Restore ability to edit ITransact and Ogone payment drivers. Ensure that all forms use CSRF tokens.

2012-02-24 22:43:43 -08:00 · 2012-02-24 22:43:43 -08:00 · 476b14f82c
commit 476b14f82c
parent 02bb3a9d67
3 changed files with 4 additions and 4 deletions
--- a/lib/WebGUI/Shop/PayDriver.pm
+++ b/lib/WebGUI/Shop/PayDriver.pm
@ -372,6 +372,7 @@ sub getEditForm {
    
    my $form = WebGUI::FormBuilder->new($self->session);
    $form->addField( "submit", name => "send" );
+    $form->addField( 'csrfToken', name => 'csrfToken' );
    
    $self->getDoFormTags('editSave', $form);
    $form->addField( "hidden",
@ -657,7 +658,6 @@ sub www_edit {
    return $session->privilege->insufficient() unless $session->user->isAdmin;

    my $form = $self->getEditForm;
-    $form->addField( 'csrfToken', name => 'csrfToken' );
    $form->addField( "submit", name => "send" );
  
    return '<h1>' . $i18n->get('payment methods') . '</h1>' . $form->toHtml;
--- a/lib/WebGUI/Shop/PayDriver/ITransact.pm
+++ b/lib/WebGUI/Shop/PayDriver/ITransact.pm
@ -577,7 +577,7 @@ sub www_edit {
    return $session->privilege->insufficient() unless $admin->canManage;

    my $form = $self->getEditForm;
-    $form->submit;
+    $form->addField( "submit", name => "send" );

    ##Form to let the user log into their ITransact account from here.
    my $terminal = WebGUI::HTMLForm->new($session, action=>"https://secure.paymentclearing.com/cgi-bin/rc/sess.cgi", extras=>'target="_blank"');
@ -596,7 +596,7 @@ sub www_edit {
            .'<b>https://'.$session->config->get("sitename")->[0]
            .'/?shop=pay;method=do;do=processRecurringTransactionPostback;paymentGatewayId='.$self->getId.'</b>';

-    return $admin->getAdminConsole->render($form->print.$output, $i18n->get('payment methods','PayDriver'));
+    return $admin->getAdminConsole->render($form->toHtml.$output, $i18n->get('payment methods','PayDriver'));
 }

 #-------------------------------------------------------------------
--- a/lib/WebGUI/Shop/PayDriver/Ogone.pm
+++ b/lib/WebGUI/Shop/PayDriver/Ogone.pm
@ -424,7 +424,7 @@ sub www_edit {
    my $output = '<br />';
    $output .= sprintf $i18n->get('ogone setup'), $processUrl, $processUrl;
        
-    return $admin->getAdminConsole->render($form->print.$output, $i18n->get('payment methods','PayDriver'));
+    return $admin->getAdminConsole->render($form->toHtml.$output, $i18n->get('payment methods','PayDriver'));
 }

 #-------------------------------------------------------------------