projects
/
freeside.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
RT 4.0.19
[freeside.git]
/
rt
/
share
/
html
/
Helpers
/
Toggle
/
ShowRequestor
diff --git
a/rt/share/html/Helpers/Toggle/ShowRequestor
b/rt/share/html/Helpers/Toggle/ShowRequestor
index
bb90b98
..
a2b3ed2
100644
(file)
--- a/
rt/share/html/Helpers/Toggle/ShowRequestor
+++ b/
rt/share/html/Helpers/Toggle/ShowRequestor
@@
-2,7
+2,7
@@
%#
%# COPYRIGHT:
%#
%#
%# COPYRIGHT:
%#
-%# This software is Copyright (c) 1996-201
2
Best Practical Solutions, LLC
+%# This software is Copyright (c) 1996-201
4
Best Practical Solutions, LLC
%# <sales@bestpractical.com>
%#
%# (Except where explicitly superseded by other copyright notices)
%# <sales@bestpractical.com>
%#
%# (Except where explicitly superseded by other copyright notices)
@@
-47,7
+47,9
@@
%# END BPS TAGGED BLOCK }}}
<%INIT>
my $TicketTemplate = "/Ticket/Elements/ShowRequestorTickets$Status";
%# END BPS TAGGED BLOCK }}}
<%INIT>
my $TicketTemplate = "/Ticket/Elements/ShowRequestorTickets$Status";
-$TicketTemplate = "/Ticket/Elements/ShowRequestorTicketsActive" unless $m->comp_exists($TicketTemplate);
+$TicketTemplate = "/Ticket/Elements/ShowRequestorTicketsActive"
+ unless RT::Interface::Web->ComponentPathIsSafe($TicketTemplate)
+ and $m->comp_exists($TicketTemplate);
my $user_obj = RT::User->new($session{CurrentUser});
my ($val, $msg) = $user_obj->Load($Requestor);
unless ($val) {
my $user_obj = RT::User->new($session{CurrentUser});
my ($val, $msg) = $user_obj->Load($Requestor);
unless ($val) {