OFBiz › OFBiz - Commits

svn commit: r1749706 - in /ofbiz/branches/release15.12: ./ applications/party/webapp/partymgr/party/addressMatchMap.ftl

_‹ Previous Topic Next Topic _›

Classic

List

Threaded

1 message

pranayp

svn commit: r1749706 - in /ofbiz/branches/release15.12: ./ applications/party/webapp/partymgr/party/addressMatchMap.ftl

Author: pranayp
Date: Wed Jun 22 14:04:57 2016
New Revision: 1749706

URL: http://svn.apache.org/viewvc?rev=1749706&view=rev
Log:
Applied fix from trunk for revision: 1749704
===

[OFBIZ-7523] Fixed security error in deleting AddressMatchMap for party. Thanks Chandan Khandelwal for reporting the issue and providing the patch.

Modified:
ofbiz/branches/release15.12/ (props changed)
ofbiz/branches/release15.12/applications/party/webapp/partymgr/party/addressMatchMap.ftl

Propchange: ofbiz/branches/release15.12/
------------------------------------------------------------------------------
--- svn:mergeinfo (original)
+++ svn:mergeinfo Wed Jun 22 14:04:57 2016
@@ -9,4 +9,4 @@
/ofbiz/branches/json-integration-refactoring:1634077-1635900
/ofbiz/branches/multitenant20100310:921280-927264
/ofbiz/branches/release13.07:1547657
-/ofbiz/trunk:1722712,1723007,1723248,1724402,1724411,1724566,1724689,1724763,1724916,1724918,1724925,1724930,1724940,1724943,1724946,1724951,1724957,1724975,1724978,1725006,1725217,1725257,1725561,1725574,1726388,1726486,1726493,1726828,1727894,1728398,1728411,1729005,1729078,1729609,1729809,1730035,1730456,1730735-1730736,1730747,1730758,1730882,1730889,1731382,1731396,1732454,1732570,1732721,1733951,1733956,1734246,1734269,1734276,1734912,1734918,1735021,1735244,1735385,1735398,1735569,1735731,1735734,1735750,1735753,1735756,1735759,1735773,1736083,1736087,1736272,1736434,1736628,1736851,1736854,1736890,1737156,1737440,1738235,1738303,1738407,1738902,1739438,1739448,1739571,1740008,1740442,1740629,1741146,1741563,1741684,1741925,1741930,1741960,1742018,1742097,1742103,1742712,1742737,1742741,1743025,1743027,1743230,1743411-1743412,1743656,1743937,1744117,1744198,1744396,1744662,1744768,1744773,1744873,1744911,1745111,1745264,1745428,1745438,1745573,1745577,1745592,1745751,1746228,
1746422,1746459,1746524,1746527,1746536,1746601,1746676,1746714,1746755,1746805,1746832,1746890,1747223,1747349,1747498,1747639,1747642,1747646,1747650,1747661,1747956,1747959,1747963,1748121,1748133,1748206,1748218,1748223,1748260,1748357,1748394,1748401,1748543,1748559,1748628,1748689,1748693,1748703,1748837,1748854,1748907,1748925,1748929,1748944,1748972,1749026,1749083,1749092,1749111,1749220,1749282,1749519,1749525,1749543,1749546,1749552
+/ofbiz/trunk:1722712,1723007,1723248,1724402,1724411,1724566,1724689,1724763,1724916,1724918,1724925,1724930,1724940,1724943,1724946,1724951,1724957,1724975,1724978,1725006,1725217,1725257,1725561,1725574,1726388,1726486,1726493,1726828,1727894,1728398,1728411,1729005,1729078,1729609,1729809,1730035,1730456,1730735-1730736,1730747,1730758,1730882,1730889,1731382,1731396,1732454,1732570,1732721,1733951,1733956,1734246,1734269,1734276,1734912,1734918,1735021,1735244,1735385,1735398,1735569,1735731,1735734,1735750,1735753,1735756,1735759,1735773,1736083,1736087,1736272,1736434,1736628,1736851,1736854,1736890,1737156,1737440,1738235,1738303,1738407,1738902,1739438,1739448,1739571,1740008,1740442,1740629,1741146,1741563,1741684,1741925,1741930,1741960,1742018,1742097,1742103,1742712,1742737,1742741,1743025,1743027,1743230,1743411-1743412,1743656,1743937,1744117,1744198,1744396,1744662,1744768,1744773,1744873,1744911,1745111,1745264,1745428,1745438,1745573,1745577,1745592,1745751,1746228,
1746422,1746459,1746524,1746527,1746536,1746601,1746676,1746714,1746755,1746805,1746832,1746890,1747223,1747349,1747498,1747639,1747642,1747646,1747650,1747661,1747956,1747959,1747963,1748121,1748133,1748206,1748218,1748223,1748260,1748357,1748394,1748401,1748543,1748559,1748628,1748689,1748693,1748703,1748837,1748854,1748907,1748925,1748929,1748944,1748972,1749026,1749083,1749092,1749111,1749220,1749282,1749519,1749525,1749543,1749546,1749552,1749704

Modified: ofbiz/branches/release15.12/applications/party/webapp/partymgr/party/addressMatchMap.ftl
URL: http://svn.apache.org/viewvc/ofbiz/branches/release15.12/applications/party/webapp/partymgr/party/addressMatchMap.ftl?rev=1749706&r1=1749705&r2=1749706&view=diff
==============================================================================
--- ofbiz/branches/release15.12/applications/party/webapp/partymgr/party/addressMatchMap.ftl (original)
+++ ofbiz/branches/release15.12/applications/party/webapp/partymgr/party/addressMatchMap.ftl Wed Jun 22 14:04:57 2016
@@ -85,7 +85,13 @@ under the License.
<td>=></td>
<td>${map.mapValue}</td>
<td>${map.sequenceNum!}</td>
- <td class="button-col"><a href="<@ofbizUrl>removeAddressMatchMap?mapKey=${map.mapKey}&mapValue=${map.mapValue}</@ofbizUrl>">${uiLabelMap.CommonDelete}</a></td>
+ <td class="button-col">
+ <form name="removeAddressMatchMap_${map_index}" method="post" action="<@ofbizUrl>removeAddressMatchMap</@ofbizUrl>">
+ <input type="hidden" name="mapKey" value="${map.mapKey}" />
+ <input type="hidden" name="mapValue" value="${map.mapValue}" />
+ <input type="submit" value="${uiLabelMap.CommonDelete}" />
+ </form>
+ </td>
</tr>
<#-- toggle the row color -->