mirror of
https://github.com/silverstripe/silverstripe-cms
synced 2024-10-22 08:05:56 +02:00
BUG Consistently use FormResponse in CMS JavaScript (fixes #8036)
Regression caused by a security fix in 9bf3ae9a190
This commit is contained in:
parent
75e58c9508
commit
41aec54e88
@ -654,7 +654,8 @@ JS;
|
|||||||
|
|
||||||
$script .= "statusMessage('$message');";
|
$script .= "statusMessage('$message');";
|
||||||
|
|
||||||
return $script;
|
FormResponse::add($script);
|
||||||
|
return FormResponse::respond();
|
||||||
}
|
}
|
||||||
|
|
||||||
public function removefile($request){
|
public function removefile($request){
|
||||||
@ -671,10 +672,12 @@ JS;
|
|||||||
$file->destroy();
|
$file->destroy();
|
||||||
|
|
||||||
if(Director::is_ajax()) {
|
if(Director::is_ajax()) {
|
||||||
echo <<<JS
|
$js = <<<JS
|
||||||
$('Form_EditForm_Files').removeFile($fileID);
|
$('Form_EditForm_Files').removeFile($fileID);
|
||||||
statusMessage('removed file', 'good');
|
statusMessage('removed file', 'good');
|
||||||
JS;
|
JS;
|
||||||
|
FormResponse::add($js);
|
||||||
|
return FormResponse::respond();
|
||||||
} else {
|
} else {
|
||||||
Director::redirectBack();
|
Director::redirectBack();
|
||||||
}
|
}
|
||||||
|
@ -148,11 +148,14 @@ class CommentAdmin extends LeftAndMain {
|
|||||||
user_error("No comments in $commentList could be found!", E_USER_ERROR);
|
user_error("No comments in $commentList could be found!", E_USER_ERROR);
|
||||||
}
|
}
|
||||||
|
|
||||||
echo <<<JS
|
$js = <<<JS
|
||||||
$deleteList
|
$deleteList
|
||||||
$('Form_EditForm').getPageFromServer($('Form_EditForm_ID').value);
|
$('Form_EditForm').getPageFromServer($('Form_EditForm_ID').value);
|
||||||
statusMessage("Deleted $numComments comments.");
|
statusMessage("Deleted $numComments comments.");
|
||||||
JS;
|
JS;
|
||||||
|
|
||||||
|
FormResponse::add($js);
|
||||||
|
return FormResponse::respond();
|
||||||
}
|
}
|
||||||
|
|
||||||
function deleteall() {
|
function deleteall() {
|
||||||
@ -168,11 +171,14 @@ JS;
|
|||||||
}
|
}
|
||||||
|
|
||||||
$msg = sprintf(_t('CommentAdmin.DELETED', 'Deleted %s comments.'), $numComments);
|
$msg = sprintf(_t('CommentAdmin.DELETED', 'Deleted %s comments.'), $numComments);
|
||||||
echo <<<JS
|
$js = <<<JS
|
||||||
$('Form_EditForm').getPageFromServer($('Form_EditForm_ID').value);
|
$('Form_EditForm').getPageFromServer($('Form_EditForm_ID').value);
|
||||||
statusMessage("$msg");
|
statusMessage("$msg");
|
||||||
JS;
|
JS;
|
||||||
|
|
||||||
|
FormResponse::add($js);
|
||||||
|
return FormResponse::respond();
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
function spammarked() {
|
function spammarked() {
|
||||||
@ -207,11 +213,13 @@ JS;
|
|||||||
}
|
}
|
||||||
|
|
||||||
$msg = sprintf(_t('CommentAdmin.MARKEDSPAM', 'Marked %s comments as spam.'), $numComments);
|
$msg = sprintf(_t('CommentAdmin.MARKEDSPAM', 'Marked %s comments as spam.'), $numComments);
|
||||||
echo <<<JS
|
$js = <<<JS
|
||||||
$deleteList
|
$deleteList
|
||||||
$('Form_EditForm').getPageFromServer($('Form_EditForm_ID').value);
