You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ofbiz.apache.org by jl...@apache.org on 2012/05/20 12:15:24 UTC
svn commit: r1340658 - in /ofbiz/branches/release12.04: ./
applications/content/webapp/content/survey/EditSurveyQuestions.ftl
Author: jleroux
Date: Sun May 20 10:15:23 2012
New Revision: 1340658
URL: http://svn.apache.org/viewvc?rev=1340658&view=rev
Log:
"Applied fix from trunk for revision: 1340657 "
------------------------------------------------------------------------
r1340657 | jleroux | 2012-05-20 12:13:22 +0200 (dim., 20 mai 2012) | 7 lines
A patch from Harsha Chadhar for "Remove Survey Question Option not working." https://issues.apache.org/jira/browse/OFBIZ-4878
On trying to delete/remove Survey Question Options for Survey Question Type= Selected Option, the following error is occurred :
Url : https://demo-trunk.ofbiz.apache.org:8443/content/control/removeSurveyQuestionAppl?surveyId=1501&surveyQuestionId=10000&surveyOptionSeqId=00001
Error calling event: org.ofbiz.webapp.event.EventHandlerException: Found URL parameter [surveyId] passed to secure (https) request-map with uri [removeSurveyQuestionAppl] with an event that calls service [deleteSurveyQuestionAppl]; this is not allowed for security reasons! The data should be encrypted by making it part of the request body (a form field) instead of the request URL. Moreover it would be kind if you could create a Jira sub-task of https://issues.apache.org/jira/browse/OFBIZ-2330 (check before if a sub-task for this error does not exist). If you are not sure how to create a Jira issue please have a look before at http://cwiki.apache.org/confluence/x/JIB2 Thank you in advance for your help.
------------------------------------------------------------------------
�
Modified:
ofbiz/branches/release12.04/ (props changed)
ofbiz/branches/release12.04/applications/content/webapp/content/survey/EditSurveyQuestions.ftl
Propchange: ofbiz/branches/release12.04/
------------------------------------------------------------------------------
Merged /ofbiz/trunk:r1340657
Modified: ofbiz/branches/release12.04/applications/content/webapp/content/survey/EditSurveyQuestions.ftl
URL: http://svn.apache.org/viewvc/ofbiz/branches/release12.04/applications/content/webapp/content/survey/EditSurveyQuestions.ftl?rev=1340658&r1=1340657&r2=1340658&view=diff
==============================================================================
--- ofbiz/branches/release12.04/applications/content/webapp/content/survey/EditSurveyQuestions.ftl (original)
+++ ofbiz/branches/release12.04/applications/content/webapp/content/survey/EditSurveyQuestions.ftl Sun May 20 10:15:23 2012
@@ -284,8 +284,15 @@ under the License.
<tr<#if alt_row> class="alternate-row"</#if>>
<td>${option.description?if_exists}</td>
<td>${option.sequenceNum?if_exists}</td>
- <td><a href="<@o...@ofbizUrl>" class="buttontext">${uiLabelMap.CommonEdit}</a>
- <td><a href="<@o...@ofbizUrl>" class="buttontext">${uiLabelMap.CommonRemove}</a>
+ <td><a href="<@o...@ofbizUrl>" class="buttontext">${uiLabelMap.CommonEdit}</a></td>
+ <td>
+ <form id="deleteSurveyQuestionOption_${option_index}" action="<@o...@ofbizUrl>" method="post">
+ <input type="hidden" name="surveyId" value="${requestParameters.surveyId}" />
+ <input type="hidden" name="surveyQuestionId" value="${option.surveyQuestionId}" />
+ <input type="hidden" name="surveyOptionSeqId" value="${option.surveyOptionSeqId}" />
+ <a href="javascript:document.getElementById('deleteSurveyQuestionOption_${option_index}').submit();"" class="buttontext">${uiLabelMap.CommonRemove}</a>
+ </form>
+ </td>
</tr>
<#assign alt_row = !alt_row>
</#list>