X-Git-Url: https://vcs.fsf.org/?a=blobdiff_plain;f=CRM%2FCore%2FForm.php;h=d42f6246f7dce4c3938593103aba0b0af231db43;hb=fd96067165316831b50e48972059930ad1785444;hp=91728c21bec8a1d0959ae46f6a96f461e72241bb;hpb=76213b992d7e2af309c2d7bc1972ba5c7e4c6416;p=civicrm-core.git

diff --git a/CRM/Core/Form.php b/CRM/Core/Form.php
index 91728c21be..d42f6246f7 100644
--- a/CRM/Core/Form.php
+++ b/CRM/Core/Form.php
@@ -358,9 +358,12 @@ class CRM_Core_Form extends HTML_QuickForm_Page {
     ) {
       $this->addElement('hidden', 'qfKey', $this->controller->_key);
       $this->assign('qfKey', $this->controller->_key);
+
     }
 
-    if ($this->controller->_entryURL) {
+    // _generateQFKey suppresses the qfKey generation on form snippets that
+    // are part of other forms, hence we use that to avoid adding entryURL
+    if ($this->controller->_generateQFKey && $this->controller->_entryURL) {
       $this->addElement('hidden', 'entryURL', $this->controller->_entryURL);
     }
 
@@ -1350,8 +1353,14 @@ class CRM_Core_Form extends HTML_QuickForm_Page {
       // event form stores as an indexed array, contribution form not so much...
       $tempID = $this->_params[0]['select_contact_id'];
     }
+
     // force to ignore the authenticated user
-    if ($tempID === '0') {
+    if ($tempID === '0' || $tempID === 0) {
+      // we set the cid on the form so that this will be retained for the Confirm page
+      // in the multi-page form & prevent us returning the $userID when this is called
+      // from that page
+      // we don't really need to set it when $tempID is set because the params have that stored
+      $this->set('cid', 0);
       return $tempID;
     }