Commit f5f2abc1 authored by Chris Graham's avatar Chris Graham

Fix ModSecurity workaround for zone editor

parent f9dd0058
......@@ -165,6 +165,9 @@ class Module_admin_zones
}
if ($type == '__edit') {
require_code('input_filter_2');
modsecurity_workaround_enable();
$delete = post_param_integer('delete', 0);
if ($delete == 1) {
$this->title = get_screen_title('DELETE_ZONE');
......@@ -255,9 +258,6 @@ class Module_admin_zones
*/
public function _editor()
{
require_code('input_filter_2');
modsecurity_workaround_enable();
$id = $this->id;
$nice_zone_name = $this->nice_zone_name;
......
......@@ -66,6 +66,8 @@ function fetch_more_fields()
var i,store;
for (i=0;i<form.elements.length;i++)
{
if (form.elements[i].name==='csrf_token') continue;
store=document.createElement('input');
store.setAttribute('type','hidden');
store.name=form.elements[i].name;
......
......@@ -26,14 +26,14 @@
<hr class="spaced_rule" />
<form title="{!SAVE}" action="{URL*}" method="post" target="_self" autocomplete="off" onsubmit="return modsecurity_workaround(this);">
<form title="{!SAVE}" action="{URL*}" method="post" target="_self" autocomplete="off">
{$INSERT_SPAMMER_BLACKHOLE}
<div id="edit_field_store" style="display: none">
</div>
<p class="proceed_button vertical_alignment">
<input class="button_screen buttons__save" type="button" value="{!SAVE}" onclick="fetch_more_fields(); this.form.submit();" /> <span class="associated_details">{!ZE_CLICK_TO_EDIT}</span>
<input class="button_screen buttons__save" type="button" value="{!SAVE}" onclick="fetch_more_fields(); modsecurity_workaround(this.form);" /> <span class="associated_details">{!ZE_CLICK_TO_EDIT}</span>
</p>
</form>
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment