svn commit: r768286 - /ofbiz/trunk/applications/prod
Locked
 
|
Author: mor
Date: Fri Apr 24 12:47:07 2009 New Revision: 768286 URL: http://svn.apache.org/viewvc?rev=768286&view=rev Log: Securing URLs in FTL. Patch from Arun Patidar, part of OFBIZ-2352 (https://issues.apache.org/jira/browse/OFBIZ-2352) Modified: ofbiz/trunk/applications/product/webapp/facility/facility/PicklistManage.ftl Modified: ofbiz/trunk/applications/product/webapp/facility/facility/PicklistManage.ftl URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/product/webapp/facility/facility/PicklistManage.ftl?rev=768286&r1=768285&r2=768286&view=diff ============================================================================== --- ofbiz/trunk/applications/product/webapp/facility/facility/PicklistManage.ftl (original) +++ ofbiz/trunk/applications/product/webapp/facility/facility/PicklistManage.ftl Fri Apr 24 12:47:07 2009 @@ -92,6 +92,7 @@ <#-- PicklistBin --> <#list picklistInfo.picklistBinInfoList?if_exists as picklistBinInfo> <#assign isBinComplete = Static["org.ofbiz.shipment.picklist.PickListServices"].isBinComplete(delegator, picklistBinInfo.picklistBin.picklistBinId)/> + <#assign count = 0> <#if (!isBinComplete)> <div style="margin-left: 15px;"> <span class="label">${uiLabelMap.ProductBinNum}</span> ${picklistBinInfo.picklistBin.binLocationNumber} (${picklistBinInfo.picklistBin.picklistBinId}) @@ -142,7 +143,18 @@ <td>${inventoryItemAndLocation.areaId?if_exists}-${inventoryItemAndLocation.aisleId?if_exists}-${inventoryItemAndLocation.sectionId?if_exists}-${inventoryItemAndLocation.levelId?if_exists}-${inventoryItemAndLocation.positionId?if_exists}</td> <td>${picklistItem.quantity}</td> <#if !picklistItemInfo.itemIssuanceList?has_content> - <td><a href="<@ofbizUrl>deletePicklistItem?picklistBinId=${picklistItemInfo.picklistItem.picklistBinId}&orderId=${picklistItemInfo.picklistItem.orderId}&orderItemSeqId=${picklistItemInfo.picklistItem.orderItemSeqId}&shipGroupSeqId=${picklistItemInfo.picklistItem.shipGroupSeqId}&inventoryItemId=${picklistItemInfo.picklistItem.inventoryItemId}&facilityId=${facilityId?if_exists}</@ofbizUrl>" class="buttontext">${uiLabelMap.CommonDelete}</a></td> + <td> + <#assign count = count+1> + <form name="deletePicklistItem_${picklist.picklistId}_${picklistItem.orderId}_${count}" method="post" action="<@ofbizUrl>deletePicklistItem</@ofbizUrl>"> + <input type="hidden" name="picklistBinId" value="${picklistItemInfo.picklistItem.picklistBinId}"/> + <input type="hidden" name="orderId" value= "${picklistItemInfo.picklistItem.orderId}"/> + <input type="hidden" name="orderItemSeqId" value="${picklistItemInfo.picklistItem.orderItemSeqId}"/> + <input type="hidden" name="shipGroupSeqId" value="${picklistItemInfo.picklistItem.shipGroupSeqId}"/> + <input type="hidden" name="inventoryItemId" value="${picklistItemInfo.picklistItem.inventoryItemId}"/> + <input type="hidden" name="facilityId" value="${facilityId?if_exists}"/> + <a href='javascript:document.deletePicklistItem_${picklist.picklistId}_${picklistItem.orderId}_${count}.submit()' class='buttontext'> ${uiLabelMap.CommonDelete} </a> + </form> + </td> </#if> <td> <#-- picklistItem.orderItemShipGrpInvRes (do we want to display any of this info?) --> |
|
|
