projects / WP-Plugins / glm-member-db-packaging.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 631ae51)
The text search window was vulnerable to double-quote marks in the package names.
authorChuck Scott <cscott@gaslightmedia.com>
Mon, 15 Aug 2016 14:44:35 +0000 (10:44 -0400)
committerChuck Scott <cscott@gaslightmedia.com>
Mon, 15 Aug 2016 14:44:35 +0000 (10:44 -0400)
Now filtering those out from the list.

views/admin/packaging/index.html patch | blob | history

diff --git a/views/admin/packaging/index.html b/views/admin/packaging/index.html
index 8d48d49..2810b9f 100644 (file)
--- a/views/admin/packaging/index.html
+++ b/views/admin/packaging/index.html
@@ -371,7 +371,7 @@
             var availableTags = [
     {if $havePackages}
         {foreach $packages as $p}
-                { label: "{$p.title|unescape:'html'} - {$p.ref_dest_name|unescape:'html'}", id: '{$p.id}', memb: '{if isset($p.member)}{$p.member.member_pointer}{else}0{/if}' },
+                { label: "{$p.title|unescape:'html'|replace:'"':''} - {$p.ref_dest_name|unescape:'html'|replace:'"':''}", id: '{$p.id}', memb: '{if isset($p.member)}{$p.member.member_pointer}{else}0{/if}' },
         {/foreach}
     {/if}
              ];