Thijs/wiki.techinc.nl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
wiki.techinc.nl/includes/htmlform/fields
History
Bartosz Dziewoński 58087fb737 HTMLMultiSelectField: Reject nested arrays early 
Users can pass multidimensional arrays in query parameters to PHP
(e.g. ?foo[a][b]=bar). While filterDataForSubmit() ensured that anyone
using HTMLMultiSelectField in their form did not see them, internal
code here did not handle them correctly when validating the values and
generating the inputs, resulting in warnings deep in other code.

Use is_scalar instead of is_string in case default values somewhere
are integers or other non-string types.

Bug: T274955
Change-Id: I072a722ed025d687bfe755261a9896457f68f2ef
2021-02-19 00:24:38 +01:00
..
HTMLApiField.php HTML Classes stability annotations 2020-07-13 14:54:28 +02:00
HTMLAutoCompleteSelectField.php Fix broken PHPDoc comments that don't start with /** 2020-07-23 16:09:41 +00:00
HTMLButtonField.php Fix broken PHPDoc comments that don't start with /** 2020-07-23 16:09:41 +00:00
HTMLCheckField.php HTML Classes stability annotations 2020-07-13 14:54:28 +02:00
HTMLCheckMatrix.php Fix broken PHPDoc comments that don't start with /** 2020-07-23 16:09:41 +00:00
HTMLComboboxField.php HTML Classes stability annotations 2020-07-13 14:54:28 +02:00
HTMLDateTimeField.php Use ?? instead of isset/array_key_exists where possible 2021-02-10 20:32:25 +01:00
HTMLEditTools.php HTML Classes stability annotations 2020-07-13 14:54:28 +02:00
HTMLExpiryField.php HTML Classes stability annotations 2020-07-13 14:54:28 +02:00
HTMLFileField.php HTMLFileField: Make 'accept' parameter optional 2021-01-22 16:24:53 +00:00
HTMLFloatField.php HTML Classes stability annotations 2020-07-13 14:54:28 +02:00
HTMLFormFieldCloner.php Pass along the disabled parameter to HTMLFormFieldCloner 2021-02-01 03:44:46 -08:00
HTMLFormFieldWithButton.php Fix broken PHPDoc comments that don't start with /** 2020-07-23 16:09:41 +00:00
HTMLHiddenField.php Fix broken PHPDoc comments that don't start with /** 2020-07-23 16:09:41 +00:00
HTMLInfoField.php HTML Classes stability annotations 2020-07-13 14:54:28 +02:00
HTMLIntField.php HTML Classes stability annotations 2020-07-13 14:54:28 +02:00
HTMLMultiSelectField.php HTMLMultiSelectField: Reject nested arrays early 2021-02-19 00:24:38 +01:00
HTMLNamespacesMultiselectField.php Use static closures where safe to use 2021-02-11 00:13:52 +00:00
HTMLRadioField.php build: Enable phan-taint-check-plugin and suppress issues 2020-12-30 19:02:22 +01:00
HTMLRestrictionsField.php Fix broken PHPDoc comments that don't start with /** 2020-07-23 16:09:41 +00:00
HTMLSelectAndOtherField.php Fix broken PHPDoc comments that don't start with /** 2020-07-23 16:09:41 +00:00
HTMLSelectField.php HTML Classes stability annotations 2020-07-13 14:54:28 +02:00
HTMLSelectLanguageField.php Fix broken PHPDoc comments that don't start with /** 2020-07-23 16:09:41 +00:00
HTMLSelectLimitField.php HTML Classes stability annotations 2020-07-13 14:54:28 +02:00
HTMLSelectNamespace.php Fix broken PHPDoc comments that don't start with /** 2020-07-23 16:09:41 +00:00
HTMLSelectNamespaceWithButton.php Fix broken PHPDoc comments that don't start with /** 2020-07-23 16:09:41 +00:00
HTMLSelectOrOtherField.php Fix broken PHPDoc comments that don't start with /** 2020-07-23 16:09:41 +00:00
HTMLSizeFilterField.php HTML Classes stability annotations 2020-07-13 14:54:28 +02:00
HTMLSubmitField.php HTML Classes stability annotations 2020-07-13 14:54:28 +02:00
HTMLTagFilter.php HTML Classes stability annotations 2020-07-13 14:54:28 +02:00
HTMLTextAreaField.php CSS 'class' names can be an array in Html::…element 2020-09-08 19:11:19 +00:00
HTMLTextField.php Create HtmlFileField 2021-01-21 22:55:00 +00:00
HTMLTextFieldWithButton.php Fix broken PHPDoc comments that don't start with /** 2020-07-23 16:09:41 +00:00
HTMLTitlesMultiselectField.php Use static closures where safe to use 2021-02-11 00:13:52 +00:00
HTMLTitleTextField.php Fix broken PHPDoc comments that don't start with /** 2020-07-23 16:09:41 +00:00
HTMLUsersMultiselectField.php Normalize and de-dupe usernames in HTMLUsersMultiselectField 2021-02-16 14:37:23 -08:00
HTMLUserTextField.php Fix broken PHPDoc comments that don't start with /** 2020-07-23 16:09:41 +00:00