OFBiz › OFBiz - Commits

svn commit: r951098 - in /ofbiz/trunk/applications/order/webapp/ordermgr: WEB-INF/actions/order/SendConfirmationEmail.groovy order/sendconfirmationemail.ftl

_‹ Previous Topic Next Topic _›

Classic

List

Threaded

1 message

jleroux@apache.org

svn commit: r951098 - in /ofbiz/trunk/applications/order/webapp/ordermgr: WEB-INF/actions/order/SendConfirmationEmail.groovy order/sendconfirmationemail.ftl

Author: jleroux
Date: Thu Jun 3 18:23:53 2010
New Revision: 951098

URL: http://svn.apache.org/viewvc?rev=951098&view=rev
Log:
Fix "Securing URL's issue in editorderitems.ftl and ordercontactinfo.ftl" (https://issues.apache.org/jira/browse/OFBIZ-2514) - OFBIZ-2514

I did not find any other remaining errors

Modified:
ofbiz/trunk/applications/order/webapp/ordermgr/WEB-INF/actions/order/SendConfirmationEmail.groovy
ofbiz/trunk/applications/order/webapp/ordermgr/order/sendconfirmationemail.ftl

Modified: ofbiz/trunk/applications/order/webapp/ordermgr/WEB-INF/actions/order/SendConfirmationEmail.groovy
URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/order/webapp/ordermgr/WEB-INF/actions/order/SendConfirmationEmail.groovy?rev=951098&r1=951097&r2=951098&view=diff
==============================================================================
--- ofbiz/trunk/applications/order/webapp/ordermgr/WEB-INF/actions/order/SendConfirmationEmail.groovy (original)
+++ ofbiz/trunk/applications/order/webapp/ordermgr/WEB-INF/actions/order/SendConfirmationEmail.groovy Thu Jun 3 18:23:53 2010
@@ -31,7 +31,7 @@ sendTo = request.getParameter("sendTo");
context.partyId = partyId;
context.sendTo = sendTo;

-donePage = request.getParameter("DONE_PAGE") ?: "orderview?orderId=" + orderId;
+donePage = request.getParameter("DONE_PAGE") ?: "orderview";
context.donePage = donePage;

// Provide the correct order confirmation ProductStoreEmailSetting, if one exists

Modified: ofbiz/trunk/applications/order/webapp/ordermgr/order/sendconfirmationemail.ftl
URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/order/webapp/ordermgr/order/sendconfirmationemail.ftl?rev=951098&r1=951097&r2=951098&view=diff
==============================================================================
--- ofbiz/trunk/applications/order/webapp/ordermgr/order/sendconfirmationemail.ftl (original)
+++ ofbiz/trunk/applications/order/webapp/ordermgr/order/sendconfirmationemail.ftl Thu Jun 3 18:23:53 2010
@@ -26,10 +26,11 @@ under the License.
<br class="clear"/>
</div>
<div class="screenlet-body">
- <a href="<@ofbizUrl>authview/${donePage}</@ofbizUrl>" class="buttontext">${uiLabelMap.CommonGoBack}</a>
- <a href="javascript:document.sendConfirmationForm.submit()" class="buttontext">${uiLabelMap.CommonSend}</a>
+ <a href="<@ofbizUrl>authview/${donePage}?orderId=${orderId}</@ofbizUrl>" class="buttontext">${uiLabelMap.CommonGoBack}</a>
+ <a href="javascript:document.sendConfirmationForm.submit()" class="buttontext">${uiLabelMap.CommonSend}</a>
<br />
<form method="post" action="<@ofbizUrl>sendconfirmationmail/${donePage}</@ofbizUrl>" name="sendConfirmationForm">
+ <input type="hidden" name="orderId" value="${orderId?if_exists}" />
<#if ! productStoreEmailSetting?exists>
<#assign productStoreEmailSetting = {} />
</#if>