|
$('Form_EditForm').getPageFromServer($('Form_EditForm_ID').value);
|
||||||
statusMessage("$msg");
|
statusMessage("$msg");
|
||||||
JS;
|
JS;
|
||||||
|
FormResponse::add($js);
|
||||||
|
return FormResponse::respond();
|
||||||
}
|
}
|
||||||
|
|
||||||
function hammarked() {
|
function hammarked() {
|
||||||
@ -247,11 +255,13 @@ JS;
|
|||||||
}
|
}
|
||||||
|
|
||||||
$msg = sprintf(_t('CommentAdmin.MARKEDNOTSPAM', 'Marked %s comments as not spam.'), $numComments);
|
$msg = sprintf(_t('CommentAdmin.MARKEDNOTSPAM', 'Marked %s comments as not spam.'), $numComments);
|
||||||
echo <<<JS
|
$js = <<<JS
|
||||||
$deleteList
|
$deleteList
|
||||||
$('Form_EditForm').getPageFromServer($('Form_EditForm_ID').value);
|
$('Form_EditForm').getPageFromServer($('Form_EditForm_ID').value);
|
||||||
statusMessage("$msg");
|
statusMessage("$msg");
|
||||||
JS;
|
JS;
|
||||||
|
FormResponse::add($js);
|
||||||
|
return FormResponse::respond();
|
||||||
}
|
}
|
||||||
|
|
||||||
function acceptmarked() {
|
function acceptmarked() {
|
||||||
@ -274,11 +284,14 @@ JS;
|
|||||||
}
|
}
|
||||||
|
|
||||||
$msg = sprintf(_t('CommentAdmin.APPROVED', 'Accepted %s comments.'), $numComments);
|
$msg = sprintf(_t('CommentAdmin.APPROVED', 'Accepted %s comments.'), $numComments);
|
||||||
echo <<<JS
|
$js = <<<JS
|
||||||
$deleteList
|
$deleteList
|
||||||
$('Form_EditForm').getPageFromServer($('Form_EditForm_ID').value);
|
$('Form_EditForm').getPageFromServer($('Form_EditForm_ID').value);
|
||||||
statusMessage("Accepted $numComments comments.");
|
statusMessage("Accepted $numComments comments.");
|
||||||
JS;
|
JS;
|
||||||
|
|
||||||
|
FormResponse::add($js);
|
||||||
|
return FormResponse::respond();
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -831,13 +831,14 @@ JS;
|
|||||||
public function addTreeNodeJS($page, $select = false) {
|
public function addTreeNodeJS($page, $select = false) {
|
||||||
$parentID = (int)$page->ParentID;
|
$parentID = (int)$page->ParentID;
|
||||||
$title = Convert::raw2js($page->TreeTitle());
|
$title = Convert::raw2js($page->TreeTitle());
|
||||||
$response = <<<JS
|
$js = <<<JS
|
||||||
var newNode = $('sitetree').createTreeNode($page->ID, "$title", "$page->class");
|
var newNode = $('sitetree').createTreeNode($page->ID, "$title", "$page->class");
|
||||||
var parentNode = $('sitetree').getTreeNodeByIdx($parentID);
|
var parentNode = $('sitetree').getTreeNodeByIdx($parentID);
|
||||||
if(parentNode) parentNode.appendTreeNode(newNode);
|
if(parentNode) parentNode.appendTreeNode(newNode);
|
||||||
JS;
|
JS;
|
||||||
$response .= ($select ? "newNode.selectTreeNode();\n" : "") ;
|
$js .= ($select ? "newNode.selectTreeNode();\n" : "") ;
|
||||||
return $response;
|
FormResponse::add($js);
|
||||||
|
return FormResponse::respond();
|
||||||
}
|
}
|
||||||
/**
|
/**
|
||||||
* Returns a javascript snippet to remove a tree node for the given page, if it exists.
|
* Returns a javascript snippet to remove a tree node for the given page, if it exists.
