From 29de576ae94f947e47d054dca3e615473045061a Mon Sep 17 00:00:00 2001 From: Martin Renvoize Date: Thu, 11 Mar 2021 13:55:00 +0000 Subject: [PATCH] Bug 26273: (QA follow-up) Use escape_str/price for escaping This patch uses the global escape_str/escape_price functions in the register page. Signed-off-by: Jonathan Druart --- .../intranet-tmpl/prog/en/modules/pos/register.tt | 13 ++----------- 1 file changed, 2 insertions(+), 11 deletions(-) diff --git a/koha-tmpl/intranet-tmpl/prog/en/modules/pos/register.tt b/koha-tmpl/intranet-tmpl/prog/en/modules/pos/register.tt index 3b06a6eb4b..e40e782ffa 100644 --- a/koha-tmpl/intranet-tmpl/prog/en/modules/pos/register.tt +++ b/koha-tmpl/intranet-tmpl/prog/en/modules/pos/register.tt @@ -414,15 +414,6 @@ "manager" ], "order": [[ 0, "asc" ]], - "columnDefs": [ { - "targets": [0,1,2], - "render": function (data, type, row, meta) { - if ( type == 'display' ) { - return data.escapeHtml(); - } - return data; - } - } ], "columns": [ { "data": "timestamp", @@ -444,7 +435,7 @@ else { fullname = row.manager.firstname + " " + row.manager.surname; } - return fullname; + return escape_str(fullname); } }, { @@ -453,7 +444,7 @@ "orderable": true, "render": function(data, type, row, meta) { var amt = row.amount * -1; - return (amt).format_price(); + return escape_price(amt); } }, { -- 2.39.5