| Index: trunk/extensions/DonationInterface/gateway_forms/RapidHtml.php |
| — | — | @@ -250,11 +250,11 @@ |
| 251 | 251 | } |
| 252 | 252 | |
| 253 | 253 | /** |
| 254 | | - * Validate and set the path to the HTML file |
| | 254 | + * Set the path to the HTML file for a requested rapid html form. |
| 255 | 255 | * |
| 256 | | - * @param string $file_name |
| | 256 | + * @param string $form_key The array key defining the whitelisted form path to fetch from $wg<gateway>AllowedHtmlForms |
| 257 | 257 | */ |
| 258 | | - public function set_html_file_path( $file_name ) { |
| | 258 | + public function set_html_file_path( $form_key ) { |
| 259 | 259 | //This ONE TIME, this is okay, because we actually want to compare to the default HTML form dir as well. |
| 260 | 260 | global $wgDonationInterfaceHtmlFormDir; |
| 261 | 261 | |
| — | — | @@ -262,14 +262,12 @@ |
| 263 | 263 | $gatewayFormDir = $g::getGlobal( 'HtmlFormDir' ); |
| 264 | 264 | $allowedForms = $g::getGlobal( 'AllowedHtmlForms' ); |
| 265 | 265 | |
| 266 | | - if ( !array_key_exists( $file_name, $allowedForms ) || |
| 267 | | - ((strpos( $allowedForms[$file_name], $gatewayFormDir ) === false) && (strpos( $allowedForms[$file_name], $wgDonationInterfaceHtmlFormDir ) === false)) || |
| 268 | | - (!file_exists( $allowedForms[$file_name] )) ) { |
| 269 | | - |
| | 266 | + // Make sure that the requested form is whitelisted |
| | 267 | + if ( !array_key_exists( $form_key, $allowedForms ) || ( !file_exists( $allowedForms[$form_key] )) ) { |
| 270 | 268 | throw new MWException( 'Requested an unavailable or non-existent form.' ); |
| 271 | 269 | } |
| 272 | 270 | |
| 273 | | - $this->html_file_path = $allowedForms[$file_name]; |
| | 271 | + $this->html_file_path = $allowedForms[ $form_key ]; |
| 274 | 272 | } |
| 275 | 273 | |
| 276 | 274 | /** |