Do not hard code the name of the form identification element

Like the csrf element name the form identification element name should be publicly accessible as well. refs #5525
2025-07-29 16:54:04 +02:00 · 2014-08-27 13:14:40 +02:00 · 2014-08-27 13:14:40 +02:00 · e1329058db
commit e1329058db
parent 6783d51f76
1 changed files with 32 additions and 2 deletions
--- a/library/Icinga/Web/Form.php
+++ b/library/Icinga/Web/Form.php
@ -60,6 +60,13 @@ class Form extends Zend_Form
     */
    protected $tokenElementName = 'CSRFToken';

+    /**
+     * Name of the form identification element
+     *
+     * @var string
+     */
+    protected $uidElementName = 'formUID';
+
    /**
     * Set the label to use for the standard submit button
     *
@ -185,6 +192,29 @@ class Form extends Zend_Form
        return $this->tokenElementName;
    }

+    /**
+     * Set the name to use for the form identification element
+     *
+     * @param   string  $name   The name to set
+     *
+     * @return  self
+     */
+    public function setUidElementName($name)
+    {
+        $this->uidElementName = $name;
+        return $this;
+    }
+
+    /**
+     * Return the name of the form identification element
+     *
+     * @return  string
+     */
+    public function getUidElementName()
+    {
+        return $this->uidElementName;
+    }
+
    /**
     * Create this form
     *
@ -317,7 +347,7 @@ class Form extends Zend_Form
    {
        $this->addElement(
            'hidden',
-            'form_uid',
+            $this->uidElementName,
            array(
                'ignore'    => true,
                'value'     => $this->getName()
@ -416,7 +446,7 @@ class Form extends Zend_Form
     */
    public function wasSent(array $formData)
    {
-        return isset($formData['form_uid']) && $formData['form_uid'] === $this->getName();
+        return isset($formData[$this->uidElementName]) && $formData[$this->uidElementName] === $this->getName();
    }

    /**