aliens/SemanticScuttle
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

do not use links but POST form to change SSL settings. Proper web apps should never change data with GET requests

Browse source
This commit is contained in:
Christian Weiske 2011-05-11 06:44:49 +02:00
parent c13689813e
commit 9d91f1bee1
1 changed files with 12 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
data/templates/editprofile-sslclientcerts.tpl.php
View file

@ -13,7 +13,13 @@
<tbody>
<?php foreach($sslClientCerts as $cert) { ?>
<tr <?php if ($cert->isCurrent()) { echo 'class="ssl-current"'; } ?>>
<td><a href="#FIXME">delete</a></td>
<td>
<form method="post" action="#FIXME">
<button type="submit" name="action" value="deleteClientCert">
<?php echo T_('delete'); ?>
</button>
</form>
</td>
<td><?php echo htmlspecialchars($cert->sslSerial); ?></td>
<td><?php echo htmlspecialchars($cert->sslName); ?></td>
<td><?php echo htmlspecialchars($cert->sslEmail); ?></td>
@ -31,9 +37,11 @@
<p><?php echo T_('Your current certificate is already registered with your account.'); ?></p>
<?php } else { ?>
<p>
<a href="#FIXME">
<form method="post" action="#FIXME">
<button type="submit" name="action" value="registerCurrentCert">
<?php echo T_('Register current certificate to automatically login.'); ?>
</a>
</button>
</form>
</p>
<?php } ?>
<?php } else { ?>