From 7a9780e2b8a6ef5b0cd75b7760c9eee2fdc4ea2c Mon Sep 17 00:00:00 2001 From: Lance Edgar Date: Mon, 19 Dec 2016 14:45:20 -0600 Subject: [PATCH] Fix CSRF bug in Ordering Form template, make case quantity pretty --- .../purchases/batches/order_form.mako | 29 ++++++++++++------- 1 file changed, 19 insertions(+), 10 deletions(-) diff --git a/tailbone/templates/purchases/batches/order_form.mako b/tailbone/templates/purchases/batches/order_form.mako index 7060b980..873198b3 100644 --- a/tailbone/templates/purchases/batches/order_form.mako +++ b/tailbone/templates/purchases/batches/order_form.mako @@ -14,14 +14,12 @@ return true; } if (event.which == 13) { - var input = $(this); var row = $(this).parents('tr:first'); - var data = { - product_uuid: row.data('uuid'), - cases_ordered: row.find('input[name^="cases_ordered_"]').val() || '0', - units_ordered: row.find('input[name^="units_ordered_"]').val() || '0' - }; - $.post('${url('purchases.batch.order_form_update', uuid=batch.uuid)}', data, function(data) { + var form = $('#item-update-form'); + form.find('[name="product_uuid"]').val(row.data('uuid')); + form.find('[name="cases_ordered"]').val(row.find('input[name^="cases_ordered_"]').val() || '0'); + form.find('[name="units_ordered"]').val(row.find('input[name^="units_ordered_"]').val() || '0'); + $.post(form.attr('action'), form.serialize(), function(data) { if (data.error) { alert(data.error); } else { @@ -37,6 +35,10 @@ }); + + +<%def name="extra_styles()"> + ${parent.extra_styles()}