OFBiz OFBiz - Dev

Re: svn commit: r787968 - /ofbiz/trunk/applications/product/webapp/facility/shipment/PackOrder.ftl

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
Jacques Le Roux
Reply | Threaded
Open this post in threaded view
|

Re: svn commit: r787968 - /ofbiz/trunk/applications/product/webapp/facility/shipment/PackOrder.ftl

Jacques Le Roux
Administrator
Thanks for taking care of this Vikas!

Jacques

From: <[hidden email]>

> Author: mor
> Date: Wed Jun 24 10:29:57 2009
> New Revision: 787968
>
> URL: http://svn.apache.org/viewvc?rev=787968&view=rev
> Log:
> Securing URLs in FTL. These changes were removed while doing a revert in rev. 781008.
> Note: These changes are already moved in release09.04.
>
> Modified:
>    ofbiz/trunk/applications/product/webapp/facility/shipment/PackOrder.ftl
>
> Modified: ofbiz/trunk/applications/product/webapp/facility/shipment/PackOrder.ftl
> URL:
> http://svn.apache.org/viewvc/ofbiz/trunk/applications/product/webapp/facility/shipment/PackOrder.ftl?rev=787968&r1=787967&r2=787968&view=diff
> ==============================================================================
> --- ofbiz/trunk/applications/product/webapp/facility/shipment/PackOrder.ftl (original)
> +++ ofbiz/trunk/applications/product/webapp/facility/shipment/PackOrder.ftl Wed Jun 24 10:29:57 2009
> @@ -17,6 +17,19 @@
> under the License.
> -->
>
> +<script language="JavaScript" type="text/javascript">
> +    function clearLine(facilityId, orderId, orderItemSeqId, productId, shipGroupSeqId, inventoryItemId, packageSeqId) {
> +        document.clearPackLineForm.facilityId.value = facilityId;
> +        document.clearPackLineForm.orderId.value = orderId;
> +        document.clearPackLineForm.orderItemSeqId.value = orderItemSeqId;
> +        document.clearPackLineForm.productId.value = productId;
> +        document.clearPackLineForm.shipGroupSeqId.value = shipGroupSeqId;
> +        document.clearPackLineForm.inventoryItemId.value = inventoryItemId;
> +        document.clearPackLineForm.packageSeqId.value = packageSeqId;
> +        document.clearPackLineForm.submit();
> +    }
> +</script>
> +
> <#if security.hasEntityPermission("FACILITY", "_VIEW", session)>
>     <#assign showInput = requestParameters.showInput?default("Y")>
>     <#assign hideGrid = requestParameters.hideGrid?default("N")>
> @@ -115,6 +128,15 @@
>               <input type="hidden" name="shipGroupSeqId" value="${shipGroupSeqId?if_exists}"/>
>               <input type="hidden" name="facilityId" value="${facilityId?if_exists}"/>
>             </form>
> +            <form name="clearPackLineForm" method="post" action="<@ofbizUrl>ClearPackLine</@ofbizUrl>">
> +                <input type="hidden" name="facilityId"/>
> +                <input type="hidden" name="orderId"/>
> +                <input type="hidden" name="orderItemSeqId"/>
> +                <input type="hidden" name="productId"/>
> +                <input type="hidden" name="shipGroupSeqId"/>
> +                <input type="hidden" name="inventoryItemId"/>
> +                <input type="hidden" name="packageSeqId"/>
> +            </form>
>         </div>
>     </div>
>
> @@ -429,7 +451,7 @@
>                       <td align="right">${line.getQuantity()}</td>
>                       <td align="right">${line.getWeight()}
> (${packingSession.getPackageWeight(line.getPackageSeq()?int)?if_exists})</td>
>                       <td align="right">${line.getPackageSeq()}</td>
> -                      <td align="right"><a
> href="<@ofbizUrl>ClearPackLine?facilityId=${facilityId}&orderId=${line.getOrderId()}&orderItemSeqId=${line.getOrderItemSeqId()}&shipGroupSeqId=${line.getShipGroupSeqId()}&amp;productId=${line.getProductId()?default("")}&inventoryItemId=${line.getInventoryItemId()}&packageSeqId=${line.getPackageSeq()}</@ofbizUrl>"
> class="buttontext">${uiLabelMap.CommonClear}</a></td>
> +                      <td align="right"><a href="javascript:clearLine('${facilityId}', '${line.getOrderId()}',
> '${line.getOrderItemSeqId()}', '${line.getProductId()?default("")}', '${line.getShipGroupSeqId()}',
> '${line.getInventoryItemId()}', '${line.getPackageSeq()}')" class="buttontext">${uiLabelMap.CommonClear}</a></td>
>                     </tr>
>                   </#list>
>                 </table>
> @@ -473,7 +495,7 @@
>                       <td align="right">${line.getQuantity()}</td>
>                       <td align="right">${line.getWeight()}
> (${packingSession.getPackageWeight(line.getPackageSeq()?int)?if_exists})</td>
>                       <td align="right">${line.getPackageSeq()}</td>
> -                      <td align="right"><a
> href="<@ofbizUrl>ClearPackLine?facilityId=${facilityId}&orderId=${line.getOrderId()}&orderItemSeqId=${line.getOrderItemSeqId()}&shipGroupSeqId=${line.getShipGroupSeqId()}&amp;productId=${line.getProductId()?default("")}&inventoryItemId=${line.getInventoryItemId()}&packageSeqId=${line.getPackageSeq()}</@ofbizUrl>"
> class="buttontext">${uiLabelMap.CommonClear}</a></td>
> +                      <td align="right"><a href="javascript:clearLine('${facilityId}', '${line.getOrderId()}',
> '${line.getOrderItemSeqId()}', '${line.getProductId()?default("")}', '${line.getShipGroupSeqId()}',
> '${line.getInventoryItemId()}', '${line.getPackageSeq()}')" class="buttontext">${uiLabelMap.CommonClear}</a></td>
>                   </tr>
>               </#list>
>             </table>
>
>


Free forum by Nabble Edit this page