svn commit: r823518 - /ofbiz/trunk/specialpurpose/projectmgr/webapp/projectmgr/survey/ListSurveys.ftl

Fri, 09 Oct 2009 04:58:38 -0700 

Author: mor
Date: Fri Oct  9 11:58:09 2009
New Revision: 823518

URL: http://svn.apache.org/viewvc?rev=823518&view=rev
Log:
Secured URLs in FTL. Applied patch from Rohit Jain, part of OFBIZ-2430 
(https://issues.apache.org/jira/browse/OFBIZ-2430)

Modified:
    
ofbiz/trunk/specialpurpose/projectmgr/webapp/projectmgr/survey/ListSurveys.ftl

Modified: 
ofbiz/trunk/specialpurpose/projectmgr/webapp/projectmgr/survey/ListSurveys.ftl
URL: 
http://svn.apache.org/viewvc/ofbiz/trunk/specialpurpose/projectmgr/webapp/projectmgr/survey/ListSurveys.ftl?rev=823518&r1=823517&r2=823518&view=diff
==============================================================================
--- 
ofbiz/trunk/specialpurpose/projectmgr/webapp/projectmgr/survey/ListSurveys.ftl 
(original)
+++ 
ofbiz/trunk/specialpurpose/projectmgr/webapp/projectmgr/survey/ListSurveys.ftl 
Fri Oct  9 11:58:09 2009
@@ -39,8 +39,8 @@
             <#list productStoreSurveyAppls as productStoreSurveyAppl>
               <#if productStoreSurveyAppl?has_content>
                 <#assign survey = 
productStoreSurveyAppl.getRelatedOne("Survey")>
-                <form method="post" 
action="<@ofbizUrl>updateWorkEffortSurveyAppl</@ofbizUrl>" 
name="editWorkEffortSurveyAppl_${workEffortSurveyAppl_index}">
                 <tr>
+                  <form method="post" 
action="<@ofbizUrl>updateWorkEffortSurveyAppl</@ofbizUrl>" 
name="editWorkEffortSurveyAppl_${workEffortSurveyAppl_index}">
                   <td><a 
href="/content/control/EditSurvey?surveyId=${workEffortSurveyAppl.surveyId?if_exists}"
 class="buttontext">${workEffortSurveyAppl.surveyId?if_exists} - 
${survey.surveyName?if_exists}</a></td>
                   <td>${workEffortSurveyAppl.fromDate?if_exists}</td>
                   <td>
@@ -53,10 +53,17 @@
                     <input type="hidden" name="workEffortId" 
value="${workEffortSurveyAppl.workEffortId?if_exists}"/>
                     <input type="hidden" name="fromDate" 
value="${workEffortSurveyAppl.fromDate?if_exists}"/>
                     <td><input type="submit" name="submitBtn" 
value='${uiLabelMap.CommonUpdate}'> </td>
-                    <td><a 
href="<@ofbizUrl>deleteWorkEffortSurveyAppl?surveyId=&workEffortId=${workEffortSurveyAppl.workEffortId?if_exists}&fromDate=${workEffortSurveyAppl.fromDate?if_exists}</@ofbizUrl>"
 class="buttontext">${uiLabelMap.CommonDelete}</a></td>
+                  </form>
+                    <td>
+                      <form 
id="deleteWorkEffortSurveyAppl_${workEffortSurveyAppl_index}" method="post" 
action="<@ofbizUrl>deleteWorkEffortSurveyAppl</@ofbizUrl>">
+                        <input type="hidden" name="surveyId" 
value="${workEffortSurveyAppl.surveyId?if_exists}" />
+                        <input type="hidden" name="workEffortId" 
value="${workEffortSurveyAppl.workEffortId?if_exists}" />
+                        <input type="hidden" name="fromDate" 
value="${workEffortSurveyAppl.fromDate?if_exists}" />
+                        <a 
href="javascript:$('deleteWorkEffortSurveyAppl_${workEffortSurveyAppl_index}').submit()"
 class="buttontext">${uiLabelMap.CommonDelete}</a>
+                      </form>
+                    </td>
                   </#if>
                 </tr>
-                </form>                
               </#if>
             </#list>
           </#if>

Reply via email to