You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ofbiz.apache.org by jl...@apache.org on 2009/04/05 16:46:47 UTC
svn commit: r762097 - in /ofbiz/trunk/applications:
accounting/webapp/accounting/payment/ accounting/widget/
content/webapp/content/layout/ content/widget/compdoc/
manufacturing/webapp/manufacturing/jobshopmgt/
party/webapp/partymgr/communication/
Author: jleroux
Date: Sun Apr 5 14:46:47 2009
New Revision: 762097
URL: http://svn.apache.org/viewvc?rev=762097&view=rev
Log:
Securing URLs : last non regular formattings
Modified:
ofbiz/trunk/applications/accounting/webapp/accounting/payment/PaymentForms.xml
ofbiz/trunk/applications/accounting/widget/GlobalGlAccountsForms.xml
ofbiz/trunk/applications/content/webapp/content/layout/LayoutForms.xml
ofbiz/trunk/applications/content/widget/compdoc/CompDocScreens.xml
ofbiz/trunk/applications/manufacturing/webapp/manufacturing/jobshopmgt/ProductionRunForms.xml
ofbiz/trunk/applications/party/webapp/partymgr/communication/CommForms.xml
Modified: ofbiz/trunk/applications/accounting/webapp/accounting/payment/PaymentForms.xml
URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/accounting/webapp/accounting/payment/PaymentForms.xml?rev=762097&r1=762096&r2=762097&view=diff
==============================================================================
--- ofbiz/trunk/applications/accounting/webapp/accounting/payment/PaymentForms.xml (original)
+++ ofbiz/trunk/applications/accounting/webapp/accounting/payment/PaymentForms.xml Sun Apr 5 14:46:47 2009
@@ -268,8 +268,10 @@
<field name="amountApplied"><text size="15"/></field>
<field name="updateButton" widget-style="buttontext"><submit button-type="text-link"/></field>
<field name="removeButton" title="${uiLabelMap.CommonEmptyHeader}" widget-style="buttontext">
- <hyperlink description="${uiLabelMap.CommonRemove}"
- target="removePaymentApplication?paymentApplicationId=${paymentApplicationId}&paymentId=${paymentId}"/>
+ <hyperlink description="${uiLabelMap.CommonRemove}" target="removePaymentApplication">
+ <parameter param-name="paymentApplicationId" from-field="paymentApplicationId"/>
+ <parameter param-name="paymentId" from-field="paymentId"/>
+ </hyperlink>
</field>
</form>
<form name="editPaymentApplicationsPay" default-entity-name="PaymentApplication" list-name="paymentApplicationsPay" target="updatePaymentApplication" type="list" separate-columns="false"
@@ -280,8 +282,10 @@
<field name="amountApplied"><text size="15"/></field>
<field name="updateButton" title="${uiLabelMap.CommonUpdate}" widget-style="buttontext"><submit button-type="text-link"/></field>
<field name="removeButton" title="${uiLabelMap.CommonRemove}" widget-style="buttontext">
- <hyperlink description="${uiLabelMap.CommonRemove}"
- target="removePaymentApplication?paymentApplicationId=${paymentApplicationId}&paymentId=${paymentId}"/>
+ <hyperlink description="${uiLabelMap.CommonRemove}" target="removePaymentApplication">
+ <parameter param-name="paymentApplicationId" from-field="paymentApplicationId"/>
+ <parameter param-name="paymentId" from-field="paymentId"/>
+ </hyperlink>
</field>
</form>
<form name="editPaymentApplicationsBil" default-entity-name="PaymentApplication" list-name="paymentApplicationsBil" target="updatePaymentApplication" type="list" separate-columns="false"
@@ -293,8 +297,10 @@
<field name="amountApplied"><text size="15"/></field>
<field name="updateButton" title="${uiLabelMap.CommonUpdate}" widget-style="buttontext"><submit button-type="text-link"/></field>
<field name="removeButton" title="${uiLabelMap.CommonRemove}" widget-style="buttontext">
- <hyperlink description="${uiLabelMap.CommonRemove}"
- target="removePaymentApplication?paymentApplicationId=${paymentApplicationId}&paymentId=${paymentId}"/>
+ <hyperlink description="${uiLabelMap.CommonRemove}" target="removePaymentApplication">
+ <parameter param-name="paymentApplicationId" from-field="paymentApplicationId"/>
+ <parameter param-name="paymentId" from-field="paymentId"/>
+ </hyperlink>
</field>
</form>
<form name="editPaymentApplicationsTax" default-entity-name="PaymentApplication" list-name="paymentApplicationsTax" target="updatePaymentApplication" type="list" separate-columns="false"
@@ -312,8 +318,10 @@
<field name="amountApplied"><text size="15"/></field>
<field name="updateButton" title="${uiLabelMap.CommonUpdate}" widget-style="buttontext"><submit button-type="text-link"/></field>
<field name="removeButton" title="${uiLabelMap.CommonRemove}" widget-style="buttontext">
- <hyperlink description="${uiLabelMap.CommonRemove}"
- target="removePaymentApplication?paymentApplicationId=${paymentApplicationId}&paymentId=${paymentId}"/>
+ <hyperlink description="${uiLabelMap.CommonRemove}" target="removePaymentApplication">
+ <parameter param-name="paymentApplicationId" from-field="paymentApplicationId"/>
+ <parameter param-name="paymentId" from-field="paymentId"/>
+ </hyperlink>
</field>
</form>
@@ -558,4 +566,4 @@
<field name="paidAmount"><display/></field>
<field name="outstandingAmount"><display/></field>
</form>
-</forms>
\ No newline at end of file
+</forms>
Modified: ofbiz/trunk/applications/accounting/widget/GlobalGlAccountsForms.xml
URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/accounting/widget/GlobalGlAccountsForms.xml?rev=762097&r1=762096&r2=762097&view=diff
==============================================================================
--- ofbiz/trunk/applications/accounting/widget/GlobalGlAccountsForms.xml (original)
+++ ofbiz/trunk/applications/accounting/widget/GlobalGlAccountsForms.xml Sun Apr 5 14:46:47 2009
@@ -207,8 +207,9 @@
odd-row-style="alternate-row" default-table-style="basic-table hover-bar">
<field name="glReconciliationId"><display/></field>
<field name="acctgTransId">
- <hyperlink also-hidden="false" description="${acctgTransId}"
- target="ListAcctgTransEntries?acctgTransId=${acctgTransId}"/>
+ <hyperlink also-hidden="false" description="${acctgTransId}" target="ListAcctgTransEntries">
+ <parameter param-name="acctgTransId" from-field="acctgTransId"/>
+ </hyperlink>
</field>
<field name="acctgTransEntrySeqId"><display/></field>
<field name="reconciledAmount"><display/></field>
Modified: ofbiz/trunk/applications/content/webapp/content/layout/LayoutForms.xml
URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/content/webapp/content/layout/LayoutForms.xml?rev=762097&r1=762096&r2=762097&view=diff
==============================================================================
--- ofbiz/trunk/applications/content/webapp/content/layout/LayoutForms.xml (original)
+++ ofbiz/trunk/applications/content/webapp/content/layout/LayoutForms.xml Sun Apr 5 14:46:47 2009
@@ -18,7 +18,7 @@
under the License.
-->
-<forms xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+<forms xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:noNamespaceSchemaLocation="http://ofbiz.apache.org/dtds/widget-form.xsd">
<!-- LayoutFind forms -->
<form name="findLayout" default-entity-name="Content" target="FindLayout" title="" type="single"
@@ -94,13 +94,13 @@
<submit button-type="button"/>
</field>
<field name="createLink" title="${uiLabelMap.CommonEmptyHeader}" widget-style="buttontext" position="1">
- <hyperlink also-hidden="false" description="${uiLabelMap.CommonCreateNew}"
- target="EditLayoutTemplate?mode=add&contentIdTo=TEMPLATE_MASTER"/>
+ <hyperlink also-hidden="false" description="${uiLabelMap.CommonCreateNew}" target="EditLayoutTemplate?mode=add&contentIdTo=TEMPLATE_MASTER"/>
</field>
-->
<field name="cloneLayout" title="${uiLabelMap.CommonEmptyHeader}" widget-style="buttontext" position="2" >
- <hyperlink also-hidden="false" description="${uiLabelMap.ContentCloneLayout}"
- target="cloneLayout?contentId=${currentValue.contentId}"/>
+ <hyperlink also-hidden="false" description="${uiLabelMap.ContentCloneLayout}" target="cloneLayout">
+ <parameter param-name="contentId" from-field="currentValue.contentId"/>
+ </hyperlink>
</field>
</form>
<form name="AddLayout" default-entity-name="SubContentDataResourceView" default-map-name="currentValue" extends="LayoutSubContentMaster" target="createLayoutSubContent" title="" type="single"
@@ -139,7 +139,7 @@
<field name="drObjectInfo" title="${uiLabelMap.ContentFilePath}">
<text />
</field>
- <field name="textData" title="${uiLabelMap.ContentText}" id-name="textData">
+ <field name="textData" title="${uiLabelMap.ContentText}" id-name="textData">
<textarea rows="24" cols="80" />
