[Koha-patches] [PATCH] Using "escape=html" on TMPL_VAR containing SQL to prevent HTML from breaking when SQL includes double-quotes.
Owen Leonard
oleonard at myacpl.org
Thu Feb 26 19:15:41 CET 2009
> Won't this make a statement like:
> ... where field > 1
>
> into:
> ... where field > 1
I've successfully tested it with both angle brackets and double quotes.
-- Owen
--
Web Developer
Athens County Public Libraries
http://www.myacpl.org
More information about the Koha-patches
mailing list