From: Roland Häder <roland@mxchange.org>
Date: Sat, 10 Nov 2012 14:00:14 +0000 (+0000)
Subject: Do not append the session id on form method 'get' as it conflicts with other form... 
X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=commitdiff_plain;h=4ffb69e5746a3a6ba65260745cbbe478e5462f9e

Do not append the session id on form method 'get' as it conflicts with other form fields
---

diff --git a/inc/expression-functions.php b/inc/expression-functions.php
index e70d284bd8..4b64265df5 100644
--- a/inc/expression-functions.php
+++ b/inc/expression-functions.php
@@ -444,7 +444,7 @@ function doExpressionForm ($data) {
 		if ($value == 'formmethodpost') {
 			// Use it
 			$data['__form_method'] = 'post';
-		} elseif (($value == 'formmethodget') && (!isSpider()) && (!isSessionValid())) {
+		} elseif (($value == 'formmethodpost') && (!isSpider()) && (!isSessionValid())) {
 			// Then expand 'value' with session id
 			if (strpos($data['value'], '?') !== FALSE) {
 				// '?' is set
diff --git a/inc/filters.php b/inc/filters.php
index 4852a2c12d..e1c892448f 100644
--- a/inc/filters.php
+++ b/inc/filters.php
@@ -1343,7 +1343,7 @@ function FILTER_REDIRECT_WRONG_SERVER_NAME ($filterData) {
 // Filter for adding hidden session id
 function FILTER_ADD_INPUT_HIDDEN_SESSION_ID ($filterData) {
 	// Is a spider detected?
-	if ((!isSpider()) && (!isSessionValid())) {
+	if ((!isSpider()) && (!isSessionValid()) && ($filterData['__form_method'] == 'get')) {
 		// No, then add the hidden field
 		$filterData['__replacer'] .= '<input type="hidden" name="' . session_name() . '" value="' . session_id() . '" />';
 	} // END - if