Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Removal of _GET actions

Removed get actions from forms so it can be handled by tep_validate_form
  • Loading branch information...
commit 5a73196cd0d5d4b7a4035e27c525f410193f5f90 1 parent 4fb3565
FwrMedia authored
2  catalog/account_edit.php
View
@@ -208,4 +208,4 @@
<?php
require(DIR_WS_INCLUDES . 'template_bottom.php');
require(DIR_WS_INCLUDES . 'application_bottom.php');
-?>
+?>
1  catalog/account_newsletters.php
View
@@ -22,7 +22,6 @@
$newsletter_query = tep_db_query("select customers_newsletter from " . TABLE_CUSTOMERS . " where customers_id = '" . (int)$customer_id . "'");
$newsletter = tep_db_fetch_array($newsletter_query);
-
if (false !== tep_validate_form(array('action' => 'process'))) {
if (isset($HTTP_POST_VARS['newsletter_general']) && is_numeric($HTTP_POST_VARS['newsletter_general'])) {
$newsletter_general = tep_db_prepare_input($HTTP_POST_VARS['newsletter_general']);
3  catalog/account_password.php
View
@@ -19,7 +19,6 @@
// needs to be included earlier to set the success message in the messageStack
require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_ACCOUNT_PASSWORD);
-
if (false !== $validated = tep_validate_form(array('action' => 'process','password_current' => 'string','password_new' => 'string','password_confirmation' => 'string'))) {
extract($validated,EXTR_OVERWRITE);
@@ -107,4 +106,4 @@
<?php
require(DIR_WS_INCLUDES . 'template_bottom.php');
require(DIR_WS_INCLUDES . 'application_bottom.php');
-?>
+?>
1  catalog/address_book_process.php
View
@@ -19,7 +19,6 @@
// needs to be included earlier to set the success message in the messageStack
require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_ADDRESS_BOOK_PROCESS);
-
if (false !== $validated = tep_validate_form_get(array('action' => 'deleteconfirm','delete' => 'int'))) {
extract($validated,EXTR_OVERWRITE);
if ($delete == $customer_default_address_id) {
6 catalog/contact_us.php
View
@@ -14,7 +14,7 @@
require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_CONTACT_US);
- if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'send') && (false !== $validated = tep_validate_form(array('name' => 'strip_tags','email' => 'strip_tags','enquiry' => 'strip_tags')))) {
+ if (false !== $validated = tep_validate_form(array('action' => 'send', 'name' => 'strip_tags','email' => 'strip_tags','enquiry' => 'strip_tags'))) {
extract($validated,EXTR_OVERWRITE);
$error = false;
@@ -71,7 +71,7 @@
} else {
?>
-<?php echo tep_draw_form('contact_us', tep_href_link(FILENAME_CONTACT_US, 'action=send'), 'post', '', true); ?>
+<?php echo tep_draw_form('contact_us', tep_href_link(FILENAME_CONTACT_US), 'post', '', true); ?>
<div class="contentContainer">
<div class="contentText">
@@ -86,7 +86,7 @@
</tr>
<tr>
<td class="fieldKey" valign="top"><?php echo ENTRY_ENQUIRY; ?></td>
- <td class="fieldValue"><?php echo tep_draw_textarea_field('enquiry', 'soft', 50, 15); ?></td>
+ <td class="fieldValue"><?php echo tep_draw_textarea_field('enquiry', 'soft', 50, 15) . tep_draw_hidden_field('action', 'send'); ?></td>
</tr>
</table>
</div>
2  catalog/create_account.php
View
@@ -444,4 +444,4 @@
<?php
require(DIR_WS_INCLUDES . 'template_bottom.php');
require(DIR_WS_INCLUDES . 'application_bottom.php');
-?>
+?>
6 catalog/login.php
View
@@ -20,7 +20,7 @@
require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_LOGIN);
$error = false;
