Fix for sitebug #150 (security relevant)The login widget at the navbar contained in its query variablethe password of a user in plain text (e.g. when the user hasmistyped the password, but as well on other error conditions).Now, the password is filterer in the return_url in such cases.Many thanks to Khy H for reporting this bug.For details, seehttps://openacs.org//bugtracker/openacs.org/bug?bug_number=150
Reimplement the news admin index page to use the template system and behave consistently with the rest of the graphicsOne reason to have custom markup here was the bulk-actions pointing to the same URL differentiated only via URL parameters. This limitation has been overcome in the previous commit.
template::list bulk-actions feature:allow to have URL parameters specified in the bulk-action URL, so that the same URL can be used to serve multiple bulk actions differentiated via different flags. The URL parameters override completely every attribute with the same name specified on the form.
Modernize JavaScript: - Be specific about the scope and lifetime of variables via const and let - Always prefer "for" loops to iterators - Cleanup obsolete wrappers - Use single and double quotes consistently - Use the equals operator consistently
