From 37f4b9caa02783e06dd7c5318200113409a0deb1 Mon Sep 17 00:00:00 2001 From: Derek Jones Date: Fri, 1 Jul 2011 17:56:50 -0500 Subject: backed out 648b42a75739, which was a NON-trivial whitespace commit. It broke the Typography class's string replacements, for instance --- system/helpers/form_helper.php | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index a6dfdb2ba..2925d3c7c 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -1,4 +1,4 @@ -text. To close fieldset + * Used to produce
text. To close fieldset * use form_fieldset_close() * * @access public @@ -663,7 +663,7 @@ if ( ! function_exists('form_prep')) * Form Value * * Grabs a value from the POST array for the specified field so you can - * re-populate an input field or textarea. If Form Validation + * re-populate an input field or textarea. If Form Validation * is active it retrieves the info from the validation class * * @access public @@ -858,7 +858,7 @@ if ( ! function_exists('set_radio')) /** * Form Error * - * Returns the error for a specific form field. This is a helper for the + * Returns the error for a specific form field. This is a helper for the * form validation class. * * @access public @@ -885,7 +885,7 @@ if ( ! function_exists('form_error')) /** * Validation Error String * - * Returns all the errors associated with a form submission. This is a helper + * Returns all the errors associated with a form submission. This is a helper * function for the form validation class. * * @access public @@ -1034,17 +1034,17 @@ if ( ! function_exists('_get_validation_object')) // We set this as a variable since we're returning by reference. $return = FALSE; - + if (FALSE !== ($object = $CI->load->is_loaded('form_validation'))) { if ( ! isset($CI->$object) OR ! is_object($CI->$object)) { return $return; } - + return $CI->$object; } - + return $return; } } -- cgit v1.2.3-24-g4f1b From 08a245f0c9d9638f039d12aebcd35bd875d72107 Mon Sep 17 00:00:00 2001 From: Joël Cox Date: Sat, 16 Jul 2011 23:46:49 +0200 Subject: CSRF field is only added when post method is used and action is internal. Closes #165 --- system/helpers/form_helper.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index 2925d3c7c..5720a06ec 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -64,8 +64,8 @@ if ( ! function_exists('form_open')) $form .= '>'; - // CSRF - if ($CI->config->item('csrf_protection') === TRUE) + // Add CSRF field if enabled, but leave it out for GET requests and requests to external websites + if ($CI->config->item('csrf_protection') === TRUE AND ! (strpos($action, $CI->config->site_url()) === FALSE OR strpos($form, 'method="get"'))) { $hidden[$CI->security->get_csrf_token_name()] = $CI->security->get_csrf_hash(); } -- cgit v1.2.3-24-g4f1b From 7de3160f0ed13e773fa5233af0566bcae3f99081 Mon Sep 17 00:00:00 2001 From: Phil Sturgeon Date: Sat, 13 Aug 2011 10:26:22 -0600 Subject: Big text area was big. Reduced the size a little. --- system/helpers/form_helper.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/helpers/form_helper.php') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index 5720a06ec..47f93e748 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -249,7 +249,7 @@ if ( ! function_exists('form_textarea')) { function form_textarea($data = '', $value = '', $extra = '') { - $defaults = array('name' => (( ! is_array($data)) ? $data : ''), 'cols' => '90', 'rows' => '12'); + $defaults = array('name' => (( ! is_array($data)) ? $data : ''), 'cols' => '40', 'rows' => '10'); if ( ! is_array($data) OR ! isset($data['value'])) { -- cgit v1.2.3-24-g4f1b