1 | <dtml-var manage_page_header> |
---|
2 | <dtml-var manage_tabs> |
---|
3 | |
---|
4 | <p>This is a simple tool for purging members who have uploaded non-image files |
---|
5 | as their member portraits in an attempted cross site scripting attack. The |
---|
6 | issue which allowed such portraits to be uploaded has been resolved, and this |
---|
7 | tool will remove any existing bad portraits and give you the option of removing |
---|
8 | the members to whom those portraits belonged. |
---|
9 | </p> |
---|
10 | |
---|
11 | <hr /> |
---|
12 | <dtml-if search_for_bad_members> |
---|
13 | <dtml-let ids="getBadMembers()"> |
---|
14 | <dtml-if ids> |
---|
15 | <p>Found <dtml-var "len(ids)"> bad member portraits and removed them. |
---|
16 | You may optionally delete these members as well using the form below. |
---|
17 | </p> |
---|
18 | <form name="purge_bad_members" |
---|
19 | method="POST" |
---|
20 | action="manage_portrait_fix"> |
---|
21 | <ul> |
---|
22 | <dtml-in ids> |
---|
23 | <li><dtml-var sequence-item></li> |
---|
24 | <input type="hidden" |
---|
25 | name="member_ids:list" |
---|
26 | value="&dtml-sequence-item;"/> |
---|
27 | </dtml-in> |
---|
28 | </ul> |
---|
29 | <input type="checkbox" |
---|
30 | name="delete_memberareas:bool" |
---|
31 | checked="true">Delete member areas |
---|
32 | <br /> |
---|
33 | <input type="submit" |
---|
34 | name="purge_bad_members" |
---|
35 | value="Remove These Members" /> |
---|
36 | </form> |
---|
37 | <dtml-else> |
---|
38 | <p>No bad members found</p> |
---|
39 | </dtml-if> |
---|
40 | </dtml-let> |
---|
41 | <dtml-elif purge_bad_members> |
---|
42 | |
---|
43 | <dtml-let deleted="deleteMembers(member_ids, REQUEST.get('delete_memberareas', False))"> |
---|
44 | <dtml-call "portal_memberdata.pruneMemberDataContents()"> |
---|
45 | <p>Deleted <dtml-var "len(deleted)"> bad members</p> |
---|
46 | </dtml-let> |
---|
47 | <dtml-else> |
---|
48 | <form name="get_bad_members" |
---|
49 | method="POST" |
---|
50 | action="manage_portrait_fix"> |
---|
51 | |
---|
52 | <input type="submit" name="search_for_bad_members" |
---|
53 | value="Remove Bad Portraits" /> |
---|
54 | </form> |
---|
55 | </dtml-if> |
---|