From fe4ba3802696ab20e27f00cf72decb9a22cd5517 Mon Sep 17 00:00:00 2001
From: Chuck Scott <cscott@gaslightmedia.com>
Date: Mon, 15 Aug 2016 10:45:46 -0400
Subject: [PATCH] The text search was vulnerable to double quote marks in
 members names. Now filtering those out.

---
 views/admin/members/list.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/views/admin/members/list.html b/views/admin/members/list.html
index b7922144..c357c9fc 100644
--- a/views/admin/members/list.html
+++ b/views/admin/members/list.html
@@ -203,7 +203,7 @@
 
              var availableTags = [
     {foreach $namesList as $m}
-                { label: "{$m.name|unescape:'html'}", value: "{$m.name|unescape:'html'}", id: '{$m.id}' },
+                { label: "{$m.name|unescape:'html'|replace:'"':''}", value: "{$m.name|unescape:'html'|replace:'"':''}", id: '{$m.id}' },
     {/foreach}
              ];
             
-- 
2.17.1