } -- cgit v1.2.3-24-g4f1b From 86e6a19eaa1f994588beee2c47143c19c800c8ec Mon Sep 17 00:00:00 2001 From: Adrian Voicu Date: Thu, 5 Feb 2015 13:51:26 +0200 Subject: Update form_helper.php --- system/helpers/form_helper.php | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index f6d6b433e..dca4270f6 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -676,18 +676,19 @@ if ( ! function_exists('set_value')) * * @param string $field Field name * @param string $default Default value - * @param bool $escaped Escaped value + * @param bool $html_escape HTML escaped value * @return string */ - function set_value($field, $default = '',$escaped = TRUE) + function set_value($field, $default = '', $html_escape = TRUE) { $CI =& get_instance(); $value = (isset($CI->form_validation) && is_object($CI->form_validation) && $CI->form_validation->has_rule($field)) ? $CI->form_validation->set_value($field, $default) : $CI->input->post($field, FALSE); - $value = ($value === NULL) ? $default : $value; - return $escaped ? html_escape($value) : $value; + + isset($value) OR $value = $default; + return ($html_escape) ? html_escape($value) : $value; } } -- cgit v1.2.3-24-g4f1b From fa61fb236654fbd3eea82d437da28c9aab33e559 Mon Sep 17 00:00:00 2001 From: Adrian Voicu Date: Thu, 5 Feb 2015 15:46:12 +0200 Subject: Update form_helper.php --- system/helpers/form_helper.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index dca4270f6..70c40a9c3 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -676,7 +676,7 @@ if ( ! function_exists('set_value')) * * @param string $field Field name * @param string $default Default value - * @param bool $html_escape HTML escaped value + * @param bool $html_escape Whether to escape HTML special characters or not * @return string */ function set_value($field, $default = '', $html_escape = TRUE) -- cgit v1.2.3-24-g4f1b From 7df6634b6ca69bfae76b3e9a7531035923579580 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 5 Feb 2015 15:58:09 +0200 Subject: [ci skip] Remove some whitespace --- system/helpers/form_helper.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index 70c40a9c3..53ee8eb11 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -686,7 +686,7 @@ if ( ! function_exists('set_value')) $value = (isset($CI->form_validation) && is_object($CI->form_validation) && $CI->form_validation->has_rule($field)) ? $CI->form_validation->set_value($field, $default) : $CI->input->post($field, FALSE); - + isset($value) OR $value = $default; return ($html_escape) ? html_escape($value) : $value; } -- cgit v1.2.3-24-g4f1b From 664d25a2286b5fdef740da7a3c4d72d8fa00d530 Mon Sep 17 00:00:00 2001 From: Adam Jackett Date: Wed, 3 Jun 2015 15:54:54 -0400 Subject: made all form helpers consistent regarding extra attributes --- system/helpers/form_helper.php | 40 ++++++++++++++++++++++++++++++---------- 1 file changed, 30 insertions(+), 10 deletions(-) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index 53ee8eb11..c77069c55 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -197,7 +197,7 @@ if ( ! function_exists('form_input')) * * @param mixed * @param string - * @param string + * @param mixed * @return string */ function form_input($data = '', $value = '', $extra = '') @@ -208,6 +208,8 @@ if ( ! function_exists('form_input')) 'value' => $value ); + $extra = _attributes_to_string($extra); + return '\n"; } } @@ -223,7 +225,7 @@ if ( ! function_exists('form_password')) * * @param mixed * @param string - * @param string + * @param mixed * @return string */ function form_password($data = '', $value = '', $extra = '') @@ -245,7 +247,7 @@ if ( ! function_exists('form_upload')) * * @param mixed * @param string - * @param string + * @param mixed * @return string */ function form_upload($data = '', $value = '', $extra = '') @@ -253,6 +255,9 @@ if ( ! function_exists('form_upload')) $defaults = array('type' => 'file', 'name' => ''); is_array($data) OR $data = array('name' => $data); $data['type'] = 'file'; + + $extra = _attributes_to_string($extra); + return '\n"; } } @@ -266,7 +271,7 @@ if ( ! function_exists('form_textarea')) * * @param mixed $data * @param string $value - * @param string $extra + * @param mixed $extra * @return string */ function form_textarea($data = '', $value = '', $extra = '') @@ -287,6 +292,8 @@ if ( ! function_exists('form_textarea')) unset($data['value']); // textareas don't use the value attribute } + $extra = _attributes_to_string($extra); + return '\n"; } } @@ -301,11 +308,13 @@ if ( ! function_exists('form_multiselect')) * @param string * @param array * @param mixed - * @param string + * @param mixed * @return string */ function form_multiselect($name = '', $options = array(), $selected = array(), $extra = '') { + $extra = _attributes_to_string($extra); + if ( ! strpos($extra, 'multiple')) { $extra .= ' multiple="multiple"'; @@ -420,7 +429,7 @@ if ( ! function_exists('form_checkbox')) * @param mixed * @param string * @param bool - * @param string + * @param mixed * @return string */ function form_checkbox($data = '', $value = '', $checked = FALSE, $extra = '') @@ -450,6 +459,8 @@ if ( ! function_exists('form_checkbox')) unset($defaults['checked']); } + $extra = _attributes_to_string($extra); + return '\n"; } } @@ -464,13 +475,16 @@ if ( ! function_exists('form_radio')) * @param mixed * @param string * @param bool - * @param string + * @param mixed * @return string */ function form_radio($data = '', $value = '', $checked = FALSE, $extra = '') { is_array($data) OR $data = array('name' => $data); $data['type'] = 'radio'; + + $extra = _attributes_to_string($extra); + return form_checkbox($data, $value, $checked, $extra); } } @@ -484,7 +498,7 @@ if ( ! function_exists('form_submit')) * * @param mixed * @param string - * @param string + * @param mixed * @return string */ function form_submit($data = '', $value = '', $extra = '') @@ -495,6 +509,8 @@ if ( ! function_exists('form_submit')) 'value' => $value ); + $extra = _attributes_to_string($extra); + return '\n"; } } @@ -508,7 +524,7 @@ if ( ! function_exists('form_reset')) * * @param mixed * @param string - * @param string + * @param mixed * @return string */ function form_reset($data = '', $value = '', $extra = '') @@ -519,6 +535,8 @@ if ( ! function_exists('form_reset')) 'value' => $value ); + $extra = _attributes_to_string($extra); + return '\n"; } } @@ -532,7 +550,7 @@ if ( ! function_exists('form_button')) * * @param mixed * @param string - * @param string + * @param mixed * @return string */ function form_button($data = '', $content = '', $extra = '') @@ -548,6 +566,8 @@ if ( ! function_exists('form_button')) unset($data['content']); // content is not an attribute } + $extra = _attributes_to_string($extra); + return '\n"; } } -- cgit v1.2.3-24-g4f1b From 0c75c8219e42cf629036f73944901bd9f1f286bf Mon Sep 17 00:00:00 2001 From: Adam Jackett Date: Wed, 17 Jun 2015 10:42:23 -0400 Subject: removed unnecessary change to form_radio, updated docs and added changelog entry --- system/helpers/form_helper.php | 2 -- 1 file changed, 2 deletions(-) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index c77069c55..f8c6a9dde 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -483,8 +483,6 @@ if ( ! function_exists('form_radio')) is_array($data) OR $data = array('name' => $data); $data['type'] = 'radio'; - $extra = _attributes_to_string($extra); - return form_checkbox($data, $value, $checked, $extra); } } -- cgit v1.2.3-24-g4f1b From c19f3b2596ae846f5de73f562a0288af8c82855a Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 15 Jul 2015 16:41:06 +0300 Subject: Polish changes from PR #3893 --- system/helpers/form_helper.php | 37 +++++++++++++------------------------ 1 file changed, 13 insertions(+), 24 deletions(-) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index f8c6a9dde..fd807769a 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -208,9 +208,7 @@ if ( ! function_exists('form_input')) 'value' => $value ); - $extra = _attributes_to_string($extra); - - return '\n"; + return '\n"; } } @@ -256,9 +254,7 @@ if ( ! function_exists('form_upload')) is_array($data) OR $data = array('name' => $data); $data['type'] = 'file'; - $extra = _attributes_to_string($extra); - - return '\n"; + return '\n"; } } @@ -292,9 +288,9 @@ if ( ! function_exists('form_textarea')) unset($data['value']); // textareas don't use the value attribute } - $extra = _attributes_to_string($extra); - - return '\n"; + return '\n"; } } @@ -314,8 +310,7 @@ if ( ! function_exists('form_multiselect')) function form_multiselect($name = '', $options = array(), $selected = array(), $extra = '') { $extra = _attributes_to_string($extra); - - if ( ! strpos($extra, 'multiple')) + if (stripos($extra, 'multiple') === FALSE) { $extra .= ' multiple="multiple"'; } @@ -381,7 +376,7 @@ if ( ! function_exists('form_dropdown')) $extra = _attributes_to_string($extra); - $multiple = (count($selected) > 1 && strpos($extra, 'multiple') === FALSE) ? ' multiple="multiple"' : ''; + $multiple = (count($selected) > 1 && stripos($extra, 'multiple') === FALSE) ? ' multiple="multiple"' : ''; $form = '\n"; + return '\n"; } } @@ -507,9 +500,7 @@ if ( ! function_exists('form_submit')) 'value' => $value ); - $extra = _attributes_to_string($extra); - - return '\n"; + return '\n"; } } @@ -533,9 +524,7 @@ if ( ! function_exists('form_reset')) 'value' => $value ); - $extra = _attributes_to_string($extra); - - return '\n"; + return '\n"; } } @@ -564,9 +553,9 @@ if ( ! function_exists('form_button')) unset($data['content']); // content is not an attribute } - $extra = _attributes_to_string($extra); - - return '\n"; + return '\n"; } } -- cgit v1.2.3-24-g4f1b From 0139e6a4a99cbe9b0cc06f394fa12d5691193b72 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 4 Nov 2015 22:42:17 +0200 Subject: [ci skip] Fix a false default-fallback bug in set_checkbox(), set_radio() Relevant: #4210 --- system/helpers/form_helper.php | 41 +++++++++++++++++++++++++++++++++-------- 1 file changed, 33 insertions(+), 8 deletions(-) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index fd807769a..37dafd913 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -769,12 +769,11 @@ if ( ! function_exists('set_checkbox')) { return $CI->form_validation->set_checkbox($field, $value, $default); } - elseif (($input = $CI->input->post($field, FALSE)) === NULL) - { - return ($default === TRUE) ? ' checked="checked"' : ''; - } + // Form inputs are always strings ... $value = (string) $value; + $input = $CI->input->post($field, FALSE); + if (is_array($input)) { // Note: in_array('', array(0)) returns TRUE, do not use it @@ -789,7 +788,13 @@ if ( ! function_exists('set_checkbox')) return ''; } - return ($input === $value) ? ' checked="checked"' : ''; + // Unchecked checkbox and radio inputs are not even submitted by browsers ... + if ($CI->input->method() === 'post') + { + return ($input === 'value') ? ' checked="checked"' : ''; + } + + return ($default === TRUE) ? ' checked="checked"' : ''; } } @@ -816,12 +821,32 @@ if ( ! function_exists('set_radio')) { return $CI->form_validation->set_radio($field, $value, $default); } - elseif (($input = $CI->input->post($field, FALSE)) === NULL) + + // Form inputs are always strings ... + $value = (string) $value; + $input = $CI->input->post($field, FALSE); + + if (is_array($input)) + { + // Note: in_array('', array(0)) returns TRUE, do not use it + foreach ($input as &$v) + { + if ($value === $v) + { + return ' checked="checked"'; + } + } + + return ''; + } + + // Unchecked checkbox and radio inputs are not even submitted by browsers ... + if ($CI->input->method() === 'post') { - return ($default === TRUE) ? ' checked="checked"' : ''; + return ($input === 'value') ? ' checked="checked"' : ''; } - return ($input === (string) $value) ? ' checked="checked"' : ''; + return ($default === TRUE) ? ' checked="checked"' : ''; } } -- cgit v1.2.3-24-g4f1b From 125ef4751080a2118cb203357d77687699e3eb25 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 11 Jan 2016 12:33:00 +0200 Subject: [ci skip] Bump year to 2016 --- system/helpers/form_helper.