projects
/
freeside.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
1d1259a
)
Escape the values in virtual field html form inputs.
author
khoff
<khoff>
Thu, 15 Mar 2007 20:07:44 +0000
(20:07 +0000)
committer
khoff
<khoff>
Thu, 15 Mar 2007 20:07:44 +0000
(20:07 +0000)
FS/FS/part_virtual_field.pm
patch
|
blob
|
history
diff --git
a/FS/FS/part_virtual_field.pm
b/FS/FS/part_virtual_field.pm
index
992d449
..
ea973ba
100755
(executable)
--- a/
FS/FS/part_virtual_field.pm
+++ b/
FS/FS/part_virtual_field.pm
@@
-4,6
+4,7
@@
use strict;
use vars qw( @ISA );
use FS::Record qw( qsearchs qsearch );
use FS::Schema qw( dbdef );
+use CGI qw(escapeHTML);
@ISA = qw( FS::Record );
@@
-244,7
+245,7
@@
sub widget {
}
} else {
$text .= q!<INPUT NAME="! . $self->name .
- q!" VALUE="! .
$value
. q!"!;
+ q!" VALUE="! .
escapeHTML($value)
. q!"!;
if ($self->length) {
$text .= q! SIZE="! . $self->length . q!"!;
}