From eba74c8e51a52432362150c38d674f661a6228e8 Mon Sep 17 00:00:00 2001 From: Jonathan Druart Date: Tue, 8 Mar 2016 14:09:09 +0000 Subject: [PATCH] Bug 15722: Escape patron infos for JSON in patron searches If patron infos contain invalid JSON chars (\t for instance), the results won't appear. The solution is to escape these info. Test plan: Edit patron infos in DB (update borrowers set surname="foobar\t" where borrowernumber=42) Search for foobar (you should have more than 1 result) Without this patch, DT retrieves a bad formatted JSON and the results won't appear. With this patch, the table result appears Signed-off-by: Kyle M Hall Signed-off-by: Katrin Fischer Signed-off-by: Brendan A Gallagher (cherry picked from commit cd20b61a7c845110e518e6dedc12ac50efebe4aa) Signed-off-by: Julian Maurice --- .../prog/en/modules/acqui/tables/members_results.tt | 2 +- .../prog/en/modules/members/tables/members_results.tt | 2 +- .../prog/en/modules/patroncards/tables/members_results.tt | 2 +- .../prog/en/modules/serials/tables/members_results.tt | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/koha-tmpl/intranet-tmpl/prog/en/modules/acqui/tables/members_results.tt b/koha-tmpl/intranet-tmpl/prog/en/modules/acqui/tables/members_results.tt index 681f1cd583..ef325f3aa5 100644 --- a/koha-tmpl/intranet-tmpl/prog/en/modules/acqui/tables/members_results.tt +++ b/koha-tmpl/intranet-tmpl/prog/en/modules/acqui/tables/members_results.tt @@ -9,7 +9,7 @@ "dt_cardnumber": "[% data.cardnumber %]", "dt_name": - "[% INCLUDE 'patron-title.inc' borrowernumber = data.borrowernumber category_type = data.category_type firstname = data.firstname surname = data.surname othernames = data.othernames cardnumber = data.cardnumber invert_name = 1%]", + "[% INCLUDE 'patron-title.inc' borrowernumber = data.borrowernumber category_type = data.category_type firstname = To.json(data.firstname) surname = To.json(data.surname) othernames = To.json(data.othernames) cardnumber = data.cardnumber invert_name = 1%]", "dt_branch": "[% data.branchname |html %]", "dt_category": diff --git a/koha-tmpl/intranet-tmpl/prog/en/modules/members/tables/members_results.tt b/koha-tmpl/intranet-tmpl/prog/en/modules/members/tables/members_results.tt index 7d5e9622e1..51828922a7 100644 --- a/koha-tmpl/intranet-tmpl/prog/en/modules/members/tables/members_results.tt +++ b/koha-tmpl/intranet-tmpl/prog/en/modules/members/tables/members_results.tt @@ -14,7 +14,7 @@ "dt_cardnumber": "[% data.cardnumber | html %]", "dt_name": - "[% INCLUDE 'patron-title.inc' borrowernumber = data.borrowernumber category_type = data.category_type firstname = data.firstname surname = data.surname othernames = data.othernames invert_name = 1 %]
[% INCLUDE escape_address data = data %]
", + "[% INCLUDE 'patron-title.inc' borrowernumber = data.borrowernumber category_type = data.category_type firstname = To.json(data.firstname) surname = To.json(data.surname) othernames = To.json(data.othernames) invert_name = 1 %]
[% INCLUDE escape_address data = data %]
", "dt_category": "[% data.category_description |html %] ([% data.category_type |html %])", "dt_branch": diff --git a/koha-tmpl/intranet-tmpl/prog/en/modules/patroncards/tables/members_results.tt b/koha-tmpl/intranet-tmpl/prog/en/modules/patroncards/tables/members_results.tt index cbe741ba47..087aa8c705 100644 --- a/koha-tmpl/intranet-tmpl/prog/en/modules/patroncards/tables/members_results.tt +++ b/koha-tmpl/intranet-tmpl/prog/en/modules/patroncards/tables/members_results.tt @@ -9,7 +9,7 @@ "dt_cardnumber": "[% data.cardnumber %]", "dt_name": - "[% INCLUDE 'patron-title.inc' borrowernumber = data.borrowernumber category_type = data.category_type firstname = data.firstname surname = data.surname othernames = data.othernames cardnumber = data.cardnumber invert_name = 1%]", + "[% INCLUDE 'patron-title.inc' borrowernumber = data.borrowernumber category_type = data.category_type firstname = To.json(data.firstname) surname = To.json(data.surname) othernames = To.json(data.othernames) cardnumber = data.cardnumber invert_name = 1%]", "dt_category": "[% data.category_description |html %] ([% data.category_type |html %])", "dt_branch": diff --git a/koha-tmpl/intranet-tmpl/prog/en/modules/serials/tables/members_results.tt b/koha-tmpl/intranet-tmpl/prog/en/modules/serials/tables/members_results.tt index 840b391c5f..b5096c6d54 100644 --- a/koha-tmpl/intranet-tmpl/prog/en/modules/serials/tables/members_results.tt +++ b/koha-tmpl/intranet-tmpl/prog/en/modules/serials/tables/members_results.tt @@ -9,7 +9,7 @@ "dt_cardnumber": "[% data.cardnumber %]", "dt_name": - "[% INCLUDE 'patron-title.inc' borrowernumber = data.borrowernumber category_type = data.category_type firstname = data.firstname surname = data.surname othernames = data.othernames cardnumber = data.cardnumber invert_name = 1%]", + "[% INCLUDE 'patron-title.inc' borrowernumber = data.borrowernumber category_type = data.category_type firstname = To.json(data.firstname) surname = To.jon(data.surname) othernames = To.json(data.othernames) cardnumber = data.cardnumber invert_name = 1%]", "dt_branch": "[% data.branchname |html %]", "dt_action": -- 2.39.5