svn commit: r823518 - /ofbiz/trunk/specialpurpose/projectmgr/webapp/projectmgr/survey/ListSurveys.ftl

Author: mor
Date: Fri Oct  9 11:58:09 2009
New Revision: 823518

URL: http://svn.apache.org/viewvc?rev=823518&view=rev
Log:
Secured URLs in FTL. Applied patch from Rohit Jain, part of OFBIZ-2430 (https://issues.apache.org/jira/browse/OFBIZ-2430)

Modified:
    ofbiz/trunk/specialpurpose/projectmgr/webapp/projectmgr/survey/ListSurveys.ftl

Modified: ofbiz/trunk/specialpurpose/projectmgr/webapp/projectmgr/survey/ListSurveys.ftl
URL: http://svn.apache.org/viewvc/ofbiz/trunk/specialpurpose/projectmgr/webapp/projectmgr/survey/ListSurveys.ftl?rev=823518&r1=823517&r2=823518&view=diff
==============================================================================
--- ofbiz/trunk/specialpurpose/projectmgr/webapp/projectmgr/survey/ListSurveys.ftl (original)
+++ ofbiz/trunk/specialpurpose/projectmgr/webapp/projectmgr/survey/ListSurveys.ftl Fri Oct  9 11:58:09 2009
@@ -39,8 +39,8 @@
             <#list productStoreSurveyAppls as productStoreSurveyAppl>
               <#if productStoreSurveyAppl?has_content>
                 <#assign survey = productStoreSurveyAppl.getRelatedOne("Survey")>
-                <form method="post" action="<@ofbizUrl>updateWorkEffortSurveyAppl</@ofbizUrl>" name="editWorkEffortSurveyAppl_${workEffortSurveyAppl_index}">
                 <tr>
+                  <form method="post" action="<@ofbizUrl>updateWorkEffortSurveyAppl</@ofbizUrl>" name="editWorkEffortSurveyAppl_${workEffortSurveyAppl_index}">
                   <td><a href="/content/control/EditSurvey?surveyId=${workEffortSurveyAppl.surveyId?if_exists}" class="buttontext">${workEffortSurveyAppl.surveyId?if_exists} - ${survey.surveyName?if_exists}</a></td>
                   <td>${workEffortSurveyAppl.fromDate?if_exists}</td>
                   <td>
@@ -53,10 +53,17 @@
                     <input type="hidden" name="workEffortId" value="${workEffortSurveyAppl.workEffortId?if_exists}"/>
                     <input type="hidden" name="fromDate" value="${workEffortSurveyAppl.fromDate?if_exists}"/>
                     <td><input type="submit" name="submitBtn" value='${uiLabelMap.CommonUpdate}'> </td>
-                    <td><a href="<@ofbizUrl>deleteWorkEffortSurveyAppl?surveyId=&workEffortId=${workEffortSurveyAppl.workEffortId?if_exists}&fromDate=${workEffortSurveyAppl.fromDate?if_exists}</@ofbizUrl>" class="buttontext">${uiLabelMap.CommonDelete}</a></td>
+                  </form>
+                    <td>
+                      <form id="deleteWorkEffortSurveyAppl_${workEffortSurveyAppl_index}" method="post" action="<@ofbizUrl>deleteWorkEffortSurveyAppl</@ofbizUrl>">
+                        <input type="hidden" name="surveyId" value="${workEffortSurveyAppl.surveyId?if_exists}" />
+                        <input type="hidden" name="workEffortId" value="${workEffortSurveyAppl.workEffortId?if_exists}" />
+                        <input type="hidden" name="fromDate" value="${workEffortSurveyAppl.fromDate?if_exists}" />
+                        <a href="javascript:$('deleteWorkEffortSurveyAppl_${workEffortSurveyAppl_index}').submit()" class="buttontext">${uiLabelMap.CommonDelete}</a>
+                      </form>
+                    </td>
                   </#if>
                 </tr>
-                </form>                
               </#if>
             </#list>
           </#if>