tyler.durden
/
icingaweb2
mirror of https://github.com/Icinga/icingaweb2.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Do not set the full url from the request as action with form parameters 

Setting an url with parameters named like form elements in a form with
method POST causes Zend to ignore any POST data because GET will be
processed with higher priority.

fixes #6806
This commit is contained in:
Johannes Meyer 2014-08-13 14:50:21 +02:00
parent e7da9c0a00
commit 7311ab964e
3 changed files with 4 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
library/Icinga/Web/Form.php
View File

@ -7,7 +7,6 @@ namespace Icinga\Web;
use LogicException; use LogicException;
use Zend_Form; use Zend_Form;
use Zend_View_Interface; use Zend_View_Interface;
use Icinga\Application\Icinga;
use Icinga\Web\Form\Decorator\HelpText; use Icinga\Web\Form\Decorator\HelpText;
use Icinga\Web\Form\Decorator\ElementWrapper; use Icinga\Web\Form\Decorator\ElementWrapper;
use Icinga\Web\Form\Element\CsrfCounterMeasure; use Icinga\Web\Form\Element\CsrfCounterMeasure;
@ -131,14 +130,15 @@ class Form extends Zend_Form
public function create(array $formData = array()) public function create(array $formData = array())
{ {
if (false === $this->created) { if (false === $this->created) {
$this->addElements($this->createElements($formData));
$this->addCsrfCounterMeasure()->addSubmitButton();
if ($this->getAction() === '') { if ($this->getAction() === '') {
// We MUST set an action as JS gets confused otherwise, if // We MUST set an action as JS gets confused otherwise, if
// this form is being displayed in an additional column // this form is being displayed in an additional column
$this->setAction(Icinga::app()->getFrontController()->getRequest()->getRequestUri()); $this->setAction(Url::fromRequest()->getUrlWithout(array_keys($this->getElements())));
} }
$this->addElements($this->createElements($formData));
$this->addCsrfCounterMeasure()->addSubmitButton();
$this->created = true; $this->created = true;
} }

1
library/Icinga/Web/Widget/SortBox.php
View File

@ -132,7 +132,6 @@ class SortBox extends AbstractWidget
$sort = $form->getElement('sort')->setDecorators(array('ViewHelper')); $sort = $form->getElement('sort')->setDecorators(array('ViewHelper'));
$dir = $form->getElement('dir')->setDecorators(array('ViewHelper')); $dir = $form->getElement('dir')->setDecorators(array('ViewHelper'));
if ($this->request) { if ($this->request) {
$form->setAction($this->request->getRequestUri());
$form->populate($this->request->getParams()); $form->populate($this->request->getParams());
} }
return $form; return $form;

1
modules/monitoring/library/Monitoring/Web/Widget/TimelineIntervalBox.php
View File

@ -97,7 +97,6 @@ class TimelineIntervalBox extends AbstractWidget
); );
if ($this->request) { if ($this->request) {
$form->setAction($this->request->getRequestUri());
$form->populate($this->request->getParams()); $form->populate($this->request->getParams());
} }