|
||||||
@ -846,7 +847,7 @@ JS;
|
|||||||
*/
|
*/
|
||||||
public function deleteTreeNodeJS($page) {
|
public function deleteTreeNodeJS($page) {
|
||||||
$id = $page->ID ? $page->ID : $page->OldID;
|
$id = $page->ID ? $page->ID : $page->OldID;
|
||||||
$response = <<<JS
|
$js = <<<JS
|
||||||
var node = $('sitetree').getTreeNodeByIdx($id);
|
var node = $('sitetree').getTreeNodeByIdx($id);
|
||||||
if(node && node.parentTreeNode) node.parentTreeNode.removeTreeNode(node);
|
if(node && node.parentTreeNode) node.parentTreeNode.removeTreeNode(node);
|
||||||
$('Form_EditForm').closeIfSetTo($id);
|
$('Form_EditForm').closeIfSetTo($id);
|
||||||
@ -857,7 +858,8 @@ JS;
|
|||||||
$this->setCurrentPageID(null);
|
$this->setCurrentPageID(null);
|
||||||
}
|
}
|
||||||
|
|
||||||
return $response;
|
FormResponse::add($js);
|
||||||
|
return FormResponse::respond();
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -321,7 +321,6 @@ addfolder.prototype = {
|
|||||||
return false;
|
return false;
|
||||||
},
|
},
|
||||||
onSuccess: function(response) {
|
onSuccess: function(response) {
|
||||||
Ajax.Evaluator(response);
|
|
||||||
// Make it possible to drop files into the new folder
|
// Make it possible to drop files into the new folder
|
||||||
DropFileItem.applyTo('#sitetree li');
|
DropFileItem.applyTo('#sitetree li');
|
||||||
},
|
},
|
||||||
@ -456,7 +455,6 @@ var deletefolder = {
|
|||||||
},
|
},
|
||||||
|
|
||||||
submit_success: function(response) {
|
submit_success: function(response) {
|
||||||
Ajax.Evaluator(response);
|
|
||||||
treeactions.closeSelection($('deletepage'));
|
treeactions.closeSelection($('deletepage'));
|
||||||
}
|
}
|
||||||
};
|
};
|
||||||
|
@ -131,7 +131,6 @@ addpageclass.prototype = {
|
|||||||
|
|
||||||
var suffix = _NEW_PAGES[parentID]++;
|
var suffix = _NEW_PAGES[parentID]++;
|
||||||
Ajax.SubmitForm(_HANDLER_FORMS.addpage, "action_addpage", {
|
Ajax.SubmitForm(_HANDLER_FORMS.addpage, "action_addpage", {
|
||||||
onSuccess : Ajax.Evaluator,
|
|
||||||
onFailure : function(response) { if (response.status == 403) {
|
onFailure : function(response) { if (response.status == 403) {
|
||||||
alert('You cannot add that page at that location.');
|
alert('You cannot add that page at that location.');
|
||||||
}},
|
}},
|
||||||
@ -592,7 +591,6 @@ publishpage.prototype = {
|
|||||||
// Submit form
|
// Submit form
|
||||||
Ajax.SubmitForm(this, null, {
|
Ajax.SubmitForm(this, null, {
|
||||||
onSuccess : function(response) {
|
onSuccess : function(response) {
|
||||||
Ajax.Evaluator(response);
|
|
||||||
$('batchactions_go').className = '';
|
$('batchactions_go').className = '';
|
||||||
batchActionGlobals.deselectAll();
|
batchActionGlobals.deselectAll();
|
||||||
},
|
},
|
||||||
@ -639,7 +637,6 @@ deletepage.prototype = {
|
|||||||
$('Form_DeleteItemsForm_action_deleteitems').className = 'loading';
|
$('Form_DeleteItemsForm_action_deleteitems').className = 'loading';
|
||||||
Ajax.SubmitForm(this, null, {
|
Ajax.SubmitForm(this, null, {
|
||||||
onSuccess : function(response) {
|
onSuccess : function(response) {
|
||||||
Ajax.Evaluator(response);
|
|
||||||
$('Form_DeleteItemsForm_action_deleteitems').className = '';
|
$('Form_DeleteItemsForm_action_deleteitems').className = '';
|
||||||
treeactions.closeSelection($('batchactions'));
|
treeactions.closeSelection($('batchactions'));
|
||||||
},
|
},
|
||||||
|
@ -8,7 +8,6 @@ function action_revert_right() {
|
|||||||
$('Form_EditForm_action_revert').value = ss.i18n._t('CMSMAIN.RESTORING');
|
$('Form_EditForm_action_revert').value = ss.i18n._t('CMSMAIN.RESTORING');
|
||||||
$('Form_EditForm_action_revert').className = 'action loading';
|
$('Form_EditForm_action_revert').className = 'action loading';
