Permalink
Browse files

MDL-21767 fixed input validation

  • Loading branch information...
1 parent 9597ac8 commit e20b7eed4931918e891b3deb1a64249911a67d13 @skodak skodak committed Mar 7, 2010
Showing with 60 additions and 19 deletions.
  1. +37 −0 lib/form/select.php
  2. +23 −19 lib/form/selectgroups.php
View
@@ -128,5 +128,42 @@ function getElementTemplateType(){
return 'default';
}
}
+
+ /**
+ * We check the options and return only the values that _could_ have been
+ * selected. We also return a scalar value if select is not "multiple"
+ */
+ function exportValue(&$submitValues, $assoc = false)
+ {
+ if (empty($this->_options)) {
+ return $this->_prepareValue(null, $assoc);
+ }
+
+ $value = $this->_findValue($submitValues);
+ if (is_null($value)) {
+ $value = $this->getValue();
+ }
+ $value = (array)$value;
+
+ $cleaned = array();
+ foreach ($value as $v) {
+ foreach ($this->_options as $option) {
+ if ((string)$option['attr']['value'] === (string)$v) {
+ $cleaned[] = (string)$option['attr']['value'];
+ break;
+ }
+ }
+ }
+
+ if (empty($cleaned)) {
+ return $this->_prepareValue(null, $assoc);
+ }
+ if ($this->getMultiple()) {
+ return $this->_prepareValue($cleaned, $assoc);
+ } else {
+ return $this->_prepareValue($cleaned[0], $assoc);
+ }
+ }
}
+
?>
@@ -489,34 +489,38 @@ function getFrozenHtml()
*/
function exportValue(&$submitValues, $assoc = false)
{
+ if (empty($this->_optGroups)) {
+ return $this->_prepareValue(null, $assoc);
+ }
+
$value = $this->_findValue($submitValues);
if (is_null($value)) {
$value = $this->getValue();
- } elseif(!is_array($value)) {
- $value = array($value);
}
- if (is_array($value) && !empty($this->_optGroups)) {
- $cleanValue = null;
- foreach ($value as $v) {
- foreach ($this->_optGroups as $optGroup){
- if (empty($optGroup['options'])) {
- continue;
- }
- for ($i = 0, $optCount = count($optGroup['options']); $i < $optCount; $i++) {
- if ($v == $optGroup['options'][$i]['attr']['value']) {
- $cleanValue[] = $v;
- break;
- }
+ $value = (array)$value;
+
+ $cleaned = array();
+ foreach ($value as $v) {
+ foreach ($this->_optGroups as $optGroup){
+ if (empty($optGroup['options'])) {
+ continue;
+ }
+ foreach ($optGroup['options'] as $option) {
+ if ((string)$option['attr']['value'] === (string)$v) {
+ $cleaned[] = (string)$option['attr']['value'];
+ break;
}
}
}
- } else {
- $cleanValue = $value;
}
- if (is_array($cleanValue) && !$this->getMultiple()) {
- return $this->_prepareValue($cleanValue[0], $assoc);
+
+ if (empty($cleaned)) {
+ return $this->_prepareValue(null, $assoc);
+ }
+ if ($this->getMultiple()) {
+ return $this->_prepareValue($cleaned, $assoc);
} else {
- return $this->_prepareValue($cleanValue, $assoc);
+ return $this->_prepareValue($cleaned[0], $assoc);
}
}

0 comments on commit e20b7ee

Please sign in to comment.