svn commit: r767102 - /ofbiz/trunk/applications/product/webapp/catalog/category/EditCategoryParties.ftl

Author: jleroux
Date: Tue Apr 21 10:17:43 2009
New Revision: 767102

URL: http://svn.apache.org/viewvc?rev=767102&view=rev
Log:
Fix an URL not secured, reported by Ashish on dev ML

Modified:
    ofbiz/trunk/applications/product/webapp/catalog/category/EditCategoryParties.ftl

Modified: ofbiz/trunk/applications/product/webapp/catalog/category/EditCategoryParties.ftl
URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/product/webapp/catalog/category/EditCategoryParties.ftl?rev=767102&r1=767101&r2=767102&view=diff
==============================================================================
--- ofbiz/trunk/applications/product/webapp/catalog/category/EditCategoryParties.ftl (original)
+++ ofbiz/trunk/applications/product/webapp/catalog/category/EditCategoryParties.ftl Tue Apr 21 10:17:43 2009
@@ -43,7 +43,7 @@
             <#if (productCategoryRole.getTimestamp("fromDate"))?exists && Static["org.ofbiz.base.util.UtilDateTime"].nowTimestamp().before(productCategoryRole.getTimestamp("fromDate"))> <#assign hasntStarted = true></#if>
             <td <#if hasntStarted> style="color: red;"</#if>>${(productCategoryRole.fromDate)?if_exists}</td>
             <td align="center">
-                <FORM method="post" action="<@ofbizUrl>updatePartyToCategory</@ofbizUrl>" name="lineForm${line}">
+                <FORM method="post" action="<@ofbizUrl>updatePartyToCategory</@ofbizUrl>" name="lineForm_update${line}">
                     <#assign hasExpired = false>
                     <#if (productCategoryRole.getTimestamp("thruDate"))?exists && (Static["org.ofbiz.base.util.UtilDateTime"].nowTimestamp().after(productCategoryRole.getTimestamp("thruDate")))> <#assign hasExpired = true></#if>
                     <input type="hidden" name="productCategoryId" value="${(productCategoryRole.productCategoryId)?if_exists}">
@@ -56,7 +56,14 @@
                 </FORM>
             </td>
             <td align="center">
-                <a href="<@ofbizUrl>removePartyFromCategory?productCategoryId=${(productCategoryRole.productCategoryId)?if_exists}&partyId=${(productCategoryRole.partyId)?if_exists}&roleTypeId=${(productCategoryRole.roleTypeId)?if_exists}&fromDate=${productCategoryRole.getString("fromDate")}</@ofbizUrl>" class="buttontext">${uiLabelMap.CommonDelete}</a>
+                <FORM method="post" action="<@ofbizUrl>removePartyFromCategory</@ofbizUrl>" name="lineForm_delete${line}">
+                    <#assign hasExpired = false>
+                    <input type="hidden" name="productCategoryId" value="${(productCategoryRole.productCategoryId)?if_exists}">
+                    <input type="hidden" name="partyId" value="${(productCategoryRole.partyId)?if_exists}">
+                    <input type="hidden" name="roleTypeId" value="${(productCategoryRole.roleTypeId)?if_exists}">
+                    <input type="hidden" name="fromDate" value="${(productCategoryRole.getTimestamp("fromDate"))?if_exists}">
+                    <INPUT type="submit" value="${uiLabelMap.CommonDelete}" style="font-size: x-small;">
+                </FORM>
             </td>
             </tr>
             <#-- toggle the row color -->
@@ -94,4 +101,4 @@
             </table>
         </div>
     </div>
-</#if>
\ No newline at end of file
+</#if>