From bae03237260fa4d8adb147a3731b1cb84639b070 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pawe=C5=82=20Nowacki?= Date: Sun, 10 Feb 2019 15:35:01 +0100 Subject: [PATCH 1/3] form - enctype unescaped ```enctype="multipart/form-data"``` looks ugly :) --- system/Helpers/form_helper.php | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/system/Helpers/form_helper.php b/system/Helpers/form_helper.php index 4f21effbc568..01bc5d41f14f 100644 --- a/system/Helpers/form_helper.php +++ b/system/Helpers/form_helper.php @@ -70,7 +70,13 @@ function form_open(string $action = '', $attributes = [], array $hidden = []): s $csrfId = $attributes['csrf_id']; unset($attributes['csrf_id']); } - + + if(is_array($attributes) && array_key_exists('enctype', $attributes)) + { + $enctype = trim($attributes['enctype']); + unset($attributes['enctype']); + } + $attributes = stringify_attributes($attributes); if (stripos($attributes, 'method=') === false) @@ -83,7 +89,7 @@ function form_open(string $action = '', $attributes = [], array $hidden = []): s $attributes .= ' accept-charset="' . strtolower($config->charset) . '"'; } - $form = '
\n"; + $form = '\n"; // Add CSRF field if enabled, but leave it out for GET requests and requests to external websites $before = Services::filters()->getFilters()['before']; From 1d6a3d84ae64d2fa4b9aea50219e83b9383d7495 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pawe=C5=82=20Nowacki?= Date: Sun, 10 Feb 2019 15:37:03 +0100 Subject: [PATCH 2/3] Update FormHelperTest.php --- tests/system/Helpers/FormHelperTest.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/system/Helpers/FormHelperTest.php b/tests/system/Helpers/FormHelperTest.php index 4c97b0706233..8c6e246be175 100644 --- a/tests/system/Helpers/FormHelperTest.php +++ b/tests/system/Helpers/FormHelperTest.php @@ -225,7 +225,7 @@ public function testFormOpenMultipart() $Value = csrf_hash(); $Name = csrf_token(); $expected = << + EOH; @@ -233,7 +233,7 @@ public function testFormOpenMultipart() else { $expected = << + EOH; } From beae5b2ef1f783c6ec8757d0fc11e3a05719f644 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pawe=C5=82=20Nowacki?= Date: Sun, 10 Feb 2019 16:15:17 +0100 Subject: [PATCH 3/3] Update form_helper.php --- system/Helpers/form_helper.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/system/Helpers/form_helper.php b/system/Helpers/form_helper.php index 01bc5d41f14f..66eec099917e 100644 --- a/system/Helpers/form_helper.php +++ b/system/Helpers/form_helper.php @@ -89,7 +89,7 @@ function form_open(string $action = '', $attributes = [], array $hidden = []): s $attributes .= ' accept-charset="' . strtolower($config->charset) . '"'; } - $form = '\n"; + $form = '\n"; // Add CSRF field if enabled, but leave it out for GET requests and requests to external websites $before = Services::filters()->getFilters()['before'];