diff options
author | lpsolit%gmail.com <> | 2006-10-15 07:02:09 +0200 |
---|---|---|
committer | lpsolit%gmail.com <> | 2006-10-15 07:02:09 +0200 |
commit | 93815fc7619567cc962e053280c5ed0b19492feb (patch) | |
tree | ffc99d8156c41fbd0d5ab8801324adead2ef4436 /template/en/default/admin/flag-type/confirm-delete.html.tmpl | |
parent | 6fcfcb93eda16108f71b4c96010bae95cde622cd (diff) | |
download | bugzilla-93815fc7619567cc962e053280c5ed0b19492feb.tar.gz bugzilla-93815fc7619567cc962e053280c5ed0b19492feb.tar.xz |
Bug 281181: [SECURITY] It's way too easy to delete versions/components/milestones etc... - Patch by Frédéric Buclin <LpSolit@gmail.com> r=mkanat a=myk
Diffstat (limited to 'template/en/default/admin/flag-type/confirm-delete.html.tmpl')
-rw-r--r-- | template/en/default/admin/flag-type/confirm-delete.html.tmpl | 16 |
1 files changed, 7 insertions, 9 deletions
diff --git a/template/en/default/admin/flag-type/confirm-delete.html.tmpl b/template/en/default/admin/flag-type/confirm-delete.html.tmpl index fda34e3b1..0af9fb5a2 100644 --- a/template/en/default/admin/flag-type/confirm-delete.html.tmpl +++ b/template/en/default/admin/flag-type/confirm-delete.html.tmpl @@ -21,18 +21,16 @@ [% PROCESS global/variables.none.tmpl %] -[%# Filter off the name here to be used multiple times below %] -[% name = BLOCK %][% flag_type.name FILTER html %][% END %] +[% title = BLOCK %]Confirm Deletion of Flag Type '[% flag_type.name FILTER html %]'[% END %] -[% PROCESS global/header.html.tmpl - title = "Confirm Deletion of Flag Type '$name'" -%] +[% PROCESS global/header.html.tmpl title = title %] <p> - There are [% flag_type.flag_count %] flags of type [% name FILTER html %]. + There are [% flag_type.flag_count %] flags of type [% flag_type.name FILTER html %]. If you delete this type, those flags will also be deleted. Note that instead of deleting the type you can - <a href="editflagtypes.cgi?action=deactivate&id=[% flag_type.id %]">deactivate it</a>, + <a href="editflagtypes.cgi?action=deactivate&id=[% flag_type.id %]&token= + [%- token FILTER html %]">deactivate it</a>, in which case the type and its flags will remain in the database but will not appear in the [% terms.Bugzilla %] UI. </p> @@ -45,8 +43,8 @@ </tr> <tr> <td> - <a href="editflagtypes.cgi?action=delete&id=[% flag_type.id %]"> - Yes, delete + <a href="editflagtypes.cgi?action=delete&id=[% flag_type.id %]&token= + [%- token FILTER html %]">Yes, delete </a> </td> <td align="right"> |