[Koha-patches] [PATCH] Bug 8171 - Improper escaping of quotes during z39.50 queries leads to broken html
Owen Leonard
oleonard at myacpl.org
Mon Jun 4 21:24:48 CEST 2012
Implementing fix as suggested by Chris Cormack:
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8171#c4
---
.../prog/en/modules/cataloguing/z3950_search.tt | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/koha-tmpl/intranet-tmpl/prog/en/modules/cataloguing/z3950_search.tt b/koha-tmpl/intranet-tmpl/prog/en/modules/cataloguing/z3950_search.tt
index 3db24d3..ffd29d2 100644
--- a/koha-tmpl/intranet-tmpl/prog/en/modules/cataloguing/z3950_search.tt
+++ b/koha-tmpl/intranet-tmpl/prog/en/modules/cataloguing/z3950_search.tt
@@ -91,7 +91,7 @@ tr.selected { background-color : #FFFFCC; } tr.selected td { background-color :
<div class="yui-g">
<div class="yui-u first">
<fieldset class="rows">
- <ol><li><label for="title">Title: </label> <input type="text" id="title" name="title" value="[% title %]" /></li>
+ <ol><li><label for="title">Title: </label> <input type="text" id="title" name="title" value="[% title |html %]" /></li>
<li><label for="isbn">ISBN/ISSN: </label> <input type="text" id="isbn" name="isbn" value="[% isbn %]" /></li>
<li><label for="lccall">LC call number: </label> <input type="text" id="lccall" name="lccall" value="" /></li>
<li><label for="controlnumber">Control no.: </label> <input type="text" id="controlnumber" name="controlnumber" value="" /></li>
--
1.7.9.5
More information about the Koha-patches
mailing list