tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-10-22 12:05:37 +00:00
Code Issues Projects Releases Wiki Activity

API CHANGE Enforcing usage of a Validator instance in Forms if its not explicitly passed to the Form constructor. By default a new RequiredField instance is used without any fields marked as required. This was necessary because some FormField implementations rely on their validate() method, sometimes as a wrongly placed processing hook, but mostly for security reasons. One example are file extension checks in FileField subclasses.

Browse Source 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.3@69688 467b73ca-7a2a-4603-9d3b-597d59a354a9
This commit is contained in:
Ingo Schommer 2009-01-05 04:01:31 +00:00 committed by Sam Minnee
parent ad60ef40f8
commit adfc2131dd
1 changed files with 14 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
forms/Form.php
View File

@ -17,6 +17,13 @@
* Usually you want to save data into a {@link DataObject} by using {@link saveInto()}.
* If you want to process the submitted data in any way, please use {@link getData()} rather than
* the raw request data.
*
* Validation
* Each form needs some form of {@link Validator} to trigger the {@link FormField->validate()} methods for each field.
* You can't disable validator for security reasons, because crucial behaviour like extension checks for file uploads depend on it.
* The default validator is an instance of {@link RequiredFields}.
* If you want to enforce serverside-validation to be ignored for a specific {@link FormField},
* you need to subclass it.
*
* @package forms
* @subpackage core
@ -91,10 +98,11 @@ class Form extends RequestHandler {
/**
* Create a new form, with the given fields an action buttons.
*
* @param controller The parent controller, necessary to create the appropriate form action tag.
* @param name The method on the controller that will return this form object.
* @param fields All of the fields in the form - a {@link FieldSet} of {@link FormField} objects.
* @param actions All of the action buttons in the form - a {@link FieldSet} of {@link FormAction} objects
* @param Controller $controller The parent controller, necessary to create the appropriate form action tag.
* @param String $name The method on the controller that will return this form object.
* @param FieldSet $fields All of the fields in the form - a {@link FieldSet} of {@link FormField} objects.
* @param FieldSet $actions All of the action buttons in the form - a {@link FieldSet} of {@link FormAction} objects
* @param Validator $validator Override the default validator instance (Default: {@link RequiredFields})
*/
function __construct($controller, $name, FieldSet $fields, FieldSet $actions, $validator = null) {
parent::__construct();
@ -110,10 +118,8 @@ class Form extends RequestHandler {
if(!$this->controller) user_error("$this->class form created without a controller", E_USER_ERROR);
// Form validation
if($validator) {
$this->validator = $validator;
$this->validator->setForm($this);
}
$this->validator = ($validator) ? $validator : new RequiredFields();
$this->validator->setForm($this);
// Form error controls
$errorInfo = Session::get("FormInfo.{$this->FormName()}");