diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php
index ee5a1afd30..9c92adb0ec 100644
--- a/phpBB/includes/functions.php
+++ b/phpBB/includes/functions.php
@@ -4940,6 +4940,20 @@ function phpbb_quoteattr($data, $entities = null)
return $data;
}
+/**
+* Converts query string (GET) parameters in request into hidden fields.
+*
+* Useful for forwarding GET parameters when submitting forms with GET method.
+*
+* It is possible to omit some of the GET parameters, which is useful if
+* they are specified in the form being submitted.
+*
+* sid is always omitted.
+*
+* @param phpbb_request $request Request object
+* @param array $exclude A list of variable names that should not be forwarded
+* @return string HTML with hidden fields
+*/
function phpbb_build_hidden_fields_for_query_params($request, $exclude = null)
{
$names = $request->variable_names(phpbb_request_interface::GET);
diff --git a/tests/functions/build_hidden_fields_for_query_params_test.php b/tests/functions/build_hidden_fields_for_query_params_test.php
new file mode 100644
index 0000000000..ef2f5744d3
--- /dev/null
+++ b/tests/functions/build_hidden_fields_for_query_params_test.php
@@ -0,0 +1,71 @@
+ 'bar'),
+ array(),
+ array(),
+ "",
+ ),
+ array(
+ array('foo' => 'bar', 'a' => 'b'),
+ array(),
+ array(),
+ "",
+ ),
+ array(
+ array('a' => 'quote"', 'b' => ''),
+ array(),
+ array(),
+ "",
+ ),
+ array(
+ array('a' => "quotes'\""),
+ array(),
+ array(),
+ "",
+ ),
+ array(
+ array('foo' => 'bar', 'a' => 'b'),
+ array('a' => 'c'),
+ array(),
+ "",
+ ),
+ // strict equality check
+ array(
+ array('foo' => 'bar', 'a' => '0'),
+ array('a' => ''),
+ array(),
+ "",
+ ),
+ );
+ }
+
+ /**
+ * @dataProvider build_hidden_fields_for_query_params_test_data
+ */
+ public function test_build_hidden_fields_for_query_params($get, $post, $exclude, $expected)
+ {
+ $request = new phpbb_mock_request($get, $post);
+ $result = phpbb_build_hidden_fields_for_query_params($request, $exclude);
+
+ $this->assertEquals($expected, $result);
+ }
+}