Ticket #211 (closed task-todo: fixed-erledigt)
formelement setAttributes um attribute whitelist ergänzen
| Reported by: | vain | Owned by: | |
|---|---|---|---|
| Priority: | minor-leicht | Milestone: | Clansuite 0.3 alpha |
| Component: | Core | Version: | 0.2 |
| Keywords: | Cc: | ||
| Estimated Number of Hours: | 0.0 | Add Hours to Ticket: | 0 |
| Billable?: | no | Total Hours: | 0 |
| Internal?: | no |
Description
- attributes are directly set
- one might even set a wrong one by accident, like $attribute = 'maxxxlength'
- protect the developer a little bit more here.
two approaches:
- 1 check if attribute is allowed, lookup in whitelist
- 2 protect formelement attr and use setters
formelement.core.php method setAttributes() line 422ff.
Change History
Note: See
TracTickets for help on using
tickets.
implemented changeset:5948