Dotclear

Changeset 860:e6db669b069f for admin/js


Ignore:
Timestamp:
08/02/12 23:08:21 (13 years ago)
Author:
JcDenis
Branch:
default
Children:
861:3e2e678fef61, 1022:6c73aaf901f8
Message:

Fixes a CSRF on users deletion.
Cleaned code on users manager, fixes #1200

Location:
admin/js
Files:
1 added
2 deleted
1 edited

Legend:

Unmodified
Added
Removed
  • admin/js/_users.js

    r548 r860  
    44     }); 
    55     $('#form-users').submit(function() { 
    6           var action = $(this).find('select[name="dispatch_action"]').val(); 
     6          var action = $(this).find('select[name="action"]').val(); 
    77          var user_ids = new Array(); 
    88          var nb_posts = new Array(); 
     
    1010          var msg_cannot_delete = false; 
    1111           
    12           $(this).find('input[name="user_id[]"]').each(function() { 
     12          $(this).find('input[name="users[]"]').each(function() { 
    1313               user_ids.push(this); 
    1414          }); 
     
    4141           
    4242          if (action == 'deleteuser') { 
    43                return window.confirm(dotclear.msg.confirm_delete_user.replace('%s',$('input[name="user_id[]"]:checked').size())); 
     43               return window.confirm(dotclear.msg.confirm_delete_user.replace('%s',$('input[name="users[]"]:checked').size())); 
    4444          } 
    4545           
Note: See TracChangeset for help on using the changeset viewer.

Sites map