Unverified Commit fb2652d0 authored by Stefan Hornburg (Racke)'s avatar Stefan Hornburg (Racke) Committed by GitHub
Browse files

Merge pull request #493 from ikedas/racke/pr/csrftoken

Additional changes for #492
parents a47ff9e7 b30815ce
......@@ -29,7 +29,6 @@
[% IF is_privileged_owner %]
[% IF list_conf.status == 'closed' ~%]
<form name="manage_list_status" action="[% path_cgi %]" method="post">
<input type="hidden" name="csrftoken" value="[% csrftoken %]" />
<div>
<input class="MainMenuLinks" type="submit" name="action_open_list"
value="[%|loc%]Restore List[%END%]" />
......@@ -45,7 +44,6 @@
</a></p>
[%~ ELSE ~%]
<form name="manage_list_status" action="[% path_cgi %]" method="post">
<input type="hidden" name="csrftoken" value="[% csrftoken %]" />
<div>
<input class="MainMenuLinks" type="submit" name="action_close_list"
value="[%|loc%]Remove List[%END%]" />
......@@ -57,7 +55,6 @@
[% IF may_create_list && ! is_included ~%]
<form name="manage_list_name" action="[% path_cgi %]" method="post">
<fieldset>
<input type="hidden" name="csrftoken" value="[% csrftoken %]" />
<input class="MainMenuLinks" type="submit" name="action_rename_list_request" value="[%|loc%]Rename List[%END%]"/> [%|loc%]Allows you to change this list's name. Everything related to the list will be renamed, including the mail aliases and the web archives.[%END%]
<input type="hidden" name="list" value="[% list %]"/>
</fieldset>
......@@ -67,7 +64,6 @@
[% IF is_listmaster || is_owner %]
<form name="manage_shared_status" action="[% path_cgi %]" method="post">
<input type="hidden" name="csrftoken" value="[% csrftoken %]" />
<div>
[% IF shared == 'none' %]
<input class="MainMenuLinks" type="submit" name="action_d_admin" value="[%|loc%]Create Shared[%END%]"/> [%|loc%]Initializes the shared document web space.[%END%]
......
......@@ -14,7 +14,6 @@
</p>
<form class="noborder" name="zip_form" method="post" action="[% path_cgi %]">
<input type="hidden" name="csrftoken" value="[% csrftoken %]" />
<div>
<label for="directories">[%|loc%]Archive Selection:[%END%]</label><br />
<select name="directories" id="directories" multiple="multiple" size="4">
......
......@@ -95,7 +95,6 @@
<form method="post" action="[% path_cgi %]" class="noborder">
<fieldset>
<input type="hidden" name="csrftoken" value="[% csrftoken %]" />
<input type="hidden" name="list" value="[% list %]" />
<input type="hidden" name="archive_name" value="[% archive_name %]" />
<input type="hidden" name="key_word" value="[% key_word %]" />
......
......@@ -11,7 +11,6 @@
<form id="bold_label" method="post" action="[% path_cgi %]">
<fieldset>
<input type="hidden" name="csrftoken" value="[% csrftoken %]" />
<input name="list" type="hidden" value="[% list %]" />
<input name="archive_name" type="hidden" value="[% archive_name %]" />
......
......@@ -25,7 +25,6 @@
[% rows = rows+2 %]
<form class="noborder" action="[% 'blacklist' | url_rel %]" method="post">
<fieldset>
<input type="hidden" name="csrftoken" value="[% csrftoken %]" />
<textarea name="blacklist" cols="80" rows="[% rows %]">
[%~ blacklist ~%]
</textarea><br />
......
......@@ -4,7 +4,6 @@
You will need this password to perform privileged operations.[%END%]
<br />
<form action="[% path_cgi %]" method="post">
<input type="hidden" name="csrftoken" value="[% csrftoken %]" />
<fieldset>
<input type="hidden" name="previous_action" value="[% previous_action %]" />
<input type="hidden" name="previous_list" value="[% previous_list %]" />
......
<!-- compose_mail.tt2 -->
<form class="noborder" action="[% path_cgi %]" method="post" name="compose_mail" enctype="multipart/form-data">
<fieldset>
<input type="hidden" name="csrftoken" value="[% csrftoken %]" />
[%|loc(user.email)%]From: %1[%END%]<br />
[% mailto = BLOCK ~%]
[% to | mailto(to) | obfuscate(listconf.spam_protection) %]
......
