spoon · bauffman · Apr 20, 2012 · Mar 12, 2012 · Mar 30, 2012 · Apr 20, 2012
diff --git a/spoon/form/multi_checkbox.php b/spoon/form/multi_checkbox.php
@@ -385,7 +385,7 @@ public function setValues(array $values, $defaultClass = 'inputCheckbox')
 			if(!isset($this->variables[$value['value']]['id']))
 			{
 				if(isset($this->attributes[$value['value']]['id'])) $this->variables[$value['value']]['id'] = $this->attributes[$value['value']]['id'];
-				else $this->variables[$value['value']]['id'] = SpoonFilter::toCamelCase($this->name . '_' . $value['value'], '_', true);
+				else $this->variables[$value['value']]['id'] = SpoonFilter::toCamelCase($this->name . '_' . str_replace(' ', '_', $value['value']), '_', true);
 			}
 
 			// add some custom vars

diff --git a/spoon/form/radiobutton.php b/spoon/form/radiobutton.php
@@ -373,7 +373,7 @@ public function setValues(array $values, $defaultClass = 'inputRadio')
 			if(!isset($this->variables[$value['value']]['id']))
 			{
 				if(isset($this->attributes[$value['value']]['id'])) $this->variables[$value['value']]['id'] = $this->attributes[$value['value']]['id'];
-				else $this->variables[$value['value']]['id'] = SpoonFilter::toCamelCase($this->name . '_' . $value['value'], '_', true);
+				else $this->variables[$value['value']]['id'] = SpoonFilter::toCamelCase($this->name . '_' . str_replace(' ', '_', $value['value']), '_', true);
 			}
 
 			// add some custom vars

diff --git a/spoon/rest/client.php b/spoon/rest/client.php
@@ -124,7 +124,7 @@ public function execute($url, array $parameters = null, $method = 'GET', array $
 		}
 
 		// specific when using POST
-		if($method == 'POST')
+		if($method == 'POST' || $method == 'DELETE')
 		{
 			$options[CURLOPT_POST] = true;
 			$options[CURLOPT_POSTFIELDS] = $parameters;

diff --git a/spoon/session/session.php b/spoon/session/session.php
@@ -34,6 +34,9 @@ class SpoonSession
 	 */
 	public static function delete()
 	{
+		// start session if needed
+		if(!session_id()) self::start();
+
 		// loop all arguments
 		foreach(func_get_args() as $argument)
 		{

diff --git a/spoon/template/compiler.php b/spoon/template/compiler.php
@@ -365,7 +365,7 @@ protected function parseForms($content)
 						<?php echo $this->forms[\'' . $name . '\']->getField(\'form\')->parse();
 						if($this->forms[\'' . $name . '\']->getUseToken())
 						{
-							?><input type="hidden" name="form_token" id="<?php echo $this->forms[\'' . $name . '\']->getField(\'form_token\')->getAttribute(\'id\'); ?>" value="<?php echo $this->forms[\'' . $name . '\']->getField(\'form_token\')->getValue(); ?>" />
+							?><input type="hidden" name="form_token" id="<?php echo $this->forms[\'' . $name . '\']->getField(\'form_token\')->getAttribute(\'id\'); ?>" value="<?php echo htmlspecialchars($this->forms[\'' . $name . '\']->getField(\'form_token\')->getValue()); ?>" />
 						<?php } ?>';
 				}
 
@@ -379,7 +379,7 @@ protected function parseForms($content)
 						<?php echo $this->forms[\'' . $name . '\']->getField(\'form\')->parse();
 						if($this->forms[\'' . $name . '\']->getUseToken())
 						{
-							?><input type="hidden" name="form_token" id="<?php echo $this->forms[\'' . $name . '\']->getField(\'form_token\')->getAttribute(\'id\'); ?>" value="<?php echo $this->forms[\'' . $name . '\']->getField(\'form_token\')->getValue(); ?>" />
+							?><input type="hidden" name="form_token" id="<?php echo $this->forms[\'' . $name . '\']->getField(\'form_token\')->getAttribute(\'id\'); ?>" value="<?php echo htmlentities($this->forms[\'' . $name . '\']->getField(\'form_token\')->getValue()); ?>" />
 						<?php } ?>';
 				}