|
||||||
Ajax.SubmitForm('Form_EditForm', 'action_revert', {
|
Ajax.SubmitForm('Form_EditForm', 'action_revert', {
|
||||||
onSuccess : Ajax.Evaluator,
|
|
||||||
onFailure : function(response) {
|
onFailure : function(response) {
|
||||||
errorMessage(ss.i18n._t('CMSMAIN.ERRORREVERTING'), response);
|
errorMessage(ss.i18n._t('CMSMAIN.ERRORREVERTING'), response);
|
||||||
}
|
}
|
||||||
|
@ -302,7 +302,6 @@ function prepareAjaxActions(actions, formName, tabName) {
|
|||||||
} else {
|
} else {
|
||||||
statusMessage('...');
|
statusMessage('...');
|
||||||
Ajax.SubmitForm(this.ownerForm, this.name, {
|
Ajax.SubmitForm(this.ownerForm, this.name, {
|
||||||
onSuccess: Ajax.Evaluator,
|
|
||||||
onFailure: ajaxErrorHandler
|
onFailure: ajaxErrorHandler
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
@ -333,7 +332,6 @@ function ajaxSubmitForm(automated, callAfter, form, action, verb) {
|
|||||||
statusMessage(verb + '...', '', true);
|
statusMessage(verb + '...', '', true);
|
||||||
|
|
||||||
var success = function(response) {
|
var success = function(response) {
|
||||||
Ajax.Evaluator(response);
|
|
||||||
if(callAfter) callAfter();
|
if(callAfter) callAfter();
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -364,10 +362,6 @@ function ajaxSubmitFieldSet(href, fieldSet, extraData) {
|
|||||||
// Send request
|
// Send request
|
||||||
new Ajax.Request(href, {
|
new Ajax.Request(href, {
|
||||||
method : 'post', postBody : data,
|
method : 'post', postBody : data,
|
||||||
onSuccess : function(response) {
|
|
||||||
//alert(response.responseText);
|
|
||||||
Ajax.Evaluator(response);
|
|
||||||
},
|
|
||||||
onFailure : function(response) {
|
onFailure : function(response) {
|
||||||
alert(response.responseText);
|
alert(response.responseText);
|
||||||
//errorMessage('Error: ', response);
|
//errorMessage('Error: ', response);
|
||||||
@ -382,7 +376,6 @@ function ajaxLink(href) {
|
|||||||
// Send request
|
// Send request
|
||||||
new Ajax.Request(href + (href.indexOf("?") == -1 ? "?" : "&") + "ajax=1", {
|
new Ajax.Request(href + (href.indexOf("?") == -1 ? "?" : "&") + "ajax=1", {
|
||||||
method : 'get',
|
method : 'get',
|
||||||
onSuccess : Ajax.Evaluator,
|
|
||||||
onFailure : ajaxErrorHandler
|
onFailure : ajaxErrorHandler
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
@ -286,7 +286,6 @@ TreeNodeAPI.prototype = {
|
|||||||
|
|
||||||
new Ajax.Request(url, {
|
new Ajax.Request(url, {
|
||||||
method : 'get',
|
method : 'get',
|
||||||
onSuccess : Ajax.Evaluator,
|
|
||||||
onFailure : function(response) {
|
onFailure : function(response) {
|
||||||
errorMessage('Error: ', response);
|
errorMessage('Error: ', response);
|
||||||
}
|
}
|
||||||
@ -297,7 +296,6 @@ TreeNodeAPI.prototype = {
|
|||||||
var url = baseHref() + 'admin/duplicatewithchildren/' + this.getIdx() + '?ajax=1&SecurityID=' + token;
|
var url = baseHref() + 'admin/duplicatewithchildren/' + this.getIdx() + '?ajax=1&SecurityID=' + token;
|
||||||
new Ajax.Request(url, {
|
new Ajax.Request(url, {
|
||||||
method : 'get',
|
method : 'get',
|
||||||
onSuccess : Ajax.Evaluator,
|
|
||||||
onFailure : function(response) {
|
onFailure : function(response) {
|
||||||
errorMessage('Error: ', response);
|
errorMessage('Error: ', response);
|
||||||
}
|
}
|
||||||
@ -431,7 +429,6 @@ SiteTreeNode.prototype = {
|
|||||||
new Ajax.Request(SiteTreeHandlers.parentChanged_url, {
|
new Ajax.Request(SiteTreeHandlers.parentChanged_url, {
|
||||||
method : 'post',
|
method : 'post',
|
||||||
postBody : 'ID=' + node.getIdx() + '&ParentID=' + newParent.getIdx() + '&CurrentlyOpenPageID=' + currentlyOpenPageID + '&SecurityID=' + token,
|
