Automatically add a token to any autogenerated form.

Refactor previous commits to take advantage of that.
This commit is contained in:
Colin Kuskie 2009-07-06 17:20:27 +00:00
parent 5e4db3adb4
commit 02e9354c15
7 changed files with 2 additions and 30 deletions

View file

@ -475,7 +475,6 @@ sub www_editGroup {
-name => "op",
-value => "editGroupSave",
);
$f->csrfToken();
$f->hidden(
-name => "gid",
-value => $session->form->process("gid")
@ -718,7 +717,6 @@ sub www_editGrouping {
my $i18n = WebGUI::International->new($session);
my $f = WebGUI::HTMLForm->new($session);
$f->submit;
$f->csrfToken();
$f->hidden(
-name => "op",
-value => "editGroupingSave"
@ -806,7 +804,6 @@ sub www_emailGroup {
-name => "op",
-value => "emailGroupSend"
);
$f->csrfToken();
$f->hidden(
-name => "gid",
-value => $session->form->process("gid")
@ -960,7 +957,6 @@ sub www_manageGroupsInGroup {
return $session->privilege->adminOnly() unless (canEditGroup($session,$session->form->process("gid")));
my $f = WebGUI::HTMLForm->new($session);
$f->csrfToken();
$f->submit;
$f->hidden(
-name => "op",
@ -1017,7 +1013,6 @@ sub www_manageUsersInGroup {
return $session->privilege->adminOnly() unless (canEditGroup($session,$session->form->process("gid")));
my $i18n = WebGUI::International->new($session);
my $output = WebGUI::Form::formHeader($session,)
.WebGUI::Form::csrfToken($session,{})
.WebGUI::Form::hidden($session,{
name=>"gid",
value=>$session->form->process("gid")
@ -1053,7 +1048,6 @@ sub www_manageUsersInGroup {
return _submenu($session,$output) unless ($session->form->process("doit") || $userCount < 250 || $session->form->process("pn") > 1);
my $f = WebGUI::HTMLForm->new($session);
$f->submit;
$f->csrfToken();
$f->hidden(
-name => "gid",
-value => $session->form->process("gid")

View file

@ -607,7 +607,6 @@ sub www_editSettings {
name => "op",
value => "saveSettings"
});
$tabform->csrfToken();
my $definitions = definition($session, $i18n);
foreach my $definition (@{$definitions}) {

View file

@ -633,7 +633,6 @@ sub www_editUser {
my $username = ($u->isVisitor && $uid ne "1") ? '' : $u->username;
$tabform->hidden({name=>"op",value=>"editUserSave"});
$tabform->hidden({name=>"uid",value=>$uid});
$tabform->csrfToken();
$tabform->getTab("account")->raw('<tr><td width="170">&nbsp;</td><td>&nbsp;</td></tr>');
$tabform->getTab("account")->readOnly(value=>$uid,label=>$i18n->get(378));
$tabform->getTab("account")->readOnly(value=>$u->karma,label=>$i18n->get(537)) if ($session->setting->get("useKarma"));
@ -872,7 +871,6 @@ sub www_editUserKarma {
-name => "uid",
-value => $session->form->process("uid"),
);
$f->csrfToken();
$f->integer(
-name => "amount",
-label => $i18n->get(556),

View file

@ -217,7 +217,6 @@ sub www_editVersionTag {
-value=>"editVersionTagSave"
);
my $value = $tag->getId if defined $tag;
$f->csrfToken();
$f->hidden(
-name=>"tagId",
-value=>$value,
@ -324,7 +323,6 @@ sub www_commitVersionTag {
# Commit comments form
my $f = WebGUI::HTMLForm->new($session);
$f->submit;
$f->csrfToken();
$f->readOnly(
label => $i18n->get("version tag name"),
hoverHelp => $i18n->get("version tag name description commit"),
@ -719,7 +717,6 @@ sub www_manageRevisionsInTag {
if (defined $instance) {
my $form = WebGUI::HTMLForm->new($session);
$form->submit;
$form->csrfToken;
$form->hidden(
name=>"tagId",
value=>$tagId
@ -773,7 +770,6 @@ sub www_manageRevisionsInTag {
.= WebGUI::Form::formHeader( $session, {} )
. WebGUI::Form::hidden( $session, { name => 'op', value=> 'manageRevisionsInTag' } )
. WebGUI::Form::hidden( $session, { name => 'tagId', value => $tag->getId } )
. WebGUI::Form::csrfToken( $session )
. '<table width="100%" class="content">'
. '<tr>'
. '<td colspan="5">'