tonyair/silverstripe-multiform
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-multiform synced 2024-10-22 11:05:49 +02:00
Code Issues Projects Releases Wiki Activity

Added TODO for security

Browse Source
This commit is contained in:
Sean Harvey 2008-04-18 23:49:01 +00:00
parent a48c1433ea
commit 101771a096
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
code/MultiForm.php
View File

@ -66,6 +66,9 @@ abstract class MultiForm extends Form {
* *
* @TODO init() may not be an appropriate name, considering there's already an init() automatically called * @TODO init() may not be an appropriate name, considering there's already an init() automatically called
* for controller classes. Perhaps we rename this? * for controller classes. Perhaps we rename this?
*
* @TODO Security. Currently you're able to just change the ID of MultiFormSessionID in the URL. We need some
* sort of identification so you can't just change to another session by changing the ID.
*/ */
public function init() { public function init() {
$startStepClass = $this->stat('start_step'); $startStepClass = $this->stat('start_step');