aboutsummaryrefslogtreecommitdiffstats
path: root/templates/web/base
diff options
context:
space:
mode:
Diffstat (limited to 'templates/web/base')
-rw-r--r--templates/web/base/admin/body-form.html2
-rw-r--r--templates/web/base/admin/body.html4
-rw-r--r--templates/web/base/admin/category_edit.html2
-rw-r--r--templates/web/base/admin/report_edit.html2
-rw-r--r--templates/web/base/admin/update_edit.html2
-rw-r--r--templates/web/base/admin/user-form.html2
-rw-r--r--templates/web/base/alert/_list.html3
-rw-r--r--templates/web/base/alert/updates.html1
-rwxr-xr-xtemplates/web/base/around/display_location.html9
-rw-r--r--templates/web/base/auth/change_password.html3
-rw-r--r--templates/web/base/auth/general.html11
-rw-r--r--templates/web/base/header_opengraph.html2
-rw-r--r--templates/web/base/report/_main.html1
-rw-r--r--templates/web/base/report/display_tools.html6
-rw-r--r--templates/web/base/report/new/fill_in_details.html5
-rw-r--r--templates/web/base/report/update-form.html1
-rw-r--r--templates/web/base/report/update.html1
-rw-r--r--templates/web/base/reports/_list-filters.html2
18 files changed, 37 insertions, 22 deletions
diff --git a/templates/web/base/admin/body-form.html b/templates/web/base/admin/body-form.html
index 7acfbfdd5..8c4956f7f 100644
--- a/templates/web/base/admin/body-form.html
+++ b/templates/web/base/admin/body-form.html
@@ -236,7 +236,7 @@
<p>
<input type="hidden" name="posted" value="body">
- <input type="hidden" name="token" value="[% token %]">
+ <input type="hidden" name="token" value="[% csrf_token %]">
<input type="submit" value="[% body ? loc('Update body') : loc('Add body') %]">
</p>
</form>
diff --git a/templates/web/base/admin/body.html b/templates/web/base/admin/body.html
index d5e575666..15802fc44 100644
--- a/templates/web/base/admin/body.html
+++ b/templates/web/base/admin/body.html
@@ -97,7 +97,7 @@
<p>
<input type="hidden" name="posted" value="update">
- <input type="hidden" name="token" value="[% token %]">
+ <input type="hidden" name="token" value="[% csrf_token %]">
<input type="submit" name="Update statuses" value="[% loc('Update statuses') %]">
</p>
</form>
@@ -202,7 +202,7 @@
<p>
<input type="hidden" name="posted" value="new" >
- <input type="hidden" name="token" value="[% token %]" >
+ <input type="hidden" name="token" value="[% csrf_token %]" >
<input type="submit" name="Create category" value="[% errors ? loc('Save changes') : loc('Create category') %]" >
</p>
diff --git a/templates/web/base/admin/category_edit.html b/templates/web/base/admin/category_edit.html
index c0bd43ef5..6537fe028 100644
--- a/templates/web/base/admin/category_edit.html
+++ b/templates/web/base/admin/category_edit.html
@@ -22,7 +22,7 @@
<form method="post" action="[% c.uri_for('body', body_id ) %]" enctype="application/x-www-form-urlencoded" accept-charset="utf-8">
<p><strong>[% loc('Category:') %] </strong>[% contact.category | html %]
<input type="hidden" name="category" value="[% contact.category | html %]" >
- <input type="hidden" name="token" value="[% token %]" >
+ <input type="hidden" name="token" value="[% csrf_token %]" >
[% IF contact.extra %]
<p><strong>[% loc('Extra data:') %] </strong>
[% USE Dumper %]
diff --git a/templates/web/base/admin/report_edit.html b/templates/web/base/admin/report_edit.html
index c0cdead84..065c6c2ce 100644
--- a/templates/web/base/admin/report_edit.html
+++ b/templates/web/base/admin/report_edit.html
@@ -4,7 +4,7 @@
[% status_message %]
<form method="post" action="[% c.uri_for( 'report_edit', problem.id ) %]" enctype="application/x-www-form-urlencoded" accept-charset="utf-8">
- <input type="hidden" name="token" value="[% token %]" >
+ <input type="hidden" name="token" value="[% csrf_token %]" >
<input type="hidden" name="submit" value="1" >
<ul>
[%- cobrand_data = problem.cobrand_data;
diff --git a/templates/web/base/admin/update_edit.html b/templates/web/base/admin/update_edit.html
index a956bb2cb..06bee6010 100644
--- a/templates/web/base/admin/update_edit.html
+++ b/templates/web/base/admin/update_edit.html
@@ -4,7 +4,7 @@
[% status_message %]
