fix XSS

author: Ivan Kohler <ivan@freeside.biz> 2013-06-01 02:26:16 -0700
committer: Ivan Kohler <ivan@freeside.biz> 2013-06-01 02:26:16 -0700
commit: 169aa0275e0fda1e3c8dc459091cc16d403f72b4 (patch)
tree: 767551502725074f7f755f8a279fe031cb34fce2 /httemplate/edit/cust_pkg.cgi
parent: 5c70d9af4f7b07ccd9b67c203abd23f25218293e (diff)
1 files changed, 3 insertions, 3 deletions
diff --git a/httemplate/edit/cust_pkg.cgi b/httemplate/edit/cust_pkg.cgi
index 88e925460..d86049940 100755
--- a/httemplate/edit/cust_pkg.cgi
+++ b/httemplate/edit/cust_pkg.cgi
@@ -27,13 +27,13 @@
     <TR>
       <TD><INPUT TYPE="checkbox" NAME="remove_pkg" VALUE="<% $pkgnum %>"<% $checked %>></TD>
       <TD ALIGN="right"><% $pkgnum %>:</TD>
-      <TD><% $all_pkg{$pkgpart} %> - <% $all_comment{$pkgpart} %></TD>
+      <TD><% $all_pkg{$pkgpart} |h %> - <% $all_comment{$pkgpart} |h %></TD>
     </TR>
 %   foreach my $supp_pkg ( @{ $supp_pkgs_of{$pkgnum} } ) {
     <TR>
       <TD></TD>
       <TD></TD>
-      <TD>+ <% $all_pkg{$supp_pkg->pkgpart} %> - <% $all_comment{$supp_pkg->pkgpart} %></TD>
+      <TD>+ <% $all_pkg{$supp_pkg->pkgpart} |h %> - <% $all_comment{$supp_pkg->pkgpart} |h %></TD>
     </TR>
 %   }
 % } 
@@ -79,7 +79,7 @@ Order new packages
       <INPUT TYPE="text" NAME="<% "pkg$pkgpart" %>" VALUE="<% $value %>" SIZE="2" MAXLENGTH="2">
     </TD>
     <TD ALIGN="right"><% $pkgpart %>:</TD>
-    <TD><% $pkg{$pkgpart} %> - <% $comment{$pkgpart}%></TD>
+    <TD><% $pkg{$pkgpart} |h %> - <% $comment{$pkgpart} |h %></TD>
   </TR>
 %
 %  $count ++ ;
author	Ivan Kohler <ivan@freeside.biz>	2013-06-01 02:26:16 -0700
committer	Ivan Kohler <ivan@freeside.biz>	2013-06-01 02:26:16 -0700
commit	169aa0275e0fda1e3c8dc459091cc16d403f72b4 (patch)
tree	767551502725074f7f755f8a279fe031cb34fce2 /httemplate/edit/cust_pkg.cgi
parent	5c70d9af4f7b07ccd9b67c203abd23f25218293e (diff)