svn commit: r823559 - /ofbiz/trunk/applications/product/webapp/facility/facility/EditContactMech.ftl

Author: mor
Date: Fri Oct  9 14:21:22 2009
New Revision: 823559

URL: http://svn.apache.org/viewvc?rev=823559&view=rev
Log:
Secure URLs in FTL. Applied patch from Akash Jain, part of OFBIZ-3019 (https://issues.apache.org/jira/browse/OFBIZ-3019)

Modified:
    ofbiz/trunk/applications/product/webapp/facility/facility/EditContactMech.ftl

Modified: ofbiz/trunk/applications/product/webapp/facility/facility/EditContactMech.ftl
URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/product/webapp/facility/facility/EditContactMech.ftl?rev=823559&r1=823558&r2=823559&view=diff
==============================================================================
--- ofbiz/trunk/applications/product/webapp/facility/facility/EditContactMech.ftl (original)
+++ ofbiz/trunk/applications/product/webapp/facility/facility/EditContactMech.ftl Fri Oct  9 14:21:22 2009
@@ -90,11 +90,19 @@
                       </#if>
                       (${uiLabelMap.CommonSince}: ${facilityContactMechPurpose.fromDate})
                       <#if facilityContactMechPurpose.thruDate?has_content>(${uiLabelMap.CommonExpires}: ${facilityContactMechPurpose.thruDate.toString()}</#if>
-                      &nbsp;<a href='<@ofbizUrl>deleteFacilityContactMechPurpose?facilityId=${facilityId}&contactMechId=${contactMechId}&contactMechPurposeTypeId=${facilityContactMechPurpose.contactMechPurposeTypeId}&fromDate=${facilityContactMechPurpose.fromDate.toString()}&DONE_PAGE=${donePage}&useValues=true</@ofbizUrl>' class='buttontext'>${uiLabelMap.CommonDelete}</a>
+                      <a href="javascript:$('deleteFacilityContactMechPurpose_${facilityContactMechPurpose_index}').submit();" class="buttontext">${uiLabelMap.CommonDelete}</a>
                   </td>
                 </tr>
                 <#-- toggle the row color -->
                 <#assign alt_row = !alt_row>
+                <form id="deleteFacilityContactMechPurpose_${facilityContactMechPurpose_index}" method="post" action="<@ofbizUrl>deleteFacilityContactMechPurpose</@ofbizUrl>">
+                  <input type="hidden" name="facilityId" value="${facilityId?if_exists}" />
+                  <input type="hidden" name="contactMechId" value="${contactMechId?if_exists}" />
+                  <input type="hidden" name="contactMechPurposeTypeId" value="${(facilityContactMechPurpose.contactMechPurposeTypeId)?if_exists}" />
+                  <input type="hidden" name="fromDate" value="${(facilityContactMechPurpose.fromDate)?if_exists}" />
+                  <input type="hidden" name="DONE_PAGE" value="${donePage?if_exists}" />
+                  <input type="hidden" name="useValues" value="true" />
+                </form>
               </#list>
               </#if>
               <tr>