......@@ -227,7 +227,6 @@
[%~ END %]
<form action="[% path_cgi %]" method="POST">
<input type="hidden" name="csrftoken" value="[% csrftoken %]" />
[% IF confirm_action == 'add' ~%]
[% FOREACH e = email ~%]
<input type="hidden" name="email" value="[% e %]" />
......
......@@ -4,7 +4,6 @@
<p>
<form id="cp_template" action="[% 'copy_template' | url_rel %]" method="post">
<fieldset>
<input type="hidden" name="csrftoken" value="[% csrftoken %]" />
<legend><strong> [%|loc%]Input template[%END%]</strong> </legend>
<label>[%|loc%]Template name: [%END%]</label><strong> [% template_name %] </strong><br />
<label>[%|loc%]Scope: [%END%]</label>[% SWITCH scope -%]
......
......@@ -4,7 +4,6 @@
<p>[%|loc%]With this form, you can create and / or access lists created on the basis of parameters you define.[% END %]</p>
<form action="[% path_cgi %]" method="post" class="add-request"
name="create_automatic_list">
<input type="hidden" name="csrftoken" value="[% csrftoken %]" />
[% FOREACH p = family.description.class ~%]
<h2>[% p.stamp %]</h2>
<p> [% p.description %]</p>
......
......@@ -6,7 +6,6 @@
<form action="[% path_cgi %]" method="post">
<fieldset>
<input type="hidden" name="csrftoken" value="[% csrftoken %]" />
<label for="listname">[%|loc%]List name:[%END%]</label><input type="text" id="listname" name="listname" size="30" value="[% saved.listname %]" />
<label for="owner">[%|loc%]Owner:[%END%]</label> <span>[% user.email %]</span>
<label for="list_type">[%|loc%]List type:[%END%]</label>
......@@ -82,7 +81,6 @@
<form action="[% path_cgi %]" method="post">
<fieldset>
<input type="hidden" name="csrftoken" value="[% csrftoken %]" />
<select name="list">
[% FOREACH l = all_lists %]
<option value="[% l.name %]">[% l.name %]</option>
......
......@@ -80,7 +80,6 @@
<form action="[% path_cgi %]" method="post">
<fieldset>
<input type="hidden" name="csrftoken" value="[% csrftoken %]" />
<label for="read_access">[%|loc%]Read access[%END%]</label>
<select id="read_access" name="read_access">
[% FOREACH s = scenari_read %]
......@@ -104,7 +103,6 @@
[% IF set_owner %]
<form action="[% path_cgi %]" method="post">
<fieldset>
<input type="hidden" name="csrftoken" value="[% csrftoken %]" />
<label for="content">[%|loc(shared_doc.name)%]Set the owner of the directory %1[%END%]</label>
<input type="hidden" name="list" value="[% list %]" />
<input type="hidden" name="path" value="[% shared_doc.paths.join("/") %]" />
......
......@@ -74,7 +74,6 @@
[% IF shared_doc.type == 'url' ~%]
<form method="post" action="[% path_cgi %]">
<fieldset>
<input type="hidden" name="csrftoken" value="[% csrftoken %]" />
<label for="url">[%|loc%]Bookmark URL[%END%]</label>
<input id="url" name="url" value="[% shared_doc.url %]" />
<input class="MainMenuLinks" type="submit" value="[%|loc%]Update[%END%]"
......@@ -83,7 +82,6 @@
[%~ ELSE ~%]
<form method="post" action="[% path_cgi %]" enctype="multipart/form-data">
<fieldset>
<input type="hidden" name="csrftoken" value="[% csrftoken %]" />
<label for="uploaded_file">
[%|loc(shared_doc.name)%]Replace the file %1 with your file[%END%] </label>
<input id="uploaded_file" type="file" name="uploaded_file" />
......@@ -104,7 +102,6 @@
[% IF textfile %]
<form action="[% path_cgi %]" method="POST">
<fieldset>
<input type="hidden" name="csrftoken" value="[% csrftoken %]" />
<label for="content">[%|loc(shared_doc.name)%]Edit the file %1[%END%]</label>
<textarea id="content" name="content" cols="90" rows="25">
[%~ shared_doc.content ~%]
......
......@@ -8,7 +8,6 @@
<form action="[% path_cgi %]" method="post">
<fieldset>
<input type="hidden" name="csrftoken" value="[% csrftoken %]" />
<input id="mode_confirm" class="MainMenuLinks" type="submit" name="mode_confirm" value="[%|loc%]Confirm[%END%]" /></td>
<input id="mode_cancel" class="MainMenuLinks" type="submit" name="mode_cancel" value="[%|loc%]Cancel[%END%]" /></td>
<input type="hidden" name="list" value="[% list %]" />
......
