Difference between revisions of "PreventDoubleUpdate"

From Request Tracker Wiki
Jump to navigation Jump to search
 
m (3 revisions imported)
 
(One intermediate revision by the same user not shown)
Line 1: Line 1:
Occasionally if the server is slow, a user will click the "Update Ticket" button multiple times. This will result in multiple transactions. I prevent this using Javascript. Note that this hack is only to prevent an RT user from mistakenly posting several responses. It will not prevent a malicious user from making multiple updates. This has been tested with RT 3.8.8 in Firefox 3, Google Chrome 8, and Internet Explorer 8.
Occasionally if the server is slow, a user will click the "Update Ticket" button multiple times. This will result in multiple transactions. I prevent this using some Javascript code (adapted from code in an article at [http://www.netlobo.com/disable_form_buttons.html Netlobo.com]). Note that this hack is only to prevent an RT user from mistakenly posting several responses. It will not prevent a malicious user from making multiple updates. This has been tested with RT 3.8.8 in Firefox 3, Google Chrome 8, and Internet Explorer 8.


Create a javascript file called [local]/html/NoAuth/js/disableSubmit.js with the following:
Create a javascript file called [local]/html/NoAuth/js/disableSubmit.js with the following:
Line 17: Line 17:
Add the bolded line to your [local]/html/Elements/HeaderJavascript file:
Add the bolded line to your [local]/html/Elements/HeaderJavascript file:
  <script type="text/javascript" src="<%RT->Config->Get('WebPath')%>/NoAuth/js/scriptaculous/scriptaculous.js?load=effects,controls"></script>
  <script type="text/javascript" src="<%RT->Config->Get('WebPath')%>/NoAuth/js/scriptaculous/scriptaculous.js?load=effects,controls"></script>
  '''<script type="text/javascript" src="<%RT->Config->Get('WebPath')%>/NoAuth/js/disableSubmit.js"></script>
  '''''<script type="text/javascript" src="<%RT->Config->Get('WebPath')%>/NoAuth/js/disableSubmit.js"></script>'''''
'''
  % if ( RT->Config->Get('MessageBoxRichText',  $session{'CurrentUser'}) ) {
  % if ( RT->Config->Get('MessageBoxRichText',  $session{'CurrentUser'}) ) {


Line 25: Line 25:


Modify the line in [local]/html/Ticket/Update.html. Original text:
Modify the line in [local]/html/Ticket/Update.html. Original text:
  '''<& /Elements/Submit, Label => loc('Update Ticket'), Name => 'SubmitTicket' &>'''
  '''''<& /Elements/Submit, Label => loc('Update Ticket'), Name => 'SubmitTicket' &>'''''
  % if ($TicketObj->CurrentUserHasRight('ShowOutgoingEmail')) {
  % if ($TicketObj->CurrentUserHasRight('ShowOutgoingEmail')) {
  <&|/Widgets/TitleBox, title => loc('Scrips and Recipients') &>
  <&|/Widgets/TitleBox, title => loc('Scrips and Recipients') &>
Line 31: Line 31:
  </&>
  </&>
Change to the following:
Change to the following:
  '''<& /Elements/Submit, Label => loc('Update Ticket'), Name => 'SubmitTicket', OnClick => "javascript:disableSubmit('mFormSubmit')", id => 'mFormSubmit' &>'''
  '''''<& /Elements/Submit, Label => loc('Update Ticket'), Name => 'SubmitTicket', OnClick => "javascript:disableSubmit('mFormSubmit')", id => 'mFormSubmit' &>'''''
  % if ($TicketObj->CurrentUserHasRight('ShowOutgoingEmail')) {
  % if ($TicketObj->CurrentUserHasRight('ShowOutgoingEmail')) {
  <&|/Widgets/TitleBox, title => loc('Scrips and Recipients') &>
  <&|/Widgets/TitleBox, title => loc('Scrips and Recipients') &>

Latest revision as of 16:20, 6 April 2016

Occasionally if the server is slow, a user will click the "Update Ticket" button multiple times. This will result in multiple transactions. I prevent this using some Javascript code (adapted from code in an article at Netlobo.com). Note that this hack is only to prevent an RT user from mistakenly posting several responses. It will not prevent a malicious user from making multiple updates. This has been tested with RT 3.8.8 in Firefox 3, Google Chrome 8, and Internet Explorer 8.

Create a javascript file called [local]/html/NoAuth/js/disableSubmit.js with the following:

function disableSubmit(whichButton)
{
    if (document.getElementById)
    {
        // this is the way the standards work
        document.getElementById(whichButton).style.visibility = 'hidden';
    }
    // else, old browser.
}



Add the bolded line to your [local]/html/Elements/HeaderJavascript file:




% if ( RT->Config->Get('MessageBoxRichText',  $session{'CurrentUser'}) ) {



Modify the line in [local]/html/Ticket/Update.html. Original text:

<& /Elements/Submit, Label => loc('Update Ticket'), Name => 'SubmitTicket' &>
% if ($TicketObj->CurrentUserHasRight('ShowOutgoingEmail')) {
<&|/Widgets/TitleBox, title => loc('Scrips and Recipients') &>
<& /Ticket/Elements/PreviewScrips, TicketObj => $TicketObj, %ARGS &>

Change to the following:

<& /Elements/Submit, Label => loc('Update Ticket'), Name => 'SubmitTicket', OnClick => "javascript:disableSubmit('mFormSubmit')", id => 'mFormSubmit' &>
% if ($TicketObj->CurrentUserHasRight('ShowOutgoingEmail')) {
<&|/Widgets/TitleBox, title => loc('Scrips and Recipients') &>
<& /Ticket/Elements/PreviewScrips, TicketObj => $TicketObj, %ARGS &>



Now (after restarting the http server), clicking the "Update Ticket" button should cause the button to disappear and the ticket to update.