AS1024/Kanboard-Prod
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Do not expose IDs in forms

Browse Source
This commit is contained in:
Frederic Guillot
2017-09-23 20:56:54 -07:00
parent 074f6c104f
commit 3e0f14ae2b
20 changed files with 112 additions and 120 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
app/Template/subtask/edit.php
View File

@@ -4,8 +4,6 @@
<form method="post" action="<?= $this->url->href('SubtaskController', 'update', array('task_id' => $task['id'], 'project_id' => $task['project_id'], 'subtask_id' => $subtask['id'])) ?>" autocomplete="off">
<?= $this->form->csrf() ?>
<?= $this->form->hidden('id', $values) ?>
<?= $this->form->hidden('task_id', $values) ?>
<?= $this->subtask->renderTitleField($values, $errors, array('autofocus')) ?>
<?= $this->subtask->renderAssigneeField($users_list, $values, $errors) ?>