+[% USE raw %]
[% USE Koha %]
[% USE Asset %]
[% SET footerjs = 1 %]
<h1>API keys for [% INCLUDE 'patron-title.inc' %]</h1>
<form id="add-api-key" action="/cgi-bin/koha/members/apikeys.pl" method="post" style="display:none">
- <input type="hidden" name="patron_id" value="[% patron.id %]" />
- <input type="hidden" name="csrf_token" value="[% csrf_token %]" />
+ <input type="hidden" name="patron_id" value="[% patron.id | html %]" />
+ <input type="hidden" name="csrf_token" value="[% csrf_token | html %]" />
<input type="hidden" name="op" value="generate" />
<fieldset class="brief">
<legend>Generate new client id/secret pair</legend>
<tbody>
[% FOREACH key IN api_keys %]
<tr>
- <td>[% key.description %]</td>
- <td>[% key.client_id %]</td>
- <td>[% key.secret %]</td>
+ <td>[% key.description | html %]</td>
+ <td>[% key.client_id | html %]</td>
+ <td>[% key.secret | html %]</td>
<td>[% IF key.active %]Yes[% ELSE %]No[% END %]</td>
<td>
<form action="/cgi-bin/koha/members/apikeys.pl" method="post">
- <input type="hidden" name="patron_id" value="[% patron.id %]" />
- <input type="hidden" name="key" value="[% key.id %]" />
- <input type="hidden" name="csrf_token" value="[% csrf_token %]" />
+ <input type="hidden" name="patron_id" value="[% patron.id | html %]" />
+ <input type="hidden" name="key" value="[% key.id | html %]" />
+ <input type="hidden" name="csrf_token" value="[% csrf_token | html %]" />
<input type="hidden" name="op" value="delete" />
<button class="btn btn-default btn-xs delete" type="submit"><i class="fa fa-trash"></i> Delete</button>
</form>
<form action="/cgi-bin/koha/members/apikeys.pl" method="post">
- <input type="hidden" name="patron_id" value="[% patron.id %]" />
- <input type="hidden" name="key" value="[% key.id %]" />
- <input type="hidden" name="csrf_token" value="[% csrf_token %]" />
+ <input type="hidden" name="patron_id" value="[% patron.id | html %]" />
+ <input type="hidden" name="key" value="[% key.id | html %]" />
+ <input type="hidden" name="csrf_token" value="[% csrf_token | html %]" />
[% IF key.active %]
<input type="hidden" name="op" value="revoke" />
<button class="btn btn-default btn-xs" type="submit"><i class="fa fa-remove"></i> Revoke</button>
[% MACRO jsinclude BLOCK %]
[% INCLUDE 'str/members-menu.inc' %]
- [% Asset.js("js/members-menu.js") %]
+ [% Asset.js("js/members-menu.js") | $raw %]
<script>
$(document).ready(function(){
$(".delete").on("click", function(e){