From 59cc14b347760a7ddcce30254a55cf027a076028 Mon Sep 17 00:00:00 2001 From: Loz Calver Date: Tue, 3 Feb 2015 15:17:42 +0000 Subject: [PATCH] NEW: session ID GET var can be renamed --- code/model/MultiForm.php | 16 ++++++++++++---- code/model/MultiFormStep.php | 3 ++- tests/MultiFormTest.php | 14 ++++++++++++++ 3 files changed, 28 insertions(+), 5 deletions(-) diff --git a/code/model/MultiForm.php b/code/model/MultiForm.php index 63a52f8..42bf407 100644 --- a/code/model/MultiForm.php +++ b/code/model/MultiForm.php @@ -48,6 +48,11 @@ abstract class MultiForm extends Form { 'TotalStepCount' => 'Int', 'CompletedPercent' => 'Float' ); + + /** + * @var string + */ + private static $get_var = 'MultiFormSessionID'; /** * These fields are ignored when saving the raw form data into session. @@ -59,7 +64,6 @@ abstract class MultiForm extends Form { public static $ignored_fields = array( 'url', 'executeForm', - 'MultiFormSessionID', 'SecurityID' ); @@ -138,8 +142,10 @@ abstract class MultiForm extends Form { // Give the fields, actions, and validation for the current step back to the parent Form class parent::__construct($controller, $name, $fields, $actions, $validator); + $getVar = $this->config()->get_var; + // Set a hidden field in our form with an encrypted hash to identify this session. - $this->fields->push(new HiddenField('MultiFormSessionID', false, $this->session->Hash)); + $this->fields->push(new HiddenField($getVar, false, $this->session->Hash)); // If there is saved data for the current step, we load it into the form it here //(CAUTION: loadData() MUST unserialize first!) @@ -149,6 +155,8 @@ abstract class MultiForm extends Form { // Disable security token - we tie a form to a session ID instead $this->disableSecurityToken(); + + self::$ignored_fields[] = $getVar; } /** @@ -266,7 +274,7 @@ abstract class MultiForm extends Form { */ public function getCurrentSession() { if(!$this->currentSessionHash) { - $this->currentSessionHash = $this->controller->request->getVar('MultiFormSessionID'); + $this->currentSessionHash = $this->controller->request->getVar($this->config()->get_var); if(!$this->currentSessionHash) { return false; @@ -528,7 +536,7 @@ abstract class MultiForm extends Form { function FormAction() { $action = parent::FormAction(); $action .= (strpos($action, '?')) ? '&' : '?'; - $action .= "MultiFormSessionID={$this->session->Hash}"; + $action .= "{$this->config()->get_var}={$this->session->Hash}"; return $action; } diff --git a/code/model/MultiFormStep.php b/code/model/MultiFormStep.php index 949ddd6..291c65b 100644 --- a/code/model/MultiFormStep.php +++ b/code/model/MultiFormStep.php @@ -126,7 +126,8 @@ class MultiFormStep extends DataObject { * @return string Relative URL to this step */ public function Link() { - return Controller::join_links($this->form->getDisplayLink(), "?MultiFormSessionID={$this->Session()->Hash}"); + $form = $this->form; + return Controller::join_links($form->getDisplayLink(), "?{$form->config()->get_var}={$this->Session()->Hash}"); } /** diff --git a/tests/MultiFormTest.php b/tests/MultiFormTest.php index e31f680..94b9df5 100644 --- a/tests/MultiFormTest.php +++ b/tests/MultiFormTest.php @@ -78,6 +78,20 @@ class MultiFormTest extends FunctionalTest { // A new session is generated, even though we made up the identifier $this->assertInstanceOf('MultiFormSession', $this->form->session); } + + function testCustomGetVar() { + Config::nest(); + Config::inst()->update('MultiForm', 'get_var', 'SuperSessionID'); + + $form = $this->controller->Form(); + $this->assertContains('SuperSessionID', $form::$ignored_fields, "GET var wasn't added to ignored fields"); + $this->assertContains('SuperSessionID', $form->FormAction(), "Form action doesn't contain correct session + ID parameter"); + $this->assertContains('SuperSessionID', $form->getCurrentStep()->Link(), "Form step doesn't contain correct + session ID parameter"); + + Config::unnest(); + } }