From 520865f8ed5cc07a621978369eeb8ce5d835a4fa Mon Sep 17 00:00:00 2001
From: Richard Mansfield <richard.mansfield@catalyst.net.nz>
Date: Fri, 29 Apr 2011 14:29:33 +1200
Subject: [PATCH] Add sesskey property to pieform hidden element and use it in default form config (bug #771598)

Change-Id: I674f7d900adf952b4c85c221fa679f68ebb3b9cb
Signed-off-by: Richard Mansfield <richard.mansfield@catalyst.net.nz>
---
 htdocs/lib/mahara.php                           |    5 +++--
 htdocs/lib/pieforms/pieform/elements/hidden.php |    9 ++++++++-
 2 files changed, 11 insertions(+), 3 deletions(-)

diff --git a/htdocs/lib/mahara.php b/htdocs/lib/mahara.php
index 07ec586..de59cf5 100644
--- a/htdocs/lib/mahara.php
+++ b/htdocs/lib/mahara.php
@@ -1480,8 +1480,9 @@ function pieform_configure() {
         'helpcallback' => 'pieform_get_help',
         'elements'   => array(
             'sesskey' => array(
-                'type'  => 'hidden',
-                'value' => $USER->get('sesskey')
+                'type'    => 'hidden',
+                'sesskey' => true,
+                'value'   => $USER->get('sesskey')
             )
         )
     );
diff --git a/htdocs/lib/pieforms/pieform/elements/hidden.php b/htdocs/lib/pieforms/pieform/elements/hidden.php
index 4ac6001..703cb7e 100644
--- a/htdocs/lib/pieforms/pieform/elements/hidden.php
+++ b/htdocs/lib/pieforms/pieform/elements/hidden.php
@@ -35,6 +35,9 @@ function pieform_element_hidden(Pieform $form, $element) {/*{{{*/
     if (!array_key_exists('value', $element)) {
         throw new PieformException('The hidden element "' . $element['name'] . '" must have a value set');
     }
+    if (!empty($element['sesskey']) && $form->get_property('method') != 'post') {
+        throw new PieformException('Sesskey values should be POSTed');
+    }
     $value = $form->get_value($element);
     if (is_array($value)) {
         $result = '';
@@ -59,9 +62,13 @@ function pieform_element_hidden(Pieform $form, $element) {/*{{{*/
 
 /**
  * Returns the value for a hidden element. Hidden elements only listen to the
- * 'value' index, and not to GET/POST
+ * 'value' index, and not to GET/POST, unless the 'sesskey' property is set
+ * on the element.
  */
 function pieform_element_hidden_get_value(Pieform $form, $element) {/*{{{*/
+    if (!empty($element['sesskey']) && $form->is_submitted()) {
+        return isset($_POST[$element['name']]) ? $_POST[$element['name']] : null;
+    }
     return $element['value'];
 }/*}}}*/
 
-- 
1.7.1