tyler.durden
/
icingaweb2
mirror of https://github.com/Icinga/icingaweb2.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Form: Automatically remove query parameters only for GET forms 

refs #9421
This commit is contained in:
Johannes Meyer 2015-07-27 08:52:33 +02:00
parent 982e226db0
commit 86ad6c48ff
3 changed files with 17 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
application/controllers/ConfigController.php
View File

@ -250,7 +250,6 @@ class ConfigController extends Controller
$backendName = $this->params->getRequired('backend'); $backendName = $this->params->getRequired('backend');
$form = new UserBackendConfigForm(); $form = new UserBackendConfigForm();
$form->setAction(Url::fromRequest());
$form->setRedirectUrl('config/userbackend'); $form->setRedirectUrl('config/userbackend');
$form->setTitle(sprintf($this->translate('Edit User Backend %s'), $backendName)); $form->setTitle(sprintf($this->translate('Edit User Backend %s'), $backendName));
$form->setIniConfig(Config::app('authentication')); $form->setIniConfig(Config::app('authentication'));

1
application/controllers/UsergroupbackendController.php
View File

@ -78,7 +78,6 @@ class UsergroupbackendController extends Controller
$backendName = $this->params->getRequired('backend'); $backendName = $this->params->getRequired('backend');
$form = new UserGroupBackendForm(); $form = new UserGroupBackendForm();
$form->setAction(Url::fromRequest());
$form->setRedirectUrl('usergroupbackend/list'); $form->setRedirectUrl('usergroupbackend/list');
$form->setTitle(sprintf($this->translate('Edit User Group Backend %s'), $backendName)); $form->setTitle(sprintf($this->translate('Edit User Group Backend %s'), $backendName));
$form->setIniConfig(Config::app('groups')); $form->setIniConfig(Config::app('groups'));

28
library/Icinga/Web/Form.php
View File

@ -292,9 +292,11 @@ class Form extends Zend_Form
public function getRedirectUrl() public function getRedirectUrl()
{ {
if ($this->redirectUrl === null) { if ($this->redirectUrl === null) {
$url = $this->getRequest()->getUrl(); $this->redirectUrl = $this->getRequest()->getUrl();
// Be sure to remove all form dependent params because we do not want to submit it again if ($this->getMethod() === 'get') {
$this->redirectUrl = $url->without(array_keys($this->getElements())); // Be sure to remove all form dependent params because we do not want to submit it again
$this->redirectUrl = $this->redirectUrl->without(array_keys($this->getElements()));
}
} }
return $this->redirectUrl; return $this->redirectUrl;
@ -658,22 +660,26 @@ class Form extends Zend_Form
*/ */
public function create(array $formData = array()) public function create(array $formData = array())
{ {
if (false === $this->created) { if (! $this->created) {
$this->createElements($formData); $this->createElements($formData);
$this->addFormIdentification() $this->addFormIdentification()
->addCsrfCounterMeasure() ->addCsrfCounterMeasure()
->addSubmitButton(); ->addSubmitButton();
// Use Form::getAttrib() instead of Form::getAction() here because we want to explicitly check against
// null. Form::getAction() would return the empty string '' if the action is not set.
// For not setting the action attribute use Form::setAction(''). This is required for for the
// accessibility's enable/disable auto-refresh mechanic
if ($this->getAttrib('action') === null) { if ($this->getAttrib('action') === null) {
// Use Form::getAttrib() instead of Form::getAction() here because we want to explicitly check against $action = $this->getRequest()->getUrl();
// null. Form::getAction() would return the empty string '' if the action is not set. if ($this->getMethod() === 'get') {
// For not setting the action attribute use Form::setAction(''). This is required for for the $action = $action->without(array_keys($this->getElements()));
// accessibility's enable/disable auto-refresh mechanic }
// TODO(el): Re-evalute this necessity. JavaScript could use the container's URL if there's no action set. // TODO(el): Re-evalute this necessity. JavaScript could use the container's URL if there's no action set.
// We MUST set an action as JS gets confused otherwise, if // We MUST set an action as JS gets confused otherwise, if
// this form is being displayed in an additional column // this form is being displayed in an additional column
$this->setAction($this->getRequest()->getUrl()->without(array_keys($this->getElements()))); $this->setAction($action);
} }
$this->created = true; $this->created = true;
@ -920,7 +926,7 @@ class Form extends Zend_Form
*/ */
public function addFormIdentification() public function addFormIdentification()
{ {
if (false === $this->uidDisabled && $this->getElement($this->uidElementName) === null) { if (! $this->uidDisabled && $this->getElement($this->uidElementName) === null) {
$this->addElement( $this->addElement(
'hidden', 'hidden',
$this->uidElementName, $this->uidElementName,
@ -942,7 +948,7 @@ class Form extends Zend_Form
*/ */
public function addCsrfCounterMeasure() public function addCsrfCounterMeasure()
{ {
if (false === $this->tokenDisabled && $this->getElement($this->tokenElementName) === null) { if (! $this->tokenDisabled && $this->getElement($this->tokenElementName) === null) {
$this->addElement(new CsrfCounterMeasure($this->tokenElementName)); $this->addElement(new CsrfCounterMeasure($this->tokenElementName));
} }