[Koha-patches] [PATCH] Bug 8973 [3.6.x] HTML and URL escape missing in OPAC templates

Owen Leonard oleonard at myacpl.org
Mon Nov 19 14:54:28 CET 2012 

Adding HTML filter to some template variables which require them.
This patch is for 3.6.x, based on Fridolyn SOMERS patch for master.
---
 koha-tmpl/opac-tmpl/prog/en/modules/opac-review.tt |    4 ++--
 .../opac-tmpl/prog/en/modules/opac-suggestions.tt  |    2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/koha-tmpl/opac-tmpl/prog/en/modules/opac-review.tt b/koha-tmpl/opac-tmpl/prog/en/modules/opac-review.tt
index 92bdc87..33038df 100644
--- a/koha-tmpl/opac-tmpl/prog/en/modules/opac-review.tt
+++ b/koha-tmpl/opac-tmpl/prog/en/modules/opac-review.tt
@@ -1,4 +1,4 @@
-[% INCLUDE 'doc-head-open.inc' %][% LibraryNameTitle or "Koha online" %] catalog › Comments on [% title %]
+[% INCLUDE 'doc-head-open.inc' %][% LibraryNameTitle or "Koha online" %] catalog › Comments on [% title |html %]
 [% INCLUDE 'doc-head-close.inc' %]
 <style type="text/css">
   #custom-doc { width:37.08em;*width:36.16em;min-width:485px; margin:1em auto; text-align:left; }
@@ -68,7 +68,7 @@
 <form id="reviewf" action="/cgi-bin/koha/opac-review.pl[% IF ( cgi_debug ) %]?debug=1[% END %]" method="post">
     <input type="hidden" name="biblionumber" value="[% biblionumber | html%]" />
 	<fieldset class="brief">
-	<legend>Comments on <i>[% title |html %] [% subtitle %]</i>[% IF ( author ) %]by [% author %][% END %]</legend>
+    <legend>Comments on <i>[% title |html %] [% subtitle |html %]</i>[% IF ( author ) %]by [% author |html %][% END %]</legend>
             <ol><li><textarea id="review" name="review" cols="60" rows="8">[% review %]</textarea></li></ol>
 		</fieldset>
     <p>Note: Your comment must be approved by a librarian. </p>
diff --git a/koha-tmpl/opac-tmpl/prog/en/modules/opac-suggestions.tt b/koha-tmpl/opac-tmpl/prog/en/modules/opac-suggestions.tt
index 193836d..a782a3c 100644
--- a/koha-tmpl/opac-tmpl/prog/en/modules/opac-suggestions.tt
+++ b/koha-tmpl/opac-tmpl/prog/en/modules/opac-suggestions.tt
@@ -129,7 +129,7 @@ $.tablesorter.addParser({
                     Search for:
                 </th>
                 <td>
-                    <input type="text" name="title" value="[% title %]" />
+                    <input type="text" name="title" value="[% title |html %]" />
                 </td>
                 <th>
                 Suggested by:
-- 
1.7.9.5

More information about the Koha-patches mailing list