</field>
<field name="submitButton" title="${uiLabelMap.CommonCreate}" widget-style="smallSubmit">
@@ -249,7 +249,7 @@
<field name="drMimeTypeId" >
<display description="text/plain"/>
</field>
- <field name="textData" title="${uiLabelMap.ContentText}" id-name="textData">
+ <field name="textData" title="${uiLabelMap.ContentText}" id-name="textData">
<textarea rows="24" cols="80" />
</field>
<field name="createdByUserLogin" position="1">
@@ -278,7 +278,7 @@
<field name="drMimeTypeId" >
<display description="text/plain"/>
</field>
- <field name="textData" title="${uiLabelMap.ContentText}" >
+ <field name="textData" title="${uiLabelMap.ContentText}" >
<textarea rows="24" cols="80" />
</field>
<field name="createdByUserLogin" position="1">
@@ -443,7 +443,7 @@
<field name="drObjectInfo" title="${uiLabelMap.ContentFilePath}">
<text />
</field>
- <field name="textData" id-name="textData" title="${uiLabelMap.FormFieldTitle_textDataTitle}">
+ <field name="textData" id-name="textData" title="${uiLabelMap.FormFieldTitle_textDataTitle}">
<textarea rows="24" cols="80" default-value="${context.textData}"/>
</field>
<field name="createdByUserLogin" position="1">
@@ -465,15 +465,15 @@
<!--
<field name="paste" title="${uiLabelMap.CommonEmptyHeader}" widget-style="buttontext"
use-when="!"${contentIdTo}".equals("TEMPLATE_MASTER")" >
- <hyperlink target-type="plain"
+ <hyperlink target-type="plain"
target="javascript:call_fieldlookup2(document.AddLayoutSubContent.drDataResourceId, 'ClipBoardContent')"
description="${uiLabelMap.ContentPaste}"/>
</field>
<field name="paste" title="${uiLabelMap.CommonEmptyHeader}" widget-style="buttontext"
use-when=""${contentIdTo}".equals("TEMPLATE_MASTER")" >
- <hyperlink target-type="plain"
+ <hyperlink target-type="plain"
target="javascript:call_fieldlookup2(document.AddLayoutSubContent.drDataResourceId, 'LookupListLayout')"
description="${uiLabelMap.ContentPaste}"/>
</field>
-->
-</forms>
\ No newline at end of file
+</forms>
Modified: ofbiz/trunk/applications/content/widget/compdoc/CompDocScreens.xml
URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/content/widget/compdoc/CompDocScreens.xml?rev=762097&r1=762096&r2=762097&view=diff
==============================================================================
--- ofbiz/trunk/applications/content/widget/compdoc/CompDocScreens.xml (original)
+++ ofbiz/trunk/applications/content/widget/compdoc/CompDocScreens.xml Sun Apr 5 14:46:47 2009
@@ -544,9 +544,9 @@
<parameter param-name="contentRevisionSeqId" from-field="rootContentRevisionSeqId"/>
</link>
<link target="ViewInstances">
- <parameter param-name="rootContentId" from-field="rootContentId"/>
- <parameter param-name="contentRevisionSeqId" from-field="rootContentRevisionSeqId"/>
- </link>
+ <parameter param-name="rootContentId" from-field="rootContentId"/>
+ <parameter param-name="contentRevisionSeqId" from-field="rootContentRevisionSeqId"/>
+ </link>
</container>
<include-form name="EditRootCompDocTemplate" location="component://content/widget/compdoc/CompDocForms.xml"/>
</widgets>
@@ -1277,9 +1277,11 @@
<if-compare-field field="mostRecentRevisionSeqId" operator="equals" to-field="rootContentRevisionSeqId"/>
</condition>
<widgets>
- <link text="${uiLabelMap.PageTitleAddCompDocInstance}"
- target="AddChildCompDocInstance?rootContentId=${rootContentId}&instanceOfContentId=${contentId}&caSequenceNum=${maxRevisionSeqId}"
- style="buttontext"/>
+ <link text="${uiLabelMap.PageTitleAddCompDocInstance}" target="AddChildCompDocInstance" style="buttontext">
+ <parameter param-name="rootContentId" from-field="rootContentId"/>
+ <parameter param-name="instanceOfContentId" from-field="contentId"/>
+ <parameter param-name="caSequenceNum" from-field="maxRevisionSeqId"/>
+ </link>
</widgets>
</section>
</container>
@@ -1296,12 +1298,18 @@
<widgets>
<container>
<label text="- ${instanceContent.contentName} [${instanceContent.contentId}] - ${instanceDataResource.objectInfo} ${instanceDataResource.relatedDetailId}" style="tableheadtext"/>
- <link text="${uiLabelMap.PageTitleEditCompDocInstance}"
