PITS /
00835: AuthForm doesn't handle arrays in _POST properly
Summary: AuthForm doesn't handle arrays in _POST properly
Created: 2006-11-22 08:04
Status: Closed - duplicate of 01110 (fixed for 2.2.76).
Category: Bug
Assigned:
Priority:
Version: 2.1.11
OS:
Description: See http://bugs.gnewsense.org/Bugs/00043 for original report. Issue is that WikiForms sends dates as <input name="dataopened[]"> which turns the POST into 'dateopened'=>array('2006','11','22')
I am closing this entry as duplicate of 01110 -- the future fix should handle associative arrays with multiple dimensions, so the code will be slightly different. --Petko February 25, 2010, at 09:31 AM
The fix is a change in pmwiki.php:
RCS file: pmwiki.php,v
retrieving revision 1.1
diff -u -r1.1 pmwiki.php
--- pmwiki.php 2006/11/22 13:40:11 1.1
+++ pmwiki.php 2006/11/22 13:55:10
@@ -1509,6 +1509,14 @@
$postvars = '';
foreach($_POST as $k=>$v) {
if ($k == 'authpw' || $k == 'authid') continue;
+ if (is_array($v)) {
+ foreach($v as $dummy => $value){
+ $value = str_replace('$', '$',
+ htmlspecialchars(stripmagic($value), ENT_COMPAT));
+ $postvars .= "<input type='hidden' name='${k}[]' value=\"$value\" />\n";
+ }
+ continue;
+ }
$v = str_replace('$', '$',
htmlspecialchars(stripmagic($v), ENT_COMPAT));
$postvars .= "<input type='hidden' name='$k' value=\"$v\" />\n";