X-Git-Url: http://git.freeside.biz/gitweb/?a=blobdiff_plain;f=httemplate%2Fbrowse%2Fpart_event.html;h=62e7ff0d91645584fd7fc894828b5494b4bccedd;hb=431c9ca4fab151862bd24322bf8a1f9252fb38fc;hp=c06a14fe7676cfde470d10ed602588ddc899fbbc;hpb=6f01c7cd5ed2945e9a999d8dd0ec5f27a26358b0;p=freeside.git

diff --git a/httemplate/browse/part_event.html b/httemplate/browse/part_event.html
index c06a14fe7..62e7ff0d9 100644
--- a/httemplate/browse/part_event.html
+++ b/httemplate/browse/part_event.html
@@ -47,7 +47,7 @@ my $event_sub = sub {
   my $onclick = include('/elements/popup_link_onclick.html',
     action      => $p.'view/part_event-targets.html?eventpart='.
                     $part_event->eventpart,
-    actionlabel => 'Event query - '.$part_event->event,
+    actionlabel => 'Event query', #no, XSS - '.$part_event->event,
     width       => 650,
     height      => 420,
     close_text  => 'Close',
@@ -55,14 +55,14 @@ my $event_sub = sub {
   [#rows
     [#subcolumns
       {
-        'data' => $part_event->event,
-        'link' => $p.'edit/part_event.html?'.$part_event->eventpart,
+        'data'       => encode_entities($part_event->event),
+        'link'       => $p.'edit/part_event.html?'.$part_event->eventpart,
       },
       {
-        'data' => ' (query) ',
-        'size' => '-1',
-        'data_style'  => 'b',
-        'onclick' => $onclick,
+        'data'       => '&nbsp;(query) ',
+        'size'       => '-1',
+        'data_style' => 'b',
+        'onclick'    => $onclick,
       },
     ],
   ];