......@@ -86,7 +86,6 @@
<form action="[% path_cgi %]" method="post">
<fieldset>
<input type="hidden" name="csrftoken" value="[% csrftoken %]" />
<label for="content">
[% IF shared_doc.type == 'directory' %]
[%|loc(shared_doc.name)%]Describe directory '%1'[%END%]
......@@ -106,7 +105,6 @@
<form action="[% path_cgi %]" method="post">
<fieldset>
<input type="hidden" name="csrftoken" value="[% csrftoken %]" />
<label for="new_name">
[% IF shared_doc.type == 'directory' %]
[%|loc(shared_doc.name)%]Rename directory %1[%END%]
......
......@@ -295,7 +295,6 @@
<form method="post" action="[% path_cgi %]">
<fieldset>
<input type="hidden" name="csrftoken" value="[% csrftoken %]" />
<h6>
[% IF shared_doc.paths.size ~%]
[%|loc(shared_doc.name)%]Create a new folder inside folder %1[%END%]
......@@ -316,7 +315,6 @@
<form method="post" action="[% path_cgi %]">
<fieldset>
<input type="hidden" name="csrftoken" value="[% csrftoken %]" />
<h6> [%|loc%]Create a new file[%END%]</h6>
<label for="name_file">[%|loc%]File name[%END%]</label> <input id="name_file" maxlength="30" type="text" name="new_name" />
<input class="MainMenuLinks" type="submit" value="[%|loc%]Create[%END%]" name="action_d_create_child" />
......@@ -330,7 +328,6 @@
<form method="post" action="[% path_cgi %]">
<fieldset>
<input type="hidden" name="csrftoken" value="[% csrftoken %]" />
<h6>[%|loc%]Add a bookmark[%END%]</h6>
<label for="name_title">[%|loc%]title[%END%]</label>
<input id="name_title" maxlength="100" size="25" type="text"
......@@ -348,7 +345,6 @@
<form method="post" action="[% path_cgi %]" enctype="multipart/form-data" >
<fieldset>
<input type="hidden" name="csrftoken" value="[% csrftoken %]" />
<h6>
[% IF shared_doc.paths.size %]
[%|loc(shared_doc.name)%]Upload a file inside folder %1[%END%]
......@@ -367,7 +363,6 @@
[% IF total_edit ~%]
<form method="post" action="[% path_cgi %]" enctype="multipart/form-data" >
<fieldset>
<input type="hidden" name="csrftoken" value="[% csrftoken %]" />
<h6>
[% IF shared_doc.paths.size ~%]
[%|loc(shared_doc.name)%]Unzip a file inside the folder %1[%END%]
......
......@@ -11,7 +11,6 @@
<form action="[% path_cgi %]" method="post">
<fieldset>
<input type="hidden" name="csrftoken" value="[% csrftoken %]" />
<label for="mode_delete">[%|loc(shortname)%]Do you want to delete the old file %1?[%END%]</label>
<input id="mode_delete" class="MainMenuLinks" type="submit" name="mode_delete" value="[%|loc%]Delete[%END%]" />
<label for="new_name">[%|loc(shortname)%]Do you want to rename your file %1?[%END%]</label>
......
......@@ -4,7 +4,6 @@
<form class="noborder toggleContainer" data-toggle-selector="input[name='id']"
action="[% path_cgi %]" method="POST" name="moderate_shared">
<fieldset>
<input type="hidden" name="csrftoken" value="[% csrftoken %]" />
<input type="hidden" name="list" value="[% list %]" />
<input class="MainMenuLinks" type="submit" name="action_d_install_shared" value="[%|loc%]Install[%END%]" />
<input class="MainMenuLinks" type="submit" name="action_d_reject_shared.quiet" value="[%|loc%]Reject[%END%]" />
......
......@@ -20,7 +20,6 @@
<form action="[% path_cgi %]" method="post">
<fieldset>
<input type="hidden" name="csrftoken" value="[% csrftoken %]" />
<textarea cols="80" rows="10" name="new_scenario_content">[% dumped_scenario %]</textarea><br />
<input type="hidden" name="list" value="[% list %]" />
<input type="hidden" name="pname" value="[% pname %]" />
......
......@@ -17,7 +17,6 @@
<form action="[% path_cgi %]" method="post">
<fieldset>
<input type="hidden" name="csrftoken" value="[% csrftoken %]" />
<input type="hidden" name="previous_action" value="[% previous_action %]" />
<input type="hidden" name="list" value="[% list %]" />
<input type="hidden" name="role" value="[% pS.name %]" />
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment