- Timestamp:
- 12/01/11 15:37:37 (13 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/dns.cgi
r176 r177 292 292 } 293 293 294 $page->param(resultmsg => $webvar{resultmsg}) if $webvar{resultmsg}; 294 if ($session->param('resultmsg')) { 295 $page->param(resultmsg => $session->param('resultmsg')); 296 $session->clear('resultmsg'); 297 } 295 298 if ($session->param('errmsg')) { 296 299 $page->param(errmsg => $session->param('errmsg')); … … 439 442 } 440 443 441 $page->param(resultmsg => $webvar{resultmsg}) if $webvar{resultmsg}; 444 if ($session->param('resultmsg')) { 445 $page->param(resultmsg => $session->param('resultmsg')); 446 $session->clear('resultmsg'); 447 } 442 448 if ($session->param('errmsg')) { 443 449 $page->param(errmsg => $session->param('errmsg')); … … 744 750 $page->param(delgrp => $permissions{admin} || $permissions{group_delete}); 745 751 746 $page->param(resultmsg => $webvar{resultmsg}) if $webvar{resultmsg}; 752 if ($session->param('resultmsg')) { 753 $page->param(resultmsg => $session->param('resultmsg')); 754 $session->clear('resultmsg'); 755 } 747 756 if ($session->param('errmsg')) { 748 757 $page->param(errmsg => $session->param('errmsg')); … … 1028 1037 $page->param(deluser => $permissions{admin} || $permissions{user_delete}); 1029 1038 1030 $page->param(resultmsg => $webvar{resultmsg}) if $webvar{resultmsg}; 1031 $page->param(warnmsg => $webvar{warnmsg}) if $webvar{warnmsg}; 1039 if ($session->param('resultmsg')) { 1040 $page->param(resultmsg => $session->param('resultmsg')); 1041 $session->clear('resultmsg'); 1042 } 1043 if ($session->param('warnmsg')) { 1044 $page->param(warnmsg => $session->param('warnmsg')); 1045 $session->clear('warnmsg'); 1046 } 1032 1047 if ($session->param('errmsg')) { 1033 1048 $page->param(errmsg => $session->param('errmsg')); … … 1526 1541 # cross-site scripting fixup. instead of passing error messages by URL/form 1527 1542 # variable, put them in the session where the nasty user can't meddle. 1528 if ($params{errmsg}) { 1529 $session->param('errmsg', $params{errmsg}); 1530 delete $params{errmsg}; 1543 # these are done here since it's far simpler to pass them in from wherever 1544 # than set them locally everywhere. 1545 foreach my $sessme ('resultmsg','warnmsg','errmsg') { 1546 if ($params{$sessme}) { 1547 $session->param($sessme, $params{$sessme}); 1548 delete $params{$sessme}; 1549 } 1531 1550 } 1532 1551
Note:
See TracChangeset
for help on using the changeset viewer.