<form method="post" action="[% c.uri_for( 'update_edit', update.id ) %]" enctype="application/x-www-form-urlencoded" accept-charset="utf-8">
- <input type="hidden" name="token" value="[% token %]" >
+ <input type="hidden" name="token" value="[% csrf_token %]" >
<input type="hidden" name="submit" value="1" >
<ul>
[%- cobrand_data = update.cobrand_data;
diff --git a/templates/web/base/admin/user-form.html b/templates/web/base/admin/user-form.html
index 3956e8533..b863bf96a 100644
--- a/templates/web/base/admin/user-form.html
+++ b/templates/web/base/admin/user-form.html
@@ -1,5 +1,5 @@
<form method="post" action="[% c.uri_for( 'user_edit', user.id ) %]" enctype="application/x-www-form-urlencoded" accept-charset="utf-8">
- <input type="hidden" name="token" value="[% token %]" >
+ <input type="hidden" name="token" value="[% csrf_token %]" >
<input type="hidden" name="submit" value="1" >
[% IF c.cobrand.moniker == 'zurich' AND field_errors.email %]
diff --git a/templates/web/base/alert/_list.html b/templates/web/base/alert/_list.html
index 395948248..f94ce84f8 100644
--- a/templates/web/base/alert/_list.html
+++ b/templates/web/base/alert/_list.html
@@ -1,3 +1,4 @@
+ <input type="hidden" name="token" value="[% csrf_token %]">
<input type="hidden" name="type" value="local">
<input type="hidden" name="pc" value="[% pc | html %]">
<input type="hidden" name="latitude" value="[% latitude | html %]">
@@ -19,7 +20,7 @@
<p id="rss_local">
<input type="radio" name="feed" id="[% rss_feed_id %]" value="[% rss_feed_id %]"[% IF rss_feed_id == selected_feed || selected_feed == '' %] checked[% END %]>
<label class="inline" for="[% rss_feed_id %]">[% tprintf( loc('Problems within %.1fkm of this location'), population_radius ) %]</label>
- <a href='[% rss_feed_uri %]'><img src='/i/feed.png' width='16' height='16' title='[% loc('RSS feed of nearby problems') %]' alt='[% loc('RSS feed') %]' border='0'></a>
+ <a href="[% rss_feed_uri %]"><img src='/i/feed.png' width='16' height='16' title='[% loc('RSS feed of nearby problems') %]' alt='[% loc('RSS feed') %]' border='0'></a>
<br />
[% loc('(a default distance which covers roughly 200,000 people)') %]
</p>
diff --git a/templates/web/base/alert/updates.html b/templates/web/base/alert/updates.html
index 104bfa55a..ecaed37ca 100644
--- a/templates/web/base/alert/updates.html
+++ b/templates/web/base/alert/updates.html
@@ -23,6 +23,7 @@
<input class="green-btn" type="submit" value="[% loc('Subscribe') %]">
</div>
+ <input type="hidden" name="token" value="[% csrf_token %]">
<input type="hidden" name="id" value="[% problem_id | html %]">
<input type="hidden" name="type" value="updates">
</fieldset>
diff --git a/templates/web/base/around/display_location.html b/templates/web/base/around/display_location.html
index 7bf62e528..b2e578d3f 100755
--- a/templates/web/base/around/display_location.html
+++ b/templates/web/base/around/display_location.html
@@ -40,6 +40,7 @@
[% IF allow_creation %]
<form action="[% c.uri_for('/report/new') %]" method="post" name="mapForm" id="mapForm" enctype="multipart/form-data" class="validate" novalidate>
+ <input type="hidden" name="token" value="[% csrf_token %]">
[% IF c.req.params.map_override %]
<input type="hidden" name="map_override" value="[% c.req.params.map_override | html %]">
[% END %]
@@ -54,16 +55,16 @@
<p id='sub_map_links'>
[% map_sub_links %]
[% IF c.req.params.no_pins %]
- <a id='hide_pins_link' rel='nofollow' href='[% c.uri_with( { no_pins => 0 } ) %]'>[% loc('Show pins') %]</a>
+ <a id='hide_pins_link' rel='nofollow' href="[% c.uri_with( { no_pins => 0 } ) %]">[% loc('Show pins') %]</a>
[% ELSE %]
- <a id='hide_pins_link' rel='nofollow' href='[% c.uri_with( { no_pins => 1 } ) %]'>[% loc('Hide pins') %]</a>
+ <a id='hide_pins_link' rel='nofollow' href="[% c.uri_with( { no_pins => 1 } ) %]">[% loc('Hide pins') %]</a>
[% END %]
[% IF c.cobrand.country == 'GB' || c.cobrand.country == 'NO' %]
<span class="hidden">|</span>
[% IF c.req.params.all_pins %]
- <a id='all_pins_link' rel='nofollow' href='[% c.uri_with( { no_pins => undef, all_pins => undef } ) %]'>[% loc('Hide old') %]</a>
+ <a id='all_pins_link' rel='nofollow' href="[% c.uri_with( { no_pins => undef, all_pins => undef } ) %]">[% loc('Hide old') %]</a>
[% ELSE %]
- <a id='all_pins_link' rel='nofollow' href='[% c.uri_with( { no_pins => undef, all_pins => 1 } ) %]'>[% loc('Show old') %]</a>
+ <a id='all_pins_link' rel='nofollow' href="[% c.uri_with( { no_pins => undef, all_pins => 1 } ) %]">[% loc('Show old') %]</a>
[% END %]
[% END %]
</p>
diff --git a/templates/web/base/auth/change_password.html b/templates/web/base/auth/change_password.html
index b4170c23e..be0dc69b4 100644
--- a/templates/web/base/auth/change_password.html
+++ b/templates/web/base/auth/change_password.html
@@ -3,11 +3,12 @@
<h1>[% loc('Change password') %]</h1>
[% IF password_changed %]
- <p id="fixed">[% loc('Your password has been changed') %]</p>
+ <p class="form-success">[% loc('Your password has been changed') %]</p>
[% END %]
<form action="[% c.uri_for('change_password') %]" method="post" name="change_password" class="fieldset">
+ <input type="hidden" name="token" value="[% csrf_token %]">
[% IF password_error;
diff --git a/templates/web/base/auth/general.html b/templates/web/base/auth/general.html
index 253dc26a1..a8bf8f1e0 100644
--- a/templates/web/base/auth/general.html
+++ b/templates/web/base/auth/general.html
@@ -86,8 +86,15 @@
<input class="green-btn" type="submit" name="sign_in" value="[% loc('Sign in') %]">
</div>
- <input type="checkbox" id="remember_me" name="remember_me" value='1'[% ' checked' IF remember_me %]>
- <label class="inline n" for="remember_me">[% loc('Keep me signed in on this computer') %]</label>
+ <div class="checkbox-group">
+ <input type="checkbox" id="remember_me" name="remember_me" value='1'[% ' checked' IF remember_me %]>
+ <label class="inline n" for="remember_me">[% loc('Keep me signed in on this computer') %]</label>
+ </div>
+
+ <div class="general-notes">
+ <p><strong>[% loc('Forgotten your password?') %]</strong>
+ [% loc('Sign in by email instead, providing a new password. When you click the link in your email, your password will be updated.') %]</p>
+ </div>
</div>
[% END %]
diff --git a/templates/web/base/header_opengraph.html b/templates/web/base/header_opengraph.html
index f728d083f..6b2c8ff46 100644
--- a/templates/web/base/header_opengraph.html
+++ b/templates/web/base/header_opengraph.html
@@ -1,5 +1,5 @@
<meta property="og:url" content="[% c.cobrand.base_url %][% c.req.uri.path %]">
- <meta property="og:title" content="[% title || site_name %]">
+ <meta property="og:title" content="[% title || site_name | html %]">
<meta property="og:site_name" content="[% site_name %]">
[% IF c.req.uri.path == '/' %]<meta property="og:description" content="Report, view, and discuss local street-related problems.">[% END %]
<meta property="og:type" content="website">
diff --git a/templates/web/base/report/_main.html b/templates/web/base/report/_main.html
index aaa167108..4821b3fa0 100644
--- a/templates/web/base/report/_main.html
+++ b/templates/web/base/report/_main.html
@@ -5,6 +5,7 @@
[% IF moderating %]
[% original = problem_original %]
<form method="post" action="/moderate/report/[% problem.id %]">
+ <input type="hidden" name="token" value="[% csrf_token %]">
<p class="moderate-display">
<input type="button" class="btn moderate" value="moderate">
</p>
diff --git a/templates/web/base/report/display_tools.html b/templates/web/base/report/display_tools.html
index 004ae29e5..58e450c84 100644
--- a/templates/web/base/report/display_tools.html
+++ b/templates/web/base/report/display_tools.html
@@ -2,6 +2,7 @@
<ul id="key-tools">
[% IF c.user_exists AND c.cobrand.users_can_hide AND c.user.belongs_to_body( c.cobrand.council_id ) %]
<li><form method="post" action="/report/delete/[% problem.id %]" id="remove-from-site-form">
+ <input type="hidden" name="token" value="[% csrf_token %]">
<input type="submit" id="key-tool-report-abuse" class="abuse" value="Remove from site">
</form></li>
[% ELSIF c.cobrand.moniker != 'zurich' %]
@@ -30,16 +31,17 @@
<div id="report-updates-data" class="hidden-js">
<form action="[% c.uri_for( '/alert/subscribe' ) %]" method="post">
- <a href="[% c.uri_for( '/rss', problem.id ) %]">
+ <p><a href="[% c.uri_for( '/rss', problem.id ) %]">
<img src="/i/feed.png" width="16" height="16" title="[% loc('RSS feed') %]" alt="[% loc('RSS feed of updates to this problem' ) %]" border="0">
</a>
- <p>[% loc('Receive email when updates are left on this problem.' ) %]</p>
+ [% loc('Receive email when updates are left on this problem.' ) %]</p>
<fieldset>
<label class="hidden n" for="alert_rznvy">[% loc('Your email') %]</label>
<div class="form-txt-submit-box">
<input type="email" name="rznvy" id="alert_rznvy" value="[% email | html %]" size="30" placeholder="[% loc('Your email') %]">
<input class="green-btn" type="submit" value="[% loc('Subscribe') %]">
</div>
+ <input type="hidden" name="token" value="[% csrf_token %]">
<input type="hidden" name="id" value="[% problem.id %]">
<input type="hidden" name="type" value="updates">
</fieldset>
diff --git a/templates/web/base/report/new/fill_in_details.html b/templates/web/base/report/new/fill_in_details.html
index 55b3a5207..d7e2f1d3a 100644
--- a/templates/web/base/report/new/fill_in_details.html
+++ b/templates/web/base/report/new/fill_in_details.html
@@ -12,16 +12,15 @@
<input type="hidden" name="map_override" value="[% c.req.params.map_override | html %]">
[% END %]
- <input type="hidden" name="pc" value="[% pc | html %]">
-
[% ELSE %]
<form action="[% c.uri_for('/report/new') %]" method="post" name="mapSkippedForm"[% IF c.cobrand.allow_photo_upload %] enctype="multipart/form-data"[% END %] class="validate">
- <input type="hidden" name="pc" value="[% pc | html %]">
<input type="hidden" name="skipped" value="1">
[% END %]
+ <input type="hidden" name="token" value="[% csrf_token %]">
+ <input type="hidden" name="pc" value="[% pc | html %]">
<input type="hidden" name="latitude" id="fixmystreet.latitude" value="[% latitude | html %]">
<input type="hidden" name="longitude" id="fixmystreet.longitude" value="[% longitude | html %]">
diff --git a/templates/web/base/report/update-form.html b/templates/web/base/report/update-form.html
index f6ce265bf..97e0df779 100644
--- a/templates/web/base/report/update-form.html
+++ b/templates/web/base/report/update-form.html
@@ -15,6 +15,7 @@
[% INCLUDE 'errors.html' %]
<form method="post" action="[% c.uri_for( '/report/update' ) %]" id="form_update_form" name="updateForm" class="validate"[% IF c.cobrand.allow_photo_upload %] enctype="multipart/form-data"[% END %]>
+ <input type="hidden" name="token" value="[% csrf_token %]">
<fieldset>
[% IF NOT login_success AND NOT oauth_need_email %]
[% INCLUDE 'report/update/form_update.html' %]
diff --git a/templates/web/base/report/update.html b/templates/web/base/report/update.html
index a09913d39..aaad33b7a 100644
--- a/templates/web/base/report/update.html
+++ b/templates/web/base/report/update.html
@@ -8,6 +8,7 @@
<li class="item-list__item item-list__item--updates">
[% IF moderating; original_update = update.moderation_original_data %]
<form method="post" action="/moderate/report/[% problem.id %]/update/[% update.id %]">
+ <input type="hidden" name="token" value="[% csrf_token %]">
<input type="button" class="btn moderate moderate-display" value="moderate">
<div class="moderate-edit">
<input type="checkbox" class="hide-document" name="update_hide">
diff --git a/templates/web/base/reports/_list-filters.html b/templates/web/base/reports/_list-filters.html
index 4dd270dc6..d6f091aaa 100644
--- a/templates/web/base/reports/_list-filters.html
+++ b/templates/web/base/reports/_list-filters.html
@@ -25,7 +25,7 @@
<p class="report-list-filters">
[% tprintf(loc('<label>Show %s</label> <label>about %s</label>', 'The first %s is a dropdown of all/fixed/etc, the second is a dropdown of categories'), select_status, select_category) %]
- <input type="submit" value="[% loc('Go') %]">
+ <input type="submit" name="filter_update" value="[% loc('Go') %]">
</p>
[% IF use_section_wrapper %]
generated by cgit v1.2.3 (git 2.25.1) at 2025-04-26 10:34:02 +0000