Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Revert removal of "unecessary" assignments to `$_POST['id']`" (issue #…

…762)

Turns out it was needed by the 'unique[]' validation rule,
which I now understand (regardless of whether I approve of it).

TODO: I still think the one in the roles controller is going
to cause breakage on certain databases, where inserting 0 into
an AUTO_INCREMENT/equivalent will simply insert a 0 value.

Completely reverts 5f9fff8.
Reverts non-core part of 0306fe54afc705059407c58014c82d6aa034c54.
  • Loading branch information...
commit 69f76a41f8918a616507856e98bc950e005a8637 1 parent 707e2ea
@sourcejedi sourcejedi authored
View
4 bonfire/modules/builder/views/files/controller.php
@@ -277,6 +277,10 @@ public function edit()
*/
private function save_{$module_name_lower}(\$type='insert', \$id=0)
{
+ if (\$type == 'update') {
+ \$_POST['{$primary_key_field}'] = \$id;
+ }
+
{validation_rules}
if (\$this->form_validation->run() === FALSE)
View
2  bonfire/modules/roles/controllers/settings.php
@@ -297,6 +297,8 @@ private function save_role($type='insert', $id=0)
$this->form_validation->set_rules('default', 'lang:role_default_role', 'trim|is_numeric|max_length[1]');
$this->form_validation->set_rules('can_delete', 'lang:role_can_delete_role', 'trim|is_numeric|max_length[1]');
+ $_POST['role_id'] = $id;
+
if ($this->form_validation->run() === FALSE)
{
return FALSE;
View
1  bonfire/modules/users/controllers/settings.php
@@ -497,6 +497,7 @@ private function save_user($type='insert', $id=0, $meta_fields=array(), $cur_rol
}
else
{
+ $_POST['id'] = $id;
$this->form_validation->set_rules('email', lang('bf_email'), 'required|trim|unique[users.email,users.id]|valid_email|max_length[120]');
$this->form_validation->set_rules('password', lang('bf_password'), 'min_length[8]|max_length[120]|valid_password|matches[pass_confirm]');
$this->form_validation->set_rules('pass_confirm', lang('bf_password_confirm'), '');
View
4 bonfire/modules/users/controllers/users.php
@@ -649,8 +649,10 @@ private function save_user($id=0, $meta_fields=array())
$id = $this->current_user->id; /* ( $this->input->post('id') > 0 ) ? $this->input->post('id') : */
}
+ $_POST['id'] = $id;
+
// Simple check to make the posted id is equal to the current user's id, minor security check
- if ( $id != $this->current_user->id )
+ if ( $_POST['id'] != $this->current_user->id )
{
$this->form_validation->set_message('email', 'lang:us_invalid_userid');
return FALSE;
Please sign in to comment.
Something went wrong with that request. Please try again.