81bc750e00
We intend not to have forms with method="post" without an op variable (so we can check that the op starts with "cud-" as part of the CSRF protection), but because of bug 37728 some were missed. This patch changes the form around the OK button when you are told you can't delete a currency which is in use, and the No, do not delete button when you could delete a currency and decide not to, from a POST to a GET because all they need to do is show the list of currencies again. The only visible change from the patch is that the URL will end with a "?" from having done a GET without any params. Someone who wants to decide which of our link-as-cancel-button styles to use is welcome to switch them to links, in a bug not blocking an RM_priority bug. Test plan: 1. No changes to see, so apply the patch first 2. Administration - Currencies and exchange rates 3. You need one currency in use and one not in use. Luckily, ktd gave you USD for in use, and GBP for not in use. For USD, click the Deleete button 4. On the page telling you that you can't delete it because it's in use, click the OK button and verify that you are back at the list of currencies 5. Click the Delete button for GBP, then the No, do not delete button 6. Verify that you are back at the list of currencies Sponsored-by: Chetco Community Public Library Signed-off-by: Sukhmandeep Benipal <sukhmandeep.benipal@inLibro.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de> |
||
---|---|---|
.. | ||
intranet-tmpl | ||
opac-tmpl |