[Koha-bugs] [Bug 2600] HTML tags in titles not escaped in list of returned items

Wed May 20 18:29:34 CEST 2009

http://bugs.koha.org/cgi-bin/bugzilla3/show_bug.cgi?id=2600

Joe Atzberger <joe.atzberger at liblime.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |joe.atzberger at liblime.com

--- Comment #6 from Joe Atzberger <joe.atzberger at liblime.com>  2009-05-20 16:29:33 ---
I recommend search term highlighting be moved to an entirely jquery-based
model, so that we can maintain consistent expectations about HTML escaping of
TMPL_VAR's.  And of course this has already been done by others.

Examples:
http://weblogtoolscollection.com/archives/2009/04/10/how-to-highlight-search-terms-with-jquery/

http://devthought.com/blog/client-side/2009/04/javascript-regexp-based-highlighting-function-for-mootools-and-jquery/

So basically:

jQuery.fn.extend({ 
        highlight: function(search, insensitive, klass){
                var regex = new RegExp('(<[^>]*>)|(\\b'+
search.replace(/([-.*+?^${}()|[\]\/\\])/g,"\\$1") +')', insensitive ? 'ig' :
'g');
                return this.html(this.html().replace(regex, function(a, b, c){
                        return (a.charAt(0) == '<') ? a : '<strong class="'+
klass +'">' + c + '</strong>'; 
                }));
        }

});

-- 
Configure bugmail: http://bugs.koha.org/cgi-bin/bugzilla3/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.