From 5e405e8d5da74bfe5ffb6be40a7dbd9937017670 Mon Sep 17 00:00:00 2001 From: Katrin Fischer Date: Wed, 16 Aug 2017 12:05:50 +0200 Subject: [PATCH] Bug 19125 - XSS - members.pl In preparation to test this patch: - Add a patron list named - Add a library named - Add a patron category named To test: - Access patron search page and do a search - Verify that the alerts added above are executed - Apply patch - Verify that no alerts are displayed Signed-off-by: Amit Gupta Signed-off-by: Marcel de Rooy Signed-off-by: Jonathan Druart (cherry picked from commit 849eaf73fc419b9a635a1ba4b69ef46a7544e55a) Signed-off-by: Fridolin Somers (cherry picked from commit 2b0bd9add5deae0ab5bee79ee75a6cb769d0dea8) Signed-off-by: Katrin Fischer --- koha-tmpl/intranet-tmpl/prog/en/includes/html_helpers.inc | 2 +- koha-tmpl/intranet-tmpl/prog/en/includes/patron-search.inc | 6 +++--- koha-tmpl/intranet-tmpl/prog/en/includes/patron-toolbar.inc | 4 ++-- koha-tmpl/intranet-tmpl/prog/en/modules/members/member.tt | 6 +++--- 4 files changed, 9 insertions(+), 9 deletions(-) diff --git a/koha-tmpl/intranet-tmpl/prog/en/includes/html_helpers.inc b/koha-tmpl/intranet-tmpl/prog/en/includes/html_helpers.inc index 4e970c7980..089680f25a 100644 --- a/koha-tmpl/intranet-tmpl/prog/en/includes/html_helpers.inc +++ b/koha-tmpl/intranet-tmpl/prog/en/includes/html_helpers.inc @@ -3,7 +3,7 @@ [% IF l.selected %] [% ELSE %] - + [% END%] [% END %] [% END %] diff --git a/koha-tmpl/intranet-tmpl/prog/en/includes/patron-search.inc b/koha-tmpl/intranet-tmpl/prog/en/includes/patron-search.inc index ad82db303c..a10fc2fb7e 100644 --- a/koha-tmpl/intranet-tmpl/prog/en/includes/patron-search.inc +++ b/koha-tmpl/intranet-tmpl/prog/en/includes/patron-search.inc @@ -94,7 +94,7 @@ [% IF b.selected %] [% ELSE %] - + [% END %] [% END %] @@ -107,9 +107,9 @@ [% FOREACH category IN categories %] [% IF category.categorycode == categorycode_filter %] - + [% ELSE %] - + [% END %] [% END %] diff --git a/koha-tmpl/intranet-tmpl/prog/en/includes/patron-toolbar.inc b/koha-tmpl/intranet-tmpl/prog/en/includes/patron-toolbar.inc index 1952483963..11cd6392e3 100644 --- a/koha-tmpl/intranet-tmpl/prog/en/includes/patron-toolbar.inc +++ b/koha-tmpl/intranet-tmpl/prog/en/includes/patron-toolbar.inc @@ -7,14 +7,14 @@
[% IF Koha.Preference('PatronQuickAddFields') || Koha.Preference('BorrowerMandatoryField') %]
[% END %] diff --git a/koha-tmpl/intranet-tmpl/prog/en/modules/members/member.tt b/koha-tmpl/intranet-tmpl/prog/en/modules/members/member.tt index f10429a33d..364b26b93a 100644 --- a/koha-tmpl/intranet-tmpl/prog/en/modules/members/member.tt +++ b/koha-tmpl/intranet-tmpl/prog/en/modules/members/member.tt @@ -372,7 +372,7 @@ function filterByFirstLetterSurname(letter) { [% IF patron_lists %] [% FOREACH pl IN patron_lists %] - + [% END %] [% END %] @@ -496,9 +496,9 @@ function filterByFirstLetterSurname(letter) { [% FOREACH cat IN categories %] [% IF cat.categorycode == categorycode_filter %] - + [% ELSE %] - + [% END %] [% END %] -- 2.39.5