myexperiment-hackers
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[myexperiment-hackers] [2774] branches/rails2/app/views/messages/_table.

From: noreply
Subject: [myexperiment-hackers] [2774] branches/rails2/app/views/messages/_table.rhtml: added authenticity token to message delete buttons
Date: Mon, 31 Oct 2011 09:45:28 -0400 (EDT)
Revision
2774
Author
dgc
Date
2011-10-31 09:45:28 -0400 (Mon, 31 Oct 2011)

Log Message

added authenticity token to message delete buttons

Modified Paths

Diff

Modified: branches/rails2/app/views/messages/_table.rhtml (2773 => 2774)


--- branches/rails2/app/views/messages/_table.rhtml	2011-10-31 13:27:31 UTC (rev 2773)
+++ branches/rails2/app/views/messages/_table.rhtml	2011-10-31 13:45:28 UTC (rev 2774)
@@ -77,7 +77,7 @@
 	        <% if inbox_mode -%>
 						<%= icon('reply', url_for(:controller => :messages, :action ="" :new, :reply_id => message.id), nil, nil, 'Reply') %>
 	        <% end -%>
-					<% complex_delete_url = "<a href=""  (confirm('Are you sure you want to delete this message?')) { var f = document.createElement('form'); f.style.display = 'none'; this.parentNode.appendChild(f); f.method = 'POST'; f.action = "" m = document.createElement('input'); m.setAttribute('type', 'hidden'); m.setAttribute('name', '_method'); m.setAttribute('value', 'delete'); f.appendChild(m);var n = document.createElement('input'); n.setAttribute('type', 'hidden'); n.setAttribute('name', 'deleted_from'); n.setAttribute('value', '#{message_folder}'); f.appendChild(n); f.submit(); };return false;\">" -%>
+					<% complex_delete_url = "<a href=""  (confirm('Are you sure you want to delete this message?')) { var f = document.createElement('form'); f.style.display = 'none'; this.parentNode.appendChild(f); f.method = 'POST'; f.action = "" m = document.createElement('input'); m.setAttribute('type', 'hidden'); m.setAttribute('name', '_method'); m.setAttribute('value', 'delete'); f.appendChild(m);var n = document.createElement('input'); n.setAttribute('type', 'hidden'); n.setAttribute('name', 'deleted_from'); n.setAttribute('value', '#{message_folder}'); f.appendChild(n); var o = document.createElement('input'); o.setAttribute('type', 'hidden'); o.setAttribute('name', 'authenticity_token'); o.setAttribute('value', '#{form_authenticity_token}'); f.appendChild(o); f.submit(); };return false;\">" -%>
 			    <%= icon_no_link_processing('message_delete', complex_delete_url, nil, 'Delete') %>
 			</td>
 	  </tr>
@@ -85,11 +85,11 @@
 	</table>
 	
 	<br>
-	<a class="button_slim" href=""  (isSmthSelected()) { if(confirm('Are you sure you want to delete all selected messages?')) { var f = document.createElement('form'); f.style.display = 'none'; this.parentNode.appendChild(f); f.method = 'POST'; f.action = "" m = document.createElement('input'); m.setAttribute('type', 'hidden'); m.setAttribute('name', '_method'); m.setAttribute('value', 'delete'); f.appendChild(m); var n = document.createElement('input'); n.setAttribute('type', 'hidden'); n.setAttribute('name', 'msg_ids'); n.setAttribute('value', getSelectedMsgIDs()); f.appendChild(n); var o = document.createElement('input'); o.setAttribute('type', 'hidden'); o.setAttribute('name', 'deleted_from'); o.setAttribute('value', '<%=message_folder-%>'); f.appendChild(o); f.submit(); }} else{ alert('Please tick checkboxes next to the messages that you want to delete'); };return false;"><%= delete_image("vertical-align: middle", "") -%><span style="vertical-align: middle;"> Delete all selected messages</span></a>		
+	<a class="button_slim" href=""  (isSmthSelected()) { if(confirm('Are you sure you want to delete all selected messages?')) { var f = document.createElement('form'); f.style.display = 'none'; this.parentNode.appendChild(f); f.method = 'POST'; f.action = "" m = document.createElement('input'); m.setAttribute('type', 'hidden'); m.setAttribute('name', '_method'); m.setAttribute('value', 'delete'); f.appendChild(m); var n = document.createElement('input'); n.setAttribute('type', 'hidden'); n.setAttribute('name', 'msg_ids'); n.setAttribute('value', getSelectedMsgIDs()); f.appendChild(n); var o = document.createElement('input'); o.setAttribute('type', 'hidden'); o.setAttribute('name', 'deleted_from'); o.setAttribute('value', '<%=message_folder-%>'); f.appendChild(o); var p = document.createElement('input'); p.setAttribute('type', 'hidden'); p.setAttribute('name', 'authenticity_token'); p.setAttribute('value', '<%= form_authenticity_token -%>'); f.appendChild(p); f.submit(); }} else{ alert('Please tick checkboxes next to the messages that you want to delete'); };return false;"><%= delete_image("vertical-align: middle", "") -%><span style="vertical-align: middle;"> Delete all selected messages</span></a>		
 
 
 <% else %>
 
 	<p class="none_text" style="margin-left: 1.5em">No Messages</p>
 
-<% end %>
\ No newline at end of file
+<% end %>
reply via email to
[Prev in Thread] Current Thread [Next in Thread]