From 70da44222691600667daa358bab9cd52693b019e Mon Sep 17 00:00:00 2001 From: Dominique Fournier Date: Fri, 27 Mar 2015 11:43:04 +0000 Subject: [PATCH] form : correct formfield (groups) git-svn-id: https://svn.fournier38.fr/svn/ProgSVN/trunk@2066 bf3deb0d-5f1a-0410-827f-c0cc1f45334c --- form.php | 31 ++++++++++--------------------- 1 file changed, 10 insertions(+), 21 deletions(-) diff --git a/form.php b/form.php index a2c1d68..51179dd 100644 --- a/form.php +++ b/form.php @@ -180,6 +180,11 @@ die ("FORM/VERIFY : UNUSED and dirty\n"); $group = ""; foreach ($this->fields as $field) { + if (isset ($field->group) && $field->group !== $group && $group !== "") + { + $res .="\n"; + $group = ""; + } if (isset ($field->group) && $field->group !== $group) { $res .= "
\n"; @@ -514,13 +519,12 @@ die ("FORM/VERIFY : UNUSED and dirty\n"); $res .= " \n"; // End form-group break; } + } - if (isset ($field->group) && $field->group !== $group || - !isset ($field->group) && $group !== "") - { - $res .="
\n"; - $group = ""; - } + if ($group !== "") + { + $res .="\n"; + $group = ""; } if ($this->csrf === TRUE) @@ -605,10 +609,6 @@ class csrf $this->csrfToken = $s; $_SESSION["domframework"]["form"]["csrf"] = $this->csrfToken; $_SESSION["domframework"]["form"]["csrfStart"] = microtime (TRUE); -file_put_contents ("/tmp/csrf.log", date ("Y-m-d H:i:s ")."createToken : $this->csrfToken\n", FILE_APPEND); -file_put_contents ("/tmp/csrf.log", date ("Y-m-d H:i:s ").$_SERVER["REQUEST_METHOD"]."-".$_SERVER["REQUEST_URI"]."\n", FILE_APPEND); -$e = new Exception(); -file_put_contents ("/tmp/csrf.log", print_r(str_replace('/path/to/code/', '', $e->getTraceAsString()."\n"), TRUE), FILE_APPEND); return $this->csrfToken; } @@ -617,28 +617,21 @@ file_put_contents ("/tmp/csrf.log", print_r(str_replace('/path/to/code/', '', $e @param string $tokenFromUser The value form the user's token */ public function checkToken ($tokenFromUser) { -file_put_contents ("/tmp/csrf.log", date ("Y-m-d H:i:s ")."checkToken ($tokenFromUser)\n", FILE_APPEND); -file_put_contents ("/tmp/csrf.log", date ("Y-m-d H:i:s ").$_SERVER["REQUEST_METHOD"]."-".$_SERVER["REQUEST_URI"]."\n", FILE_APPEND); -$e = new Exception(); -file_put_contents ("/tmp/csrf.log", print_r(str_replace('/path/to/code/', '', $e->getTraceAsString()."\n"), TRUE), FILE_APPEND); if ($this->csrf === FALSE ) return TRUE; if (! isset ($_SESSION["domframework"]["form"]["csrf"])) { -file_put_contents ("/tmp/csrf.log", date ("Y-m-d H:i:s ")."checkToken ($tokenFromUser) : No previous CSRF token\n", FILE_APPEND); throw new Exception (dgettext("domframework", "No previous CSRF token : abort")); } if ($_SESSION["domframework"]["form"]["csrf"] !== $tokenFromUser) { -file_put_contents ("/tmp/csrf.log", date ("Y-m-d H:i:s ")."checkToken ($tokenFromUser) : Invalid CSRF token provided\n", FILE_APPEND); throw new Exception (dgettext("domframework", "Invalid CSRF token provided")); } if (($_SESSION["domframework"]["form"]["csrfStart"] + $this->csrfTimeout) < microtime (TRUE)) { -file_put_contents ("/tmp/csrf.log", date ("Y-m-d H:i:s ")."checkToken ($tokenFromUser) : Obsolete CSRF token provided\n", FILE_APPEND); throw new Exception (dgettext("domframework", "Obsolete CSRF token provided")); } @@ -648,10 +641,6 @@ file_put_contents ("/tmp/csrf.log", date ("Y-m-d H:i:s ")."checkToken ($tokenFro /** Return the CSRF token in a hidden field */ public function displayFormCSRF () { -file_put_contents ("/tmp/csrf.log", date ("Y-m-d H:i:s ")."displayFormCSRF\n", FILE_APPEND); -file_put_contents ("/tmp/csrf.log", date ("Y-m-d H:i:s ").$_SERVER["REQUEST_METHOD"]."-".$_SERVER["REQUEST_URI"]."\n", FILE_APPEND); -$e = new Exception(); -file_put_contents ("/tmp/csrf.log", print_r(str_replace('/path/to/code/', '', $e->getTraceAsString()."\n"), TRUE), FILE_APPEND); if ($this->csrfToken == "") $this->createToken (); $res = "