rattail/tailbone
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

Fix CSRF token bug with email preview form, refactor to use webhelpers

Browse source
This commit is contained in:
Lance Edgar 2017-01-09 13:38:17 -06:00
parent 03805942ae
commit 5bc3cb7431
1 changed files with 7 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
tailbone/templates/email/profiles/view.mako
View file

@ -21,10 +21,11 @@
${parent.body()} ${parent.body()}
<form action="${url('email.preview')}" name="send-email-preview" method="post"> ${h.form(url('email.preview'), name='send-email-preview')}
<a id="preview-html" class="button" href="${url('email.preview')}?key=${instance['key']}&amp;type=html" target="_blank">Preview HTML</a> ${h.csrf_token(request)}
<a id="preview-txt" class="button" href="${url('email.preview')}?key=${instance['key']}&amp;type=txt" target="_blank">Preview TXT</a> ${h.link_to("Preview HTML", '{}?key={}&type=html'.format(url('email.preview'), instance['key']), id='preview-html', class_='button', target='_blank')}
${h.link_to("Preview TXT", '{}?key={}&type=txt'.format(url('email.preview'), instance['key']), id='preview-txt', class_='button', target='_blank')}
or or
<input type="text" name="recipient" value="${request.user.email_address or ''}" /> ${h.text('recipient', value=request.user.email_address or '')}
<input type="submit" name="send_${instance['key']}" value="Send Preview Email" /> ${h.submit('send_{}'.format(instance['key']), value="Send Preview Email")}
</form> ${h.end_form()}