- if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'process') && (false !== $validated = tep_validate_form(array('email_address' => 'strip_tags','password' => 'strip_tags')))) {
+ if (false !== $validated = tep_validate_form(array('action' => 'process', 'email_address' => 'strip_tags','password' => 'strip_tags'))) {
extract($validated,EXTR_OVERWRITE);
// Check if email exists
@@ -109,7 +109,7 @@
<div class="contentText">
<p><?php echo TEXT_RETURNING_CUSTOMER; ?></p>
- <?php echo tep_draw_form('login', tep_href_link(FILENAME_LOGIN, 'action=process', 'SSL'), 'post', '', true); ?>
+ <?php echo tep_draw_form('login', tep_href_link(FILENAME_LOGIN, '', 'SSL'), 'post', '', true); ?>
<table border="0" cellspacing="0" cellpadding="2" width="100%">
<tr>
@@ -118,7 +118,7 @@
</tr>
<tr>
<td class="fieldKey"><?php echo ENTRY_PASSWORD; ?></td>
- <td class="fieldValue"><?php echo tep_draw_password_field('password'); ?></td>
+ <td class="fieldValue"><?php echo tep_draw_password_field('password') . tep_draw_hidden_field('action', 'process'); ?></td>
</tr>
</table>
5 catalog/password_forgotten.php
View
@@ -15,8 +15,7 @@
require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_PASSWORD_FORGOTTEN);
$password_reset_initiated = false;
-
- if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'process') && (false !== $validated = tep_validate_form(array('email_address' => 'strip_tags')))) {
+ if (false !== $validated = tep_validate_form(array('action' => 'process', 'email_address' => 'strip_tags'))) {
extract($validated,EXTR_OVERWRITE);
$check_customer_query = tep_db_query("select customers_firstname, customers_lastname, customers_id from " . TABLE_CUSTOMERS . " where customers_email_address = '" . tep_db_input($email_address) . "'");
@@ -94,7 +93,7 @@
<div class="buttonSet">
<span class="buttonAction"><?php echo tep_draw_button(IMAGE_BUTTON_CONTINUE, 'triangle-1-e', null, 'primary'); ?></span>
- <?php echo tep_draw_button(IMAGE_BUTTON_BACK, 'triangle-1-w', tep_href_link(FILENAME_LOGIN, '', 'SSL')); ?>
+ <?php echo tep_draw_hidden_field('action', 'process') . tep_draw_button(IMAGE_BUTTON_BACK, 'triangle-1-w', tep_href_link(FILENAME_LOGIN, '', 'SSL')); ?>
</div>
</div>
6 catalog/password_reset.php
View
@@ -55,7 +55,7 @@
if ($error == true) {
tep_redirect(tep_href_link(FILENAME_PASSWORD_FORGOTTEN));
}
- if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'process') && (false !== $validated = tep_validate_form(array('password' => 'strip_tags','confirmation' => 'strip_tags')))) {
+ if (false !== $validated = tep_validate_form(array('action' => 'process', 'password' => 'strip_tags','confirmation' => 'strip_tags'))) {
extract($validated,EXTR_OVERWRITE);
if (strlen($password) < ENTRY_PASSWORD_MIN_LENGTH) {
@@ -94,7 +94,7 @@
}
?>
-<?php echo tep_draw_form('password_reset', tep_href_link(FILENAME_PASSWORD_RESET, 'account=' . $email_address . '&key=' . $password_key . '&action=process', 'SSL'), 'post', 'onsubmit="return check_form(password_reset);"', true); ?>
+<?php echo tep_draw_form('password_reset', tep_href_link(FILENAME_PASSWORD_RESET, 'account=' . $email_address . '&key=' . $password_key, 'SSL'), 'post', 'onsubmit="return check_form(password_reset);"', true); ?>
<div class="contentContainer">
<div class="contentText">
@@ -113,7 +113,7 @@
</div>
<div class="buttonSet">
- <span class="buttonAction"><?php echo tep_draw_button(IMAGE_BUTTON_CONTINUE, 'triangle-1-e', null, 'primary'); ?></span>
+ <span class="buttonAction"><?php echo tep_draw_hidden_field('action', 'process') . tep_draw_button(IMAGE_BUTTON_CONTINUE, 'triangle-1-e', null, 'primary'); ?></span>