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index 37dafd913..badf7773d 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2016, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -29,7 +29,7 @@ * @package CodeIgniter * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link http://codeigniter.com * @since Version 1.0.0 -- cgit v1.2.3-24-g4f1b From bd202c91b0e9cf0a8c93bcaa71df9574f5909346 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 11 Jan 2016 12:50:18 +0200 Subject: [ci skip] Update codeigniter.com links to https --- system/helpers/form_helper.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index badf7773d..1624bded0 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -31,7 +31,7 @@ * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Helpers * @category Helpers * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/helpers/form_helper.html + * @link https://codeigniter.com/user_guide/helpers/form_helper.html */ // ------------------------------------------------------------------------ -- cgit v1.2.3-24-g4f1b From 1924e879b165fb119847a49a7a5eab2f28295fa2 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 11 Jan 2016 12:55:34 +0200 Subject: [ci skip] Update ellislab.com links to https too --- system/helpers/form_helper.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index 1624bded0..04778b084 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -28,7 +28,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link https://codeigniter.com -- cgit v1.2.3-24-g4f1b From 0b59bdd3cd647b44c83e746a5d3d3aa179325df4 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 29 Jan 2016 01:18:08 +0200 Subject: Fix a regression in Form helper caused by 0139e6a4a99cbe9b0cc06f394fa12d5691193b72 --- system/helpers/form_helper.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index 04778b084..3e1039525 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -791,7 +791,7 @@ if ( ! function_exists('set_checkbox')) // Unchecked checkbox and radio inputs are not even submitted by browsers ... if ($CI->input->method() === 'post') { - return ($input === 'value') ? ' checked="checked"' : ''; + return ($input === $value) ? ' checked="checked"' : ''; } return ($default === TRUE) ? ' checked="checked"' : ''; @@ -843,7 +843,7 @@ if ( ! function_exists('set_radio')) // Unchecked checkbox and radio inputs are not even submitted by browsers ... if ($CI->input->method() === 'post') { - return ($input === 'value') ? ' checked="checked"' : ''; + return ($input === $value) ? ' checked="checked"' : ''; } return ($default === TRUE) ? ' checked="checked"' : ''; -- cgit v1.2.3-24-g4f1b From e13fa9fdb3f2e311bd7331e49b26889f24bc81cb Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 20 May 2016 17:30:07 +0300 Subject: Merge pull request #4638 from kasimtan/phpdoc_fixes [ci skip] Fixed PHPDoc parameter name and type discrepancies --- system/helpers/form_helper.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index 3e1039525..8825ecc2c 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -568,7 +568,7 @@ if ( ! function_exists('form_label')) * * @param string The text to appear onscreen * @param string The id the label applies to - * @param string Additional attributes + * @param array Additional attributes * @return string */ function form_label($label_text = '', $id = '', $attributes = array()) -- cgit v1.2.3-24-g4f1b From 7a49c0b0f12121be39001a13a97bd608f6a30a7a Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 27 Sep 2016 14:00:26 +0300 Subject: Merge pull request #4810 from Dutchy-/patch-1 Remove inline style from form_open() hidden fields --- system/helpers/form_helper.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index 8825ecc2c..aa7379f77 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -100,7 +100,7 @@ if ( ! function_exists('form_open')) { foreach ($hidden as $name => $value) { - $form .= ''."\n"; + $form .= ''."