Bug 34478: Replace get with post when needed
This is what has been marked as done in "csrf_get.txt" Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This commit is contained in:
parent
0631153f06
commit
8e3901342a
10 changed files with 13 additions and 13 deletions
|
@ -59,7 +59,7 @@
|
|||
</h1>
|
||||
|
||||
<!-- NOTE: The order of the elements on this form is crictical to correct processing. You've been warned... -->
|
||||
<form name="input" action="/cgi-bin/koha/patroncards/edit-layout.pl" method="get">
|
||||
<form name="input" action="/cgi-bin/koha/patroncards/edit-layout.pl" method="post">
|
||||
<div class="row">
|
||||
<div class="col-sm-6">
|
||||
<fieldset class="rows">
|
||||
|
|
|
@ -57,7 +57,7 @@
|
|||
<span>New printer profile</span>
|
||||
[% END%]
|
||||
</h1>
|
||||
<form name="input" action="/cgi-bin/koha/patroncards/edit-profile.pl" method="get">
|
||||
<form name="input" action="/cgi-bin/koha/patroncards/edit-profile.pl" method="post">
|
||||
<fieldset class="rows"><legend>Profile settings</legend>
|
||||
<ol>
|
||||
<li>
|
||||
|
|
|
@ -58,7 +58,7 @@
|
|||
[% END %]
|
||||
[% IF (template_id) %] ([% template_id | html %])[% END %]
|
||||
</h1>
|
||||
<form name="input" action="/cgi-bin/koha/patroncards/edit-template.pl" method="get">
|
||||
<form name="input" action="/cgi-bin/koha/patroncards/edit-template.pl" method="post">
|
||||
<div class="row">
|
||||
<div class="col-sm-6">
|
||||
<fieldset class="rows">
|
||||
|
|
|
@ -43,7 +43,7 @@
|
|||
You must have at least one cash register associated with the library before you can record payments.
|
||||
</p>
|
||||
[% IF ( CAN_user_parameters_manage_cash_registers ) %]
|
||||
<form action="/cgi-bin/koha/admin/cash_registers.pl" method="get">
|
||||
<form action="/cgi-bin/koha/admin/cash_registers.pl" method="post">
|
||||
<input type="hidden" name="op" value="add_form" />
|
||||
<button class="new" type="submit"><i class="fa fa-plus"></i> Create a new cash register</button>
|
||||
</form>
|
||||
|
|
|
@ -40,7 +40,7 @@
|
|||
You must have at least one cash register associated with the library before you can record payments.
|
||||
</p>
|
||||
[% IF ( CAN_user_parameters_manage_cash_registers ) %]
|
||||
<form action="/cgi-bin/koha/admin/cash_registers.pl" method="get">
|
||||
<form action="/cgi-bin/koha/admin/cash_registers.pl" method="post">
|
||||
<input type="hidden" name="op" value="add_form" />
|
||||
<button class="new" type="submit"><i class="fa fa-plus"></i> Create a new cash register</button>
|
||||
</form>
|
||||
|
|
|
@ -37,7 +37,7 @@
|
|||
You must have at least one cash register associated with the library before you can record payments.
|
||||
</p>
|
||||
[% IF ( CAN_user_parameters_manage_cash_registers ) %]
|
||||
<form action="/cgi-bin/koha/admin/cash_registers.pl" method="get">
|
||||
<form action="/cgi-bin/koha/admin/cash_registers.pl" method="post">
|
||||
<input type="hidden" name="op" value="add_form" />
|
||||
<button class="new" type="submit"><i class="fa fa-plus"></i> Create a new cash register</button>
|
||||
</form>
|
||||
|
|
|
@ -118,7 +118,7 @@
|
|||
<h3 class="modal-title" id="exportModalLabel">Exporting to Dublin Core...</h3>
|
||||
<button type="button" class="closebtn" data-dismiss="modal" aria-hidden="true">×</button>
|
||||
</div>
|
||||
<form method="get" action="/cgi-bin/koha/opac-export.pl">
|
||||
<form method="post" action="/cgi-bin/koha/opac-export.pl">
|
||||
<div class="modal-body">
|
||||
<fieldset id="dc_fieldset">
|
||||
<input id="input-simple" type="radio" name="format" value="rdfdc">
|
||||
|
|
|
@ -31,7 +31,7 @@
|
|||
<div class="col order-first order-md-first order-lg-2">
|
||||
[% END %]
|
||||
<div id="userauthhome" class="maincontent">
|
||||
<form name="f" action="/cgi-bin/koha/opac-authorities-home.pl" method="get">
|
||||
<form name="f" action="/cgi-bin/koha/opac-authorities-home.pl" method="post">
|
||||
<input type="hidden" name="op" value="do_search" />
|
||||
<input type="hidden" name="type" value="opac" />
|
||||
<fieldset class="rows">
|
||||
|
|
|
@ -61,7 +61,7 @@
|
|||
[% IF logged_in_user %]
|
||||
<div class="dialog">
|
||||
|
||||
<form id="recallform" action="/cgi-bin/koha/opac-recall.pl" method="get">
|
||||
<form id="recallform" action="/cgi-bin/koha/opac-recall.pl" method="post">
|
||||
<fieldset class="rows" id="options">
|
||||
<legend>Place a recall on <b>[% biblio.title | html %]</b> ([% biblio.author | html %])?</legend>
|
||||
<ul>
|
||||
|
|
|
@ -244,7 +244,7 @@
|
|||
|
||||
[% IF can_manage_shelf %]
|
||||
<span class="sep">|</span>
|
||||
<form method="get" action="/cgi-bin/koha/opac-shelves.pl" class="d-inline">
|
||||
<form method="post" action="/cgi-bin/koha/opac-shelves.pl" class="d-inline">
|
||||
<input type="hidden" name="op" value="edit_form" />
|
||||
<input type="hidden" name="referer" value="view" />
|
||||
<input type='hidden' name='public' value='[% shelf.public | html %]' />
|
||||
|
@ -550,7 +550,7 @@
|
|||
<a class="btn btn-link newshelf" href="/cgi-bin/koha/opac-shelves.pl?op=add_form"><i class="fa fa-fw fa-plus" aria-hidden="true"></i> New list</a>
|
||||
[% IF can_manage_shelf %]
|
||||
<span class="sep">|</span>
|
||||
<form method="get" action="/cgi-bin/koha/opac-shelves.pl" class="d-inline">
|
||||
<form method="post" action="/cgi-bin/koha/opac-shelves.pl" class="d-inline">
|
||||
<input type="hidden" name="op" value="edit_form" />
|
||||
<input type="hidden" name="referer" value="view" />
|
||||
<input type="hidden" name="public" value="[% shelf.public | html %]" />
|
||||
|
@ -759,7 +759,7 @@
|
|||
<td>[% s.lastmodified | $KohaDates %]</td>
|
||||
<td>
|
||||
[% IF s.can_be_managed( loggedinusernumber ) %]
|
||||
<form action="/cgi-bin/koha/opac-shelves.pl" method="get" class="d-inline">
|
||||
<form action="/cgi-bin/koha/opac-shelves.pl" method="post" class="d-inline">
|
||||
<input type="hidden" name="shelfnumber" value="[% s.shelfnumber | html %]" />
|
||||
<input type="hidden" name="public" value="[% s.public | html %]" />
|
||||
<input type="hidden" name="op" value="edit_form" />
|
||||
|
@ -774,7 +774,7 @@
|
|||
<a href="/cgi-bin/koha/opac-shareshelf.pl?op=invite&shelfnumber=[% s.shelfnumber | uri %]" class="sharelist btn btn-link"><i class="fa fa-share" aria-hidden="true"></i> Share</a>
|
||||
[% END %]
|
||||
[% IF s.is_shared AND s.can_be_managed( loggedinusernumber ) %]
|
||||
<form action="/cgi-bin/koha/opac-shelves.pl" method="get" class="d-inline">
|
||||
<form action="/cgi-bin/koha/opac-shelves.pl" method="post" class="d-inline">
|
||||
<input type="hidden" name="shelfnumber" value="[% s.shelfnumber | html %]" />
|
||||
<input type="hidden" name="public" value="0" />
|
||||
<input type="hidden" name="op" value="transfer" />
|
||||
|
|
Loading…
Reference in a new issue