projects
/
freeside.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
b3cc8eb
)
RT# 31964 Fix XSS
author
Mitch Jackson
<mitch@freeside.biz>
Sat, 27 Oct 2018 17:01:54 +0000
(13:01 -0400)
committer
Mitch Jackson
<mitch@freeside.biz>
Sat, 27 Oct 2018 17:01:54 +0000
(13:01 -0400)
httemplate/view/prospect_main.html
patch
|
blob
|
history
diff --git
a/httemplate/view/prospect_main.html
b/httemplate/view/prospect_main.html
index
504a5a8
..
d6bcbe7
100644
(file)
--- a/
httemplate/view/prospect_main.html
+++ b/
httemplate/view/prospect_main.html
@@
-24,18
+24,18
@@
% foreach my $prospect_contact ( $prospect_main->prospect_contact ) {
% my $contact = $prospect_contact->contact;
<TR>
% foreach my $prospect_contact ( $prospect_main->prospect_contact ) {
% my $contact = $prospect_contact->contact;
<TR>
- <TH ALIGN="right" VALIGN="top"><% $prospect_contact->contact_classname %> Contact</TH>
+ <TH ALIGN="right" VALIGN="top"><% $prospect_contact->contact_classname
|h
%> Contact</TH>
<TD BGCOLOR="#FFFFFF">
<TD BGCOLOR="#FFFFFF">
- <% $contact->line %><br>
+ <% $contact->line
|h
%><br>
<table>
% for my $row ( $contact->contact_email ) {
<table>
% for my $row ( $contact->contact_email ) {
- <tr><th>E-Mail:</th><td><% $row->emailaddress %></td></tr>
+ <tr><th>E-Mail:</th><td><% $row->emailaddress
|h
%></td></tr>
% }
% for my $row ( $contact->contact_phone ) {
% }
% for my $row ( $contact->contact_phone ) {
- <tr><th><% $row->phone_type->typename
%>:</th><td><% $row->phonenum_pretty
%></td></tr>
+ <tr><th><% $row->phone_type->typename
|h %>:</th><td><% $row->phonenum_pretty |h
%></td></tr>
% }
% if ( $prospect_contact->comment ) {
% }
% if ( $prospect_contact->comment ) {
- <tr><th>Comment:</th><td><% $prospect_contact->comment %></td></tr>
+ <tr><th>Comment:</th><td><% $prospect_contact->comment
|h
%></td></tr>
% }
</table>
</TD>
% }
</table>
</TD>