Vikas, There is a handy little trick in FreeMarker that will help with this and make the "count" variable unnecessary. Take a peek at the "_index" suffix described here: http://www.freemarker.org/docs/ref_directive_list.html -David On Apr 24, 2009, at 6:47 AM, [hidden email] wrote: > Author: mor > Date: Fri Apr 24 12:47:07 2009 > New Revision: 768286 > > URL: http://svn.apache.org/viewvc?rev=768286&view=rev > Log: > Securing URLs in FTL. Patch from Arun Patidar, part of OFBIZ-2352 (https://issues.apache.org/jira/browse/OFBIZ-2352 > ) > > Modified: > ofbiz/trunk/applications/product/webapp/facility/facility/ > PicklistManage.ftl > > Modified: ofbiz/trunk/applications/product/webapp/facility/facility/ > PicklistManage.ftl > URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/product/webapp/facility/facility/PicklistManage.ftl?rev=768286&r1=768285&r2=768286&view=diff > = > = > = > = > = > = > = > = > ====================================================================== > --- ofbiz/trunk/applications/product/webapp/facility/facility/ > PicklistManage.ftl (original) > +++ ofbiz/trunk/applications/product/webapp/facility/facility/ > PicklistManage.ftl Fri Apr 24 12:47:07 2009 > @@ -92,6 +92,7 @@ > <#-- PicklistBin --> > <#list picklistInfo.picklistBinInfoList?if_exists as > picklistBinInfo> > <#assign isBinComplete = > Static > ["org > .ofbiz.shipment.picklist.PickListServices"].isBinComplete(delegator, > picklistBinInfo.picklistBin.picklistBinId)/> > + <#assign count = 0> > <#if (!isBinComplete)> > <div style="margin-left: 15px;"> > <span class="label">$ > {uiLabelMap.ProductBinNum}</span> $ > {picklistBinInfo.picklistBin.binLocationNumber} ($ > {picklistBinInfo.picklistBin.picklistBinId}) > @@ -142,7 +143,18 @@ > <td>$ > {inventoryItemAndLocation.areaId?if_exists}-$ > {inventoryItemAndLocation.aisleId?if_exists}-$ > {inventoryItemAndLocation.sectionId?if_exists}-$ > {inventoryItemAndLocation.levelId?if_exists}-$ > {inventoryItemAndLocation.positionId?if_exists}</td> > <td>$ > {picklistItem.quantity}</td> > <#if ! > picklistItemInfo.itemIssuanceList?has_content> > - <td><a > href="<@ofbizUrl>deletePicklistItem?picklistBinId=$ > {picklistItemInfo.picklistItem.picklistBinId}&orderId=$ > {picklistItemInfo.picklistItem.orderId}&orderItemSeqId=$ > {picklistItemInfo.picklistItem.orderItemSeqId}&shipGroupSeqId=$ > {picklistItemInfo.picklistItem.shipGroupSeqId}&inventoryItemId=$ > {picklistItemInfo.picklistItem.inventoryItemId}&facilityId=$ > {facilityId?if_exists}</@ofbizUrl>" class="buttontext">$ > {uiLabelMap.CommonDelete}</a></td> > + <td> > + <#assign count = > count+1> > + <form > name="deletePicklistItem_${picklist.picklistId}_$ > {picklistItem.orderId}_${count}" method="post" > action="<@ofbizUrl>deletePicklistItem</@ofbizUrl>"> > + <input > type="hidden" name="picklistBinId" value="$ > {picklistItemInfo.picklistItem.picklistBinId}"/> > + <input > type="hidden" name="orderId" value= "$ > {picklistItemInfo.picklistItem.orderId}"/> > + <input > type="hidden" name="orderItemSeqId" value="$ > {picklistItemInfo.picklistItem.orderItemSeqId}"/> > + <input > type="hidden" name="shipGroupSeqId" value="$ > {picklistItemInfo.picklistItem.shipGroupSeqId}"/> > + <input > type="hidden" name="inventoryItemId" value="$ > {picklistItemInfo.picklistItem.inventoryItemId}"/> > + <input > type="hidden" name="facilityId" value="${facilityId?if_exists}"/> > + <a > href='javascript:document.deletePicklistItem_${picklist.picklistId}_$ > {picklistItem.orderId}_${count}.submit()' class='buttontext'> $ > {uiLabelMap.CommonDelete} </a> > + </form> > + </td> > </#if> > <td> > <#-- > picklistItem.orderItemShipGrpInvRes (do we want to display any of > this info?) --> > > |
«
Return to OFBiz - Commits
|
1 view|%1 views
| Free forum by Nabble | Edit this page |