- target="EditChildCompDoc?contentId=${assocRevisionItemView.contentId}&rootContentId=${assocRevisionItemView.contentIdTo}&caContentAssocTypeId=${assocRevisionItemView.contentAssocTypeId}&caFromDate=${assocRevisionItemView.fromDate}&contentRevisionSeqId=${assocRevisionItemView.maxRevisionSeqId}&rootContentRevisionSeqId=${rootContentRevisionSeqId}"
- style="buttontext"/>
- <link text="${uiLabelMap.ContentCompDocGeneratePDF}"
- target="GenContentPdf?contentId=${assocRevisionItemView.contentId}&caSequenceNum=${sequenceNum}"
- style="buttontext"/>
+ <link text="${uiLabelMap.PageTitleEditCompDocInstance}" target="EditChildCompDoc" style="buttontext">
+ <parameter param-name="contentId" from-field="assocRevisionItemView.contentId"/>
+ <parameter param-name="rootContentId" from-field="assocRevisionItemView.contentIdTo"/>
+ <parameter param-name="caContentAssocTypeId" from-field="assocRevisionItemView.contentAssocTypeId"/>
+ <parameter param-name="caFromDate" from-field="assocRevisionItemView.fromDate"/>
+ <parameter param-name="contentRevisionSeqId" from-field="assocRevisionItemView.maxRevisionSeqId"/>
+ <parameter param-name="rootContentRevisionSeqId" from-field="rootContentRevisionSeqId"/>
+ </link>
+ <link text="${uiLabelMap.ContentCompDocGeneratePDF}" target="GenContentPdf" style="buttontext">
+ <parameter param-name="contentId" from-field="assocRevisionItemView.contentId"/>
+ <parameter param-name="caSequenceNum" from-field="sequenceNum"/>
+ </link>
</container>
</widgets>
</section>
Modified: ofbiz/trunk/applications/manufacturing/webapp/manufacturing/jobshopmgt/ProductionRunForms.xml
URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/manufacturing/webapp/manufacturing/jobshopmgt/ProductionRunForms.xml?rev=762097&r1=762096&r2=762097&view=diff
==============================================================================
--- ofbiz/trunk/applications/manufacturing/webapp/manufacturing/jobshopmgt/ProductionRunForms.xml (original)
+++ ofbiz/trunk/applications/manufacturing/webapp/manufacturing/jobshopmgt/ProductionRunForms.xml Sun Apr 5 14:46:47 2009
@@ -548,8 +548,12 @@
<field name="submitButton" title="${uiLabelMap.CommonUpdate}" widget-style="smallSubmit"><submit button-type="button"/></field>
<field name="deleteLink" title="${uiLabelMap.CommonEmptyHeader}" widget-style="smallSubmit"
use-when="!"${declarationScreen}".equals("Y")">
- <hyperlink description="${uiLabelMap.CommonDelete}" also-hidden="false"
- target="removeWorkEffortFixedAssetAssign?workEffortId=${workEffortId}&fixedAssetId=${fixedAssetId}&fromDate=${fromDate}&productionRunId=${productionRunId}" />
+ <hyperlink description="${uiLabelMap.CommonDelete}" also-hidden="false" target="removeWorkEffortFixedAssetAssign">
+ <parameter param-name="workEffortId" from-field="workEffortId"/>
+ <parameter param-name="fixedAssetId" from-field="fixedAssetId"/>
+ <parameter param-name="fromDate" from-field="fromDate"/>
+ <parameter param-name="productionRunId" from-field="productionRunId}"/>
+ </hyperlink>
</field>
</form>
<form name="ListProductionRunTaskFixedAssets" type="list" title="" list-name="productionRunFixedAssetsData"
Modified: ofbiz/trunk/applications/party/webapp/partymgr/communication/CommForms.xml
URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/party/webapp/partymgr/communication/CommForms.xml?rev=762097&r1=762096&r2=762097&view=diff
==============================================================================
--- ofbiz/trunk/applications/party/webapp/partymgr/communication/CommForms.xml (original)
+++ ofbiz/trunk/applications/party/webapp/partymgr/communication/CommForms.xml Sun Apr 5 14:46:47 2009
@@ -705,10 +705,11 @@
<field name="communicationEventId">
<hidden />
</field>
- <field name="subject" widget-style="buttontext"
- widget-area-style="fieldWidth300">
- <hyperlink description="${subject}"
- target="ViewCommunicationEvent?communicationEventId=${communicationEventId}&my=My" />
+ <field name="subject" widget-style="buttontext" widget-area-style="fieldWidth300">
+ <hyperlink description="${subject}" target="ViewCommunicationEvent">
+ <parameter param-name="communicationEventId" from-field="communicationEventId"/>
+ <parameter param-name="my" value="My"/>
+ </hyperlink>
</field>
<field name="entryDate">
<display description="${date:dateTimeStr(entryDate, timeZone, locale)}" />