From 72cb6388ab89df2dd917a2747e68c1200dd60dba Mon Sep 17 00:00:00 2001
From: Jared Hancock <jared@osticket.com>
Date: Tue, 26 Nov 2013 08:51:04 -0600
Subject: [PATCH] Fix api user data validation failure

---
 include/class.dynamic_forms.php | 6 +++---
 include/class.forms.php         | 9 ++++++---
 include/class.ticket.php        | 6 +++++-
 3 files changed, 14 insertions(+), 7 deletions(-)

diff --git a/include/class.dynamic_forms.php b/include/class.dynamic_forms.php
index 0e529729c..f49d819ba 100644
--- a/include/class.dynamic_forms.php
+++ b/include/class.dynamic_forms.php
@@ -76,10 +76,10 @@ class DynamicForm extends VerySimpleModel {
     function getTitle() { return $this->get('title'); }
     function getInstructions() { return $this->get('instructions'); }
 
-    function getForm() {
-        if (!$this->_form) {
+    function getForm($source=false) {
+        if (!$this->_form || $source) {
             $fields = $this->getFields();
-            $this->_form = new Form($fields, false, array(
+            $this->_form = new Form($fields, $source, array(
                 'title'=>$this->title, 'instructions'=>$this->instructions));
         }
         return $this->_form;
diff --git a/include/class.forms.php b/include/class.forms.php
index b5e53d9ee..e94adcfdb 100644
--- a/include/class.forms.php
+++ b/include/class.forms.php
@@ -824,9 +824,12 @@ class Widget {
 
     function getValue() {
         $data = $this->field->getSource();
-        if (!isset($data[$this->name]))
-            return null;
-        return $data[$this->name];
+        // Search for HTML form name first
+        if (isset($data[$this->name]))
+            return $data[$this->name];
+        elseif (isset($data[$this->field->get('name')]))
+            return $data[$this->field->get('name')];
+        return null;
     }
 }
 
diff --git a/include/class.ticket.php b/include/class.ticket.php
index ea04eac12..0c1fe0b3c 100644
--- a/include/class.ticket.php
+++ b/include/class.ticket.php
@@ -1904,7 +1904,11 @@ class Ticket {
         };
         // Identify the user creating the ticket and unpack user information
         // fields into local scope for filtering and banning purposes
-        $user_form = UserForm::getUserForm();
+        if (strtolower($origin) == 'api')
+            $user_form = UserForm::getUserForm()->getForm($vars);
+        else
+            $user_form = UserForm::getUserForm()->getForm($_POST);
+
         $user_info = $user_form->getClean();
         if ($user_form->isValid($field_filter))
             $vars += $user_info;
-- 
GitLab