postBody : 'ID=' + node.getIdx() + '&ParentID=' + newParent.getIdx() + '&CurrentlyOpenPageID=' + currentlyOpenPageID + '&SecurityID=' + token,
|
||||||
onSuccess : Ajax.Evaluator,
|
|
||||||
onFailure : function(response) {
|
onFailure : function(response) {
|
||||||
errorMessage('error saving parent', response);
|
errorMessage('error saving parent', response);
|
||||||
}
|
}
|
||||||
|
@ -103,7 +103,7 @@ CMSForm.prototype = {
|
|||||||
}
|
}
|
||||||
|
|
||||||
if(response && evalResponse) {
|
if(response && evalResponse) {
|
||||||
Ajax.Evaluator(response);
|
// no-op, has already been evaluated by prototype.js
|
||||||
} else {
|
} else {
|
||||||
this.innerHTML = rightHTML;
|
this.innerHTML = rightHTML;
|
||||||
}
|
}
|
||||||
@ -178,8 +178,6 @@ CMSForm.prototype = {
|
|||||||
}
|
}
|
||||||
|
|
||||||
var success = function(response) {
|
var success = function(response) {
|
||||||
Ajax.Evaluator(response);
|
|
||||||
|
|
||||||
__form.resetElements();
|
__form.resetElements();
|
||||||
if(__callAfter) __callAfter();
|
if(__callAfter) __callAfter();
|
||||||
if(__form.notify && __form.elements.ID != undefined) __form.notify('PageSaved', __form.elements.ID.value);
|
if(__form.notify && __form.elements.ID != undefined) __form.notify('PageSaved', __form.elements.ID.value);
|
||||||
|
@ -66,8 +66,7 @@ PageCommentInterface.prototype = {
|
|||||||
//need to check if there is actually a spam question to change first
|
//need to check if there is actually a spam question to change first
|
||||||
if(form.elements.Math){
|
if(form.elements.Math){
|
||||||
new Ajax.Request(document.getElementsByTagName('base')[0].href+'PageCommentInterface_Controller/newspamquestion', {
|
new Ajax.Request(document.getElementsByTagName('base')[0].href+'PageCommentInterface_Controller/newspamquestion', {
|
||||||
onSuccess: loadSpamQuestion,
|
onSuccess: loadSpamQuestion
|
||||||
onFailure: Ajax.Evaluator
|
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -25,7 +25,6 @@ var addgroup = {
|
|||||||
var st = $('sitetree');
|
var st = $('sitetree');
|
||||||
$('addgroup_options').elements.ParentID.value = st.firstSelected() ? st.getIdxOf(st.firstSelected()) : 0;
|
$('addgroup_options').elements.ParentID.value = st.firstSelected() ? st.getIdxOf(st.firstSelected()) : 0;
|
||||||
Ajax.SubmitForm('addgroup_options', null, {
|
Ajax.SubmitForm('addgroup_options', null, {
|
||||||
onSuccess : Ajax.Evaluator,
|
|
||||||
onFailure : function(response) {
|
onFailure : function(response) {
|
||||||
errorMessage('Error adding page', response);
|
errorMessage('Error adding page', response);
|
||||||
}
|
}
|
||||||
@ -113,8 +112,6 @@ var deletegroup = {
|
|||||||
|
|
||||||
Ajax.SubmitForm('deletegroup_options', null, {
|
Ajax.SubmitForm('deletegroup_options', null, {
|
||||||
onSuccess : function(response) {
|
onSuccess : function(response) {
|
||||||
Ajax.Evaluator(response);
|
|
||||||
|
|
||||||
var sel;
|
var sel;
|
||||||
if((sel = $('sitetree').firstSelected()) && sel.parentNode) sel.addNodeClass('current');
|
if((sel = $('sitetree').firstSelected()) && sel.parentNode) sel.addNodeClass('current');
|
||||||
else $('Form_EditForm').innerHTML = "";
|
else $('Form_EditForm').innerHTML = "";
|
||||||
|
@ -11,10 +11,7 @@ Behaviour.register({
|
|||||||
url += "&locale=" + $('Form_EditForm_Locale').value;
|
url += "&locale=" + $('Form_EditForm_Locale').value;
|
||||||
url += "&SecurityID=" + $$('input[name=SecurityID]')[0].value;
|
url += "&SecurityID=" + $$('input[name=SecurityID]')[0].value;
|
||||||
|
|
||||||
new Ajax.Request( url, {
|
new Ajax.Request(url);
|
||||||
onSuccess: Ajax.Evaluator,
|
|
||||||
onFailure: Ajax.Evaluator
|
|
||||||
});
|
|
||||||
|
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user