projects
/
freeside.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
fix XSS
[freeside.git]
/
FS
/
FS
/
UI
/
Web.pm
diff --git
a/FS/FS/UI/Web.pm
b/FS/FS/UI/Web.pm
index
40abdc4
..
c2ea0a6
100644
(file)
--- a/
FS/FS/UI/Web.pm
+++ b/
FS/FS/UI/Web.pm
@@
-3,7
+3,8
@@
package FS::UI::Web;
use strict;
use vars qw($DEBUG @ISA @EXPORT_OK $me);
use Exporter;
use strict;
use vars qw($DEBUG @ISA @EXPORT_OK $me);
use Exporter;
-use Carp qw( confess );;
+use Carp qw( confess );
+use HTML::Entities;
use FS::Conf;
use FS::Misc::DateTime qw( parse_datetime );
use FS::Record qw(dbdef);
use FS::Conf;
use FS::Misc::DateTime qw( parse_datetime );
use FS::Record qw(dbdef);
@@
-383,7
+384,7
@@
sub cust_fields {
map {
if ( $record->custnum ) {
warn " $record -> $_" if $DEBUG > 1;
map {
if ( $record->custnum ) {
warn " $record -> $_" if $DEBUG > 1;
-
$record->$_(@_
);
+
encode_entities( $record->$_(@_)
);
} else {
warn " ($record unlinked)" if $DEBUG > 1;
$seen_unlinked++ ? '' : '(unlinked)';
} else {
warn " ($record unlinked)" if $DEBUG > 1;
$seen_unlinked++ ? '' : '(unlinked)';
@@
-655,7
+656,9
@@
sub job_status {
}
#to_json(\@return); #waiting on deb 5.0 for new JSON.pm?
}
#to_json(\@return); #waiting on deb 5.0 for new JSON.pm?
- objToJson(\@return);
+ #silence the warning though
+ my $to_json = JSON->can('to_json') || JSON->can('objToJson');
+ &$to_json(\@return);
}
}