There is a bug with the Gravity Forms GFAPI::submit_form
method when the $_POST
variable contains any existing values that match what you pass to GFAPI::submit_form
.
Because GFAPI::submit_form internally uses array_merge_recursive
, any existing values in the $_POST
variable will be added to any values that exist in the second parameter that you pass to GFAPI::submit_form
.
This bug appears in the latest version of Gravity Forms 2.4.20.5 and in the latest 2.5 beta.
UPDATE ON 07/14/2023: This is a known bug in Gravity Forms and the plugin developers (i.e. Rocket Genius) are aware of it. Since other developers have made custom workaround to get around this issue, patching this bug would break that custom code, so Rocket Genius has not patched it. This code is probably present in the latest version of the plugin and will probably be present in all future versions.
Example:
<?php
$_POST = array( 'input_1' => 'yes' );
$submit_form_values = array( 'input_1' => 'no' );
$result = GFAPI::submit_form( 1, $submit_form_values );
// bug because Gravity Forms GFAPI::submit_form internally uses array_merge_recursive
// to merge $_POST with $submit_form_values
print_r($_POST);
// $_POST is now array( 'input_1' => array( 'yes', 'no' ) ) and now the form validation fails
// because input_1 key contains an invalid value
This bug is especially present if you attempt to pass the source page variable to GFAPI::submit_form
. The form will only
validate page 1 of the multisitep form instead of the page that you pass to it because the the $_POST
contains an array for the key gform_source_page_number_insert_page_numbee_here
.
<?php
$_POST = array( 'input_2' => 'yes' );
$submit_form_values = array( 'input_2' => 'no' );
$result = GFAPI::submit_form( 1, $submit_form_values, array(), 3, 2 );
// bug because Gravity Forms GFAPI::submit_form internally uses array_merge_recursive
// to merge $_POST with $submit_form_values
print_r($_POST);
// $_POST is now array( 'input_2' => array( 'yes', 'no' ) ) and now the form validation fails
// because input_2 key contains an invalid value and the form is not validating page 2 of the multistep form and is instead trying to validate page 1 of the multisitep form.
The bug is present on line 1662 in the api.php file of Gravity Forms 2.4.20.5 and line 1665 in the api.php file of Gravity Forms 2.5 beta.
In order to prevent this bug from occuring, users need to empty the $_POST
variable before using GFAPI::submit_form
, (e.g. $_POST = array(); GFAPI::submit_form( 1, array( 'input_1' )
).
In order to fix this bug, the array_merge_recursive
call in submit_form
method can be changed to:
<?php
$post_values = array();
// make sure the $_POST array doesn't cause keys that only contain 1 value to now contain an array of values
if ( ! empty( $_POST ) ) {
foreach ( $_POST as $key => $value ) {
// only do array_merge_recursive if the user passes an array to GFAPI::submit_form
if ( isset( $input_values[$key] ) && is_array( $input_values[$key] ) ) {
$post_values[$key] = array_merge_recursive( $_POST[$key], $input_values[$key] );
unset( $input_values[$key] );
unset( $_POST[$key] );
}
}
}
$_POST = array_merge( $_POST, $input_values, $post_values );
Thanks I was stuck on this $_POST bug