From ecb12104ffc7284089a1c8134ca8811e99e7419c Mon Sep 17 00:00:00 2001 From: Jonathan Druart Date: Wed, 1 May 2019 20:54:02 -0400 Subject: [PATCH] Bug 22781: Does not double filter address Ho, a bug! Some fields in the address where double filtered. Test plan: Use the evil strings in the address field and do a search, you will see double html encoded characters without this patch. Signed-off-by: Liz Rea Signed-off-by: Katrin Fischer Signed-off-by: Nick Clemens --- .../prog/en/modules/members/tables/members_results.tt | 8 ++++---- t/db_dependent/selenium/patrons_search.t | 7 ++++++- 2 files changed, 10 insertions(+), 5 deletions(-) diff --git a/koha-tmpl/intranet-tmpl/prog/en/modules/members/tables/members_results.tt b/koha-tmpl/intranet-tmpl/prog/en/modules/members/tables/members_results.tt index 0020f7511d..21853df433 100644 --- a/koha-tmpl/intranet-tmpl/prog/en/modules/members/tables/members_results.tt +++ b/koha-tmpl/intranet-tmpl/prog/en/modules/members/tables/members_results.tt @@ -42,8 +42,8 @@ } [% BLOCK escape_address %] [%~ SET address = data.streetnumber _ ' ' %] -[%~ IF data.streettype %][% address = address _ AuthorisedValues.GetByCode( 'ROADTYPE', data.streettype ) _ ' ' | html %][% END %] -[%~ IF data.address %][% address = address _ data.address _ ' ' | html %][% END %] -[%~ IF data.address2 %][% address = address _ data.address2 _ ' ' | html %][% END %] -[%~ To.json( address ) | $raw ~%] +[%~ IF data.streettype %][% SET address = address _ AuthorisedValues.GetByCode( 'ROADTYPE', data.streettype ) _ ' ' %][% END %] +[%~ IF data.address %][% SET address = address _ data.address _ ' ' %][% END %] +[%~ IF data.address2 %][% SET address = address _ data.address2 _ ' ' %][% END %] +[%~ address | html | $To ~%] [% END %] diff --git a/t/db_dependent/selenium/patrons_search.t b/t/db_dependent/selenium/patrons_search.t index 8ea5f869ca..5a27e2f116 100644 --- a/t/db_dependent/selenium/patrons_search.t +++ b/t/db_dependent/selenium/patrons_search.t @@ -40,13 +40,14 @@ my $builder = t::lib::TestBuilder->new; our @cleanup; subtest 'Search patrons' => sub { - plan tests => 4; + plan tests => 5; my @patrons; my $borrowernotes = q|just 'a" note \123 ❤|; my $borrowernotes_displayed = q|just 'a" note \123 ❤|; my $branchname = q|just 'another" library \123 ❤|; my $firstname = q|fir's"tname \123 ❤|; + my $address = q|add'res"s \123 ❤|; my $patron_category = $builder->build_object( { class => 'Koha::Patron::Categories', category_type => 'A' } ); my $library = $builder->build_object( @@ -63,6 +64,7 @@ subtest 'Search patrons' => sub { categorycode => $patron_category->categorycode, branchcode => $library->branchcode, borrowernotes => $borrowernotes, + address => $address, } } ); @@ -78,6 +80,9 @@ subtest 'Search patrons' => sub { like ($td[2]->get_text, qr[\Q$firstname\E], 'Column "Name" should be the 3rd and contain the firstname correctly filtered' ); + like ($td[2]->get_text, qr[\Q$address\E], + 'Column "Name" should be the 3rd and contain the address correctly filtered' + ); is( $td[5]->get_text, $branchname, 'Column "Library" should be the 6th and contain the html tags - they have been html filtered' ); -- 2.39.5