Skip to content
Permalink
Browse files

Restore ability to edit ITransact and Ogone payment drivers. Ensure t…

…hat all forms use CSRF tokens.
  • Loading branch information...
perlDreamer committed Feb 25, 2012
1 parent 02bb3a9 commit 476b14f82c7cf739288c99ebf7a34dd8bd4d784f
Showing with 4 additions and 4 deletions.
  1. +1 −1 lib/WebGUI/Shop/PayDriver.pm
  2. +2 −2 lib/WebGUI/Shop/PayDriver/ITransact.pm
  3. +1 −1 lib/WebGUI/Shop/PayDriver/Ogone.pm
@@ -372,6 +372,7 @@ sub getEditForm {

my $form = WebGUI::FormBuilder->new($self->session);
$form->addField( "submit", name => "send" );
$form->addField( 'csrfToken', name => 'csrfToken' );

$self->getDoFormTags('editSave', $form);
$form->addField( "hidden",
@@ -657,7 +658,6 @@ sub www_edit {
return $session->privilege->insufficient() unless $session->user->isAdmin;

my $form = $self->getEditForm;
$form->addField( 'csrfToken', name => 'csrfToken' );
$form->addField( "submit", name => "send" );

return '<h1>' . $i18n->get('payment methods') . '</h1>' . $form->toHtml;
@@ -577,7 +577,7 @@ sub www_edit {
return $session->privilege->insufficient() unless $admin->canManage;

my $form = $self->getEditForm;
$form->submit;
$form->addField( "submit", name => "send" );

##Form to let the user log into their ITransact account from here.
my $terminal = WebGUI::HTMLForm->new($session, action=>"https://secure.paymentclearing.com/cgi-bin/rc/sess.cgi", extras=>'target="_blank"');
@@ -596,7 +596,7 @@ sub www_edit {
.'<b>https://'.$session->config->get("sitename")->[0]
.'/?shop=pay;method=do;do=processRecurringTransactionPostback;paymentGatewayId='.$self->getId.'</b>';

return $admin->getAdminConsole->render($form->print.$output, $i18n->get('payment methods','PayDriver'));
return $admin->getAdminConsole->render($form->toHtml.$output, $i18n->get('payment methods','PayDriver'));
}

#-------------------------------------------------------------------
@@ -424,7 +424,7 @@ sub www_edit {
my $output = '<br />';
$output .= sprintf $i18n->get('ogone setup'), $processUrl, $processUrl;

return $admin->getAdminConsole->render($form->print.$output, $i18n->get('payment methods','PayDriver'));
return $admin->getAdminConsole->render($form->toHtml.$output, $i18n->get('payment methods','PayDriver'));
}

#-------------------------------------------------------------------

0 comments on commit 476b14f

Please sign in to comment.
You can’t perform that action at this time.