Permalink
Browse files

fix(views): issue unique IDs in elgg_view_input()

IDs should be sufficiently (not cryptographically) unique even across multiple
requests.

Fixes #9955
  • Loading branch information...
mrclay committed Jul 8, 2016
1 parent 969d373 commit f20f0603de19211d4a2ae5597fc182cd83aa3a93
Showing with 1 addition and 4 deletions.
  1. +1 −4 engine/lib/views.php
View
@@ -1301,8 +1301,6 @@ function elgg_view_form($action, $form_vars = array(), $body_vars = array()) {
*/
function elgg_view_input($input_type, array $vars = array()) {
static $id_num;
if (!elgg_view_exists("input/$input_type")) {
return '';
}
@@ -1313,8 +1311,7 @@ function elgg_view_input($input_type, array $vars = array()) {
$id = elgg_extract('id', $vars);
if (!$id) {
$id_num++;
$id = "elgg-field-$id_num";
$id = "elgg-field-" . base_convert(mt_rand(), 10, 36);
$vars['id'] = $id;
}

0 comments on commit f20f060

Please sign in to comment.