Do not append the session id on form method 'get' as it conflicts with other form...

diff --git a/inc/expression-functions.php b/inc/expression-functions.php
index e70d284bd82fe6f1fdf3fb8c622822378d24bde1..4b64265df5685ef192806c50f6effb95b0d162d0 100644 (file)
--- a/inc/expression-functions.php
+++ b/inc/expression-functions.php
@@ -444,7 +444,7 @@ function doExpressionForm ($data) {
                if ($value == 'formmethodpost') {
                        // Use it
                        $data['__form_method'] = 'post';
-               } elseif (($value == 'formmethodget') && (!isSpider()) && (!isSessionValid())) {
+               } elseif (($value == 'formmethodpost') && (!isSpider()) && (!isSessionValid())) {
                        // Then expand 'value' with session id
                        if (strpos($data['value'], '?') !== FALSE) {
                                // '?' is set

diff --git a/inc/filters.php b/inc/filters.php
index 4852a2c12d1e68e3caeed594f767019a07c352cf..e1c892448ff434da7490c20eb5261e7268070af9 100644 (file)
--- a/inc/filters.php
+++ b/inc/filters.php
@@ -1343,7 +1343,7 @@ function FILTER_REDIRECT_WRONG_SERVER_NAME ($filterData) {
 // Filter for adding hidden session id
 function FILTER_ADD_INPUT_HIDDEN_SESSION_ID ($filterData) {
        // Is a spider detected?
-       if ((!isSpider()) && (!isSessionValid())) {
+       if ((!isSpider()) && (!isSessionValid()) && ($filterData['__form_method'] == 'get')) {
                // No, then add the hidden field
                $filterData['__replacer'] .= '<input type="hidden" name="' . session_name() . '" value="' . session_id() . '" />';
        } // END - if