</div>
</div>
7 catalog/product_reviews_write.php
View
@@ -28,8 +28,7 @@
$customer_query = tep_db_query("select customers_firstname, customers_lastname from " . TABLE_CUSTOMERS . " where customers_id = '" . (int)$customer_id . "'");
$customer = tep_db_fetch_array($customer_query);
-
- if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'process') && (false !== $validated = tep_validate_form(array('rating' => 'int','review' => 'strip_tags')))) {
+ if (false !== $validated = tep_validate_form(array('action' => 'process', 'rating' => 'int','review' => 'strip_tags'))) {
extract($validated,EXTR_OVERWRITE);
$error = false;
@@ -111,7 +110,7 @@ function checkForm() {
}
?>
-<?php echo tep_draw_form('product_reviews_write', tep_href_link(FILENAME_PRODUCT_REVIEWS_WRITE, 'action=process&products_id=' . $HTTP_GET_VARS['products_id']), 'post', 'onsubmit="return checkForm();"', true); ?>
+<?php echo tep_draw_form('product_reviews_write', tep_href_link(FILENAME_PRODUCT_REVIEWS_WRITE, 'products_id=' . $HTTP_GET_VARS['products_id']), 'post', 'onsubmit="return checkForm();"', true); ?>
<div class="contentContainer">
@@ -149,7 +148,7 @@ function checkForm() {
<div class="buttonSet">
<span class="buttonAction"><?php echo tep_draw_button(IMAGE_BUTTON_CONTINUE, 'triangle-1-e', null, 'primary'); ?></span>
- <?php echo tep_draw_button(IMAGE_BUTTON_BACK, 'triangle-1-w', tep_href_link(FILENAME_PRODUCT_REVIEWS, tep_get_all_get_params(array('reviews_id', 'action')))); ?>
+ <?php echo tep_draw_hidden_field('action', 'process') . tep_draw_button(IMAGE_BUTTON_BACK, 'triangle-1-w', tep_href_link(FILENAME_PRODUCT_REVIEWS, tep_get_all_get_params(array('reviews_id', 'action')))); ?>
</div>
</div>
6 catalog/tell_a_friend.php
View
@@ -33,7 +33,7 @@
require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_TELL_A_FRIEND);
- if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'process') && (false !== $validated = tep_validate_form(array('to_email_address' => 'strip_tags','to_name' => 'strip_tags','from_email_address' => 'strip_tags','from_name' => 'strip_tags','message' => 'strip_tags')))) {
+ if (false !== $validated = tep_validate_form(array('action' => 'process', 'to_email_address' => 'strip_tags','to_name' => 'strip_tags','from_email_address' => 'strip_tags','from_name' => 'strip_tags','message' => 'strip_tags'))) {
extract($validated,EXTR_OVERWRITE);
$error = false;
@@ -110,7 +110,7 @@
}
?>
-<?php echo tep_draw_form('email_friend', tep_href_link(FILENAME_TELL_A_FRIEND, 'action=process&products_id=' . (int)$HTTP_GET_VARS['products_id']), 'post', '', true); ?>
+<?php echo tep_draw_form('email_friend', tep_href_link(FILENAME_TELL_A_FRIEND, 'products_id=' . (int)$HTTP_GET_VARS['products_id']), 'post', '', true); ?>
<div class="contentContainer">
<div>
@@ -159,7 +159,7 @@
<div class="buttonSet">
<span class="buttonAction"><?php echo tep_draw_button(IMAGE_BUTTON_CONTINUE, 'triangle-1-e', null, 'primary'); ?></span>
- <?php echo tep_draw_button(IMAGE_BUTTON_BACK, 'triangle-1-w', tep_href_link(FILENAME_PRODUCT_INFO, 'products_id=' . (int)$HTTP_GET_VARS['products_id'])); ?>
+ <?php echo tep_draw_hidden_field('action', 'process') . tep_draw_button(IMAGE_BUTTON_BACK, 'triangle-1-w', tep_href_link(FILENAME_PRODUCT_INFO, 'products_id=' . (int)$HTTP_GET_VARS['products_id'])); ?>
</div>
</div>
Please sign in to comment.
Something went wrong with that request. Please try again.