Commit 94c1d5eca3ed2e6e76d544e0dbc2011902a1f04a
Exists in
master
and in
27 other branches
Merge branch 'AI3262-custom_form_plugin_bug' into 'master'
Ai3262 custom form plugin bug Fixing custom_forms plugin's rails 3 bug -> http://noosfero.org/Development/ActionItem3262 See merge request !293
Showing
6 changed files
with
7 additions
and
7 deletions
Show diff stats
plugins/custom_forms/lib/custom_forms_plugin/alternative.rb
| @@ -5,6 +5,6 @@ class CustomFormsPlugin::Alternative < ActiveRecord::Base | @@ -5,6 +5,6 @@ class CustomFormsPlugin::Alternative < ActiveRecord::Base | ||
| 5 | 5 | ||
| 6 | belongs_to :field, :class_name => 'CustomFormsPlugin::Field' | 6 | belongs_to :field, :class_name => 'CustomFormsPlugin::Field' |
| 7 | 7 | ||
| 8 | - attr_accessible :label, :field, :position | 8 | + attr_accessible :label, :field, :position, :selected_by_default |
| 9 | end | 9 | end |
| 10 | 10 |
plugins/custom_forms/views/custom_forms_plugin_myprofile/_field.html.erb
| @@ -12,7 +12,7 @@ | @@ -12,7 +12,7 @@ | ||
| 12 | <%= f.hidden_field(:position) %> | 12 | <%= f.hidden_field(:position) %> |
| 13 | 13 | ||
| 14 | <%= f.hidden_field :_destroy, :class => 'destroy-field' %> | 14 | <%= f.hidden_field :_destroy, :class => 'destroy-field' %> |
| 15 | - <%= button_to_function :delete, _('Remove field'), "customFormsPlugin.removeFieldBox(this, #{j _('Are you sure you want to remove this field?').to_json})" %> | 15 | + <%= button_to_function :delete, _('Remove field'), "customFormsPlugin.removeFieldBox(this, #{CGI::escapeHTML(_('Are you sure you want to remove this field?').to_json)})" %> |
| 16 | <%= yield %> | 16 | <%= yield %> |
| 17 | </div> | 17 | </div> |
| 18 | </fieldset> | 18 | </fieldset> |
plugins/custom_forms/views/custom_forms_plugin_myprofile/_form.html.erb
| @@ -31,8 +31,8 @@ | @@ -31,8 +31,8 @@ | ||
| 31 | </ul> | 31 | </ul> |
| 32 | 32 | ||
| 33 | <div class="addition-buttons"> | 33 | <div class="addition-buttons"> |
| 34 | - <%= button(:add, _('Add a new text field'), '#', :onclick => "customFormsPlugin.addFields(this, 'fields', #{j html_for_field(f, :fields, CustomFormsPlugin::TextField).to_json}); return false")%> | ||
| 35 | - <%= button(:add, _('Add a new select field'), '#', :onclick => "customFormsPlugin.addFields(this, 'fields', #{j html_for_field(f, :fields, CustomFormsPlugin::SelectField).to_json}); return false")%> | 34 | + <%= button(:add, _('Add a new text field'), '#', :onclick => "customFormsPlugin.addFields(this, 'fields', #{CGI::escapeHTML(html_for_field(f, :fields, CustomFormsPlugin::TextField).to_json)}); return false")%> |
| 35 | + <%= button(:add, _('Add a new select field'), '#', :onclick => "customFormsPlugin.addFields(this, 'fields', #{CGI::escapeHTML(html_for_field(f, :fields, CustomFormsPlugin::SelectField).to_json)}); return false")%> | ||
| 36 | </div> | 36 | </div> |
| 37 | 37 | ||
| 38 | <% button_bar do %> | 38 | <% button_bar do %> |
plugins/custom_forms/views/custom_forms_plugin_myprofile/custom_forms_plugin/_alternative.html.erb
| @@ -7,6 +7,6 @@ | @@ -7,6 +7,6 @@ | ||
| 7 | 7 | ||
| 8 | <td> | 8 | <td> |
| 9 | <%= f.hidden_field :_destroy, :class => 'destroy-field' %> | 9 | <%= f.hidden_field :_destroy, :class => 'destroy-field' %> |
| 10 | - <%= button_to_function_without_text :remove, _('Remove alternative'), "customFormsPlugin.removeAlternative(this, #{j _('Are you sure you want to remove this alternative?').to_json})", :class => 'remove-field', :title => _('Remove alternative') %> | 10 | + <%= button_to_function_without_text :remove, _('Remove alternative'), "customFormsPlugin.removeAlternative(this, #{CGI::escapeHTML(_('Are you sure you want to remove this alternative?').to_json)})", :class => 'remove-field', :title => _('Remove alternative') %> |
| 11 | </td> | 11 | </td> |
| 12 | </tr> | 12 | </tr> |
plugins/custom_forms/views/custom_forms_plugin_myprofile/custom_forms_plugin/_select_field.html.erb
| @@ -22,7 +22,7 @@ | @@ -22,7 +22,7 @@ | ||
| 22 | <tfoot> | 22 | <tfoot> |
| 23 | <tr class="addition-buttons"> | 23 | <tr class="addition-buttons"> |
| 24 | <td colspan="3"> | 24 | <td colspan="3"> |
| 25 | - <%= button(:add, _('Add a new alternative'), '#', :onclick => "customFormsPlugin.addFields(this, 'alternatives', #{j html_for_field(f, :alternatives, CustomFormsPlugin::Alternative).to_json}); return false") %> | 25 | + <%= button(:add, _('Add a new alternative'), '#', :onclick => "customFormsPlugin.addFields(this, 'alternatives', #{CGI::escapeHTML(html_for_field(f, :alternatives, CustomFormsPlugin::Alternative).to_json)}); return false") %> |
| 26 | </td> | 26 | </td> |
| 27 | </tr> | 27 | </tr> |
| 28 | </tfoot> | 28 | </tfoot> |
plugins/custom_forms/views/custom_forms_plugin_myprofile/show_submission.html.erb
| 1 | <h1><%= @form.name %></h1> | 1 | <h1><%= @form.name %></h1> |
| 2 | <p><%= @form.description %></p> | 2 | <p><%= @form.description %></p> |
| 3 | 3 | ||
| 4 | -<% fields_for :submission, @submission do |f| %> | 4 | +<%= fields_for :submission, @submission do |f| %> |
| 5 | <%= render :partial => 'shared/form_submission', :locals => {:f => f} %> | 5 | <%= render :partial => 'shared/form_submission', :locals => {:f => f} %> |
| 6 | <% end %> | 6 | <% end %> |
| 7 | 7 |