\n"; } } -- cgit v1.2.3-24-g4f1b From da60e9bc66ec90970fbd2dfd08b0a6e66b9f5f5f Mon Sep 17 00:00:00 2001 From: Master Yoda Date: Sat, 31 Dec 2016 08:46:18 -0800 Subject: Update copyright data to 2017 --- system/helpers/form_helper.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index aa7379f77..fc7d2a6a0 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2016, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -29,7 +29,7 @@ * @package CodeIgniter * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) - * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link https://codeigniter.com * @since Version 1.0.0 -- cgit v1.2.3-24-g4f1b From cfd52edad6a4ae84b0c34755455b5b7b164878be Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 4 Jan 2017 16:58:08 +0200 Subject: [ci skip] Try to mitigate BREACH attacks against CSRF tokens --- system/helpers/form_helper.php | 41 +++++++++++++++++++++++++++++++++++------ 1 file changed, 35 insertions(+), 6 deletions(-) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index fc7d2a6a0..a49eea803 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -90,12 +90,6 @@ if ( ! function_exists('form_open')) $form = '\n"; - // Add CSRF field if enabled, but leave it out for GET requests and requests to external websites - if ($CI->config->item('csrf_protection') === TRUE && strpos($action, $CI->config->base_url()) !== FALSE && ! stripos($form, 'method="get"')) - { - $hidden[$CI->security->get_csrf_token_name()] = $CI->security->get_csrf_hash(); - } - if (is_array($hidden)) { foreach ($hidden as $name => $value) @@ -104,6 +98,41 @@ if ( ! function_exists('form_open')) } } + // Add CSRF field if enabled, but leave it out for GET requests and requests to external websites + if ($CI->config->item('csrf_protection') === TRUE && strpos($action, $CI->config->base_url()) !== FALSE && ! stripos($form, 'method="get"')) + { + // Prepend/append random-length "white noise" around the CSRF + // token input, as a form of protection against BREACH attacks + if (FALSE !== ($noise = $CI->security->get_random_bytes(1))) + { + list(, $noise) = unpack('c', $noise); + } + else + { + $noise = mt_rand(-128, 127); + } + + // Prepend if $noise has a negative value, append if positive, do nothing for zero + $prepend = $append = ''; + if ($noise < 0) + { + $prepend = str_repeat(" ", abs($noise)); + } + elseif ($noise > 0) + { + $append = str_repeat(" ", $noise); + } + + $form .= sprintf( + '%s%s%s', + $prepend, + $CI->security->get_csrf_token_name(), + $CI->security->get_csrf_hash(), + $append, + "\n" + ); + } + return $form; } } -- cgit v1.2.3-24-g4f1b From 904a28b41dab825eea4d1a9258aec2ea99b9a9d6 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 25 May 2017 11:51:07 +0300 Subject: Merge pull request #5130 from aroche/patch-2 Allow arbitrary strings as extra attributes in form_label --- system/helpers/form_helper.php | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index a49eea803..75c6e5d47 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -610,13 +610,7 @@ if ( ! function_exists('form_label')) $label .= ' for="'.$id.'"'; } - if (is_array($attributes) && count($attributes) > 0) - { - foreach ($attributes as $key => $val) - { - $label .= ' '.$key.'="'.$val.'"'; - } - } + $label .= _attributes_to_string($attributes); return $label.'>'.$label_text.''; } -- cgit v1.2.3-24-g4f1b From 26ba694fb2aca751e8fa18e7c73f2c5e0c1c13ab Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 25 May 2017 11:55:11 +0300 Subject: [ci skip] Doc changes following PR #5130 --- system/helpers/form_helper.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index 75c6e5d47..13f196318 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -597,7 +597,7 @@ if ( ! function_exists('form_label')) * * @param string The text to appear onscreen * @param string The id the label applies to - * @param array Additional attributes + * @param mixed Additional attributes * @return string */ function form_label($label_text = '', $id = '', $attributes = array()) -- cgit v1.2.3-24-g4f1b