From 52e82f53a8adc79cb9ce2a6366ad4fa882be3819 Mon Sep 17 00:00:00 2001
From: manavo <manavo@gmail.com>
Date: Tue, 25 Nov 2014 12:18:05 +0000
Subject: [PATCH] Group setting inputs, so we don't save the CSRF token in
 settings

---
 app/controllers/SetupController.php |  8 ++++----
 app/views/setup.blade.php           | 21 ++++++++++-----------
 2 files changed, 14 insertions(+), 15 deletions(-)

diff --git a/app/controllers/SetupController.php b/app/controllers/SetupController.php
index d2bf4c21..bf0f16d5 100644
--- a/app/controllers/SetupController.php
+++ b/app/controllers/SetupController.php
@@ -10,9 +10,9 @@
 		public function setupCachet() {
 			$postData = Input::get();
 			$v = Validator::make($postData, [
-				'app_name' => 'required',
-				'app_domain' => 'url|required',
-				'show_support' => 'boolean',
+				'settings.app_name' => 'required',
+				'settings.app_domain' => 'url|required',
+				'settings.show_support' => 'boolean',
 				'user.name'=> 'alpha_dash|required',
 				'user.email' => 'email|required',
 				'user.password' => 'required'
@@ -32,7 +32,7 @@
 				Auth::login($user);
 
 				// Create the settings, boi.
-				foreach ($postData as $settingName => $settingValue) {
+				foreach (array_get($postData, 'settings') as $settingName => $settingValue) {
 					$setting = new Setting;
 					$setting->name = $settingName;
 					$setting->value = $settingValue;
diff --git a/app/views/setup.blade.php b/app/views/setup.blade.php
index e1e3b3e4..2d86bbf9 100644
--- a/app/views/setup.blade.php
+++ b/app/views/setup.blade.php
@@ -11,27 +11,27 @@
 			<div class='panel panel-default'>
 				<div class='panel-heading'>Service Details</div>
 				<div class='panel-body'>
-					<form name='SetupForm' class='form-vertical' role='form' method="POST">
+					{{ Form::open(['name' => 'SetupForm', 'class' => 'form-vertical', 'role' => 'form']) }}
 						<h3>Status Page Details</h3>
 						<div class='form-group'>
 							<label class='sr-only'>Site Name</label>
-							<input type='text' name='app_name' class='form-control' placeholder='Site Name' value='{{ Input::old('app_name', '') }}' required />
-							@if($errors->has('app_name'))
-							<span class='text-danger'>{{ $errors->first('app_name') }}</span>
+							<input type='text' name='settings[app_name]' class='form-control' placeholder='Site Name' value='{{ Input::old('settings.app_name', '') }}' required />
+							@if($errors->has('settings.app_name'))
+							<span class='text-danger'>{{ $errors->first('settings.app_name') }}</span>
 							@endif
 						</div>
 						<div class='form-group'>
 							<label class='sr-only'>Site Domain</label>
-							<input type='text' name='app_domain' class='form-control' placeholder='Site Domain' value='{{ Input::old('app_domain', '') }}' required />
-							@if($errors->has('app_domain'))
-							<span class='text-danger'>{{ $errors->first('app_domain') }}</span>
+							<input type='text' name='settings[app_domain]' class='form-control' placeholder='Site Domain' value='{{ Input::old('settings.app_domain', '') }}' required />
+							@if($errors->has('settings.app_domain'))
+							<span class='text-danger'>{{ $errors->first('settings.app_domain') }}</span>
 							@endif
 						</div>
 						<div class='form-group'>
 							<label>
-								<input type='checkbox' name='show_support' value='1' checked />
+								<input type='checkbox' name='settings[show_support]' value='1' checked />
+								Show support for Cachet?
 							</label>
-							Show support for Cachet?
 						</div>
 
 						<h3>Administrator Account</h3>
@@ -61,8 +61,7 @@
 						<div class='form-group'>
 							<button type='submit' class='btn btn-default'>Setup!</button>
 						</div>
-						{{ Form::token() }}
-					</form>
+					{{ Form::close() }}
 				</div>
 			</div>
 		</div>