RT# 74666 - fixed vulnerability by escaping quotation_description var

[freeside.git] / FS / FS / UI / Web.pm

diff --git a/FS/FS/UI/Web.pm b/FS/FS/UI/Web.pm
index 81c4c7b..6d6f7fb 100644 (file)
--- a/FS/FS/UI/Web.pm
+++ b/FS/FS/UI/Web.pm
@@ -346,6 +346,8 @@ sub cust_header {
     'Payment Type'             => 'cust_payby',
     'Current Balance'          => 'current_balance',
     'Agent Cust#'              => 'agent_custid',
+    'Agent'                    => 'agent_name',
+    'Agent Cust# or Cust#'     => 'display_custnum',
     'Advertising Source'       => 'referral',
   );
   $header2method{'Cust#'} = 'display_custnum'
@@ -451,6 +453,8 @@ sub cust_sql_fields {
     if grep { $_ eq 'cust_payby' } @cust_fields;
   push @fields, 'agent_custid';
 
+  push @fields, 'agentnum' if grep { $_ eq 'agent_name' } @cust_fields;
+
   my @extra_fields = ();
   if (grep { $_ eq 'current_balance' } @cust_fields) {
     push @extra_fields, FS::cust_main->balance_sql . " AS current_balance";