catch misconfigured exports

[freeside.git] / httemplate / edit / part_export.cgi

diff --git a/httemplate/edit/part_export.cgi b/httemplate/edit/part_export.cgi
index 24d646b..b3d42bd 100644 (file)
--- a/httemplate/edit/part_export.cgi
+++ b/httemplate/edit/part_export.cgi
@@ -46,6 +46,8 @@ my $widget = new HTML::Widgets::SelectLayers(
 
     foreach my $option ( keys %{$exports->{$layer}{options}} ) {
       my $optinfo = $exports->{$layer}{options}{$option};
+      die "Retreived non-ref export info option from $layer export: $optinfo"
+        unless ref($optinfo);
       my $label = $optinfo->{label};
       my $type = defined($optinfo->{type}) ? $optinfo->{type} : 'text';
       my $value = $cgi->param($option)
@@ -67,10 +69,11 @@ my $widget = new HTML::Widgets::SelectLayers(
         }
         $html .= '</SELECT>';
       } elsif ( $type eq 'textarea' ) {
-        $html .= qq!<TEXTAREA NAME="$option" COLS=80 WRAP="virtual">!.
-                 qq!$value</TEXTAREA>!;
+        $html .= qq!<TEXTAREA NAME="$option" COLS=80 ROWS=8 WRAP="virtual">!.
+                 encode_entities($value). '</TEXTAREA>';
       } elsif ( $type eq 'text' ) {
-        $html .= qq!<INPUT TYPE="text" NAME="$option" VALUE="$value" SIZE=64>!;
+        $html .= qq!<INPUT TYPE="text" NAME="$option" VALUE="!.
+                 encode_entities($value). '" SIZE=64>';
       } elsif ( $type eq 'checkbox' ) {
         $html .= qq!<INPUT TYPE="checkbox" NAME="$option" VALUE="1"!;
         $html .= ' CHECKED' if $value;