From 9dfd61d632df328bac43f48e67d6bf6893c3427f Mon Sep 17 00:00:00 2001 From: Happy-melon Date: Wed, 15 Dec 2010 21:37:50 +0000 Subject: [PATCH] Follow-up r78445: don't spam a useless edit token into the URL for GET requests. --- includes/HTMLForm.php | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) diff --git a/includes/HTMLForm.php b/includes/HTMLForm.php index 30e62ad27c..0952ebf6af 100644 --- a/includes/HTMLForm.php +++ b/includes/HTMLForm.php @@ -42,10 +42,10 @@ * 'validation-callback' -- a function name to give you the chance * to impose extra validation on the field input. * @see HTMLForm::validate() - * 'name' -- By default, the 'name' attribute of the input field - * is "wp{$fieldname}". If you want a different name - * (eg one without the "wp" prefix), specify it here and - * it will be used without modification. + * 'name' -- By default, the 'name' attribute of the input field + * is "wp{$fieldname}". If you want a different name + * (eg one without the "wp" prefix), specify it here and + * it will be used without modification. * * TODO: Document 'section' / 'subsection' stuff */ @@ -211,7 +211,7 @@ class HTMLForm { $editToken = $wgRequest->getVal( 'wpEditToken' ); $result = false; - if ( $wgUser->matchEditToken( $editToken ) ) { + if ( $this->getMethod() != 'post' || $wgUser->matchEditToken( $editToken ) ) { $result = $this->trySubmit(); } return $result; @@ -397,8 +397,11 @@ class HTMLForm { global $wgUser; $html = ''; - $html .= Html::hidden( 'wpEditToken', $wgUser->editToken(), array( 'id' => 'wpEditToken' ) ) . "\n"; - $html .= Html::hidden( 'title', $this->getTitle()->getPrefixedText() ) . "\n"; + + if( $this->getMethod() == 'post' ){ + $html .= Html::hidden( 'wpEditToken', $wgUser->editToken(), array( 'id' => 'wpEditToken' ) ) . "\n"; + $html .= Html::hidden( 'title', $this->getTitle()->getPrefixedText() ) . "\n"; + } foreach ( $this->mHiddenFields as $data ) { list( $value, $attribs ) = $data; -- 2.20.1