[open-ils-commits] r16204 - in trunk: . Open-ILS/examples/templates (miker)
svn at svn.open-ils.org
svn at svn.open-ils.org
Mon Apr 12 11:00:31 EDT 2010
Author: miker
Date: 2010-04-12 11:00:29 -0400 (Mon, 12 Apr 2010)
New Revision: 16204
Modified:
trunk/
trunk/Open-ILS/examples/templates/overdue_combined_xml.example
Log:
Patch from Galen Charlton:
This patch adds additional calls to escape_xml to handle cases where patron or library data could contain ampersand or other characters that need to be converted to entities. Issue discovered by Bibliomation; patch includes contributions by Ben Ostrowsky.
Property changes on: trunk
___________________________________________________________________
Name: bzr:revision-info
- timestamp: 2010-04-12 10:49:09.384000063 -0400
committer: Mike Rylander <miker at esilibrary.com>
properties:
branch-nick: trunk
+ timestamp: 2010-04-12 10:56:29.252000093 -0400
committer: Mike Rylander <miker at esilibrary.com>
properties:
branch-nick: trunk
Name: bzr:file-ids
- Open-ILS/examples/fm_IDL.xml 4735 at dcc99617-32d9-48b4-a31d-7c20da2025e4:trunk:Open-ILS%2Fexamples%2Ffm_IDL.xml
+ Open-ILS/examples/templates/overdue_combined_xml.example 10306 at dcc99617-32d9-48b4-a31d-7c20da2025e4:trunk:Open-ILS%2Fexamples%2Ftemplates%2Foverdue_combined_xml.example
Name: bzr:revision-id:v4
- 11741 phasefx at batrepo-20091014063041-ama3i5s87ziqohxo
11742 phasefx at batrepo-20091014063644-pn3a6urkw3uxgr6n
12108 phasefx at batrepo-20091120084700-lavt73oserscgalf
12166 jason at esilibrary.com-20091202233906-g8kh2kh3qmmz66r1
12184 jason at esilibrary.com-20091204161020-0dqezh01c05btffh
12198 jason at esilibrary.com-20091208140008-eofwdbn2u8dxk2kk
12199 jason at esilibrary.com-20091208155412-4qdzy8sgs51vm0yq
12215 jason at esilibrary.com-20091209133642-bp8mb3tc5vpoc1ij
12220 jason at esilibrary.com-20091209143447-i1st1to8ln4hhwyb
12231 jason at esilibrary.com-20091209221438-vv4crqppm8ajj3dr
12804 jason at esilibrary.com-20100324194046-jza2ic2dlpq8txhc
12946 miker at esilibrary.com-20100402183612-8xznj35wfohk7zyu
12955 miker at esilibrary.com-20100403141037-h8d57ryrmkkg9yhb
12971 miker at whirly-20100405202254-aztbsf3p3eey9e8e
12997 miker at esilibrary.com-20100408154146-zodwuxxizwf0y449
13010 miker at miker-msi-20100409021618-5f0ohbg5cgi5pai0
13014 miker at esilibrary.com-20100409135406-mitf09aw1srnps3g
13022 miker at esilibrary.com-20100412144909-fc4bx1n80ac0z8ox
+ 11741 phasefx at batrepo-20091014063041-ama3i5s87ziqohxo
11742 phasefx at batrepo-20091014063644-pn3a6urkw3uxgr6n
12108 phasefx at batrepo-20091120084700-lavt73oserscgalf
12166 jason at esilibrary.com-20091202233906-g8kh2kh3qmmz66r1
12184 jason at esilibrary.com-20091204161020-0dqezh01c05btffh
12198 jason at esilibrary.com-20091208140008-eofwdbn2u8dxk2kk
12199 jason at esilibrary.com-20091208155412-4qdzy8sgs51vm0yq
12215 jason at esilibrary.com-20091209133642-bp8mb3tc5vpoc1ij
12220 jason at esilibrary.com-20091209143447-i1st1to8ln4hhwyb
12231 jason at esilibrary.com-20091209221438-vv4crqppm8ajj3dr
12804 jason at esilibrary.com-20100324194046-jza2ic2dlpq8txhc
12946 miker at esilibrary.com-20100402183612-8xznj35wfohk7zyu
12955 miker at esilibrary.com-20100403141037-h8d57ryrmkkg9yhb
12971 miker at whirly-20100405202254-aztbsf3p3eey9e8e
12997 miker at esilibrary.com-20100408154146-zodwuxxizwf0y449
13010 miker at miker-msi-20100409021618-5f0ohbg5cgi5pai0
13014 miker at esilibrary.com-20100409135406-mitf09aw1srnps3g
13022 miker at esilibrary.com-20100412144909-fc4bx1n80ac0z8ox
13023 miker at esilibrary.com-20100412145629-92g9jts2k8yqsm38
Name: bzr:text-parents
- Open-ILS/examples/fm_IDL.xml svn-v4:dcc99617-32d9-48b4-a31d-7c20da2025e4:trunk:16186
+ Open-ILS/examples/templates/overdue_combined_xml.example svn-v4:dcc99617-32d9-48b4-a31d-7c20da2025e4:trunk:14971
Modified: trunk/Open-ILS/examples/templates/overdue_combined_xml.example
===================================================================
--- trunk/Open-ILS/examples/templates/overdue_combined_xml.example 2010-04-12 14:52:22 UTC (rev 16203)
+++ trunk/Open-ILS/examples/templates/overdue_combined_xml.example 2010-04-12 15:00:29 UTC (rev 16204)
@@ -15,26 +15,26 @@
[%- IF !user_addr or user_addr.valid == 'f'; NEXT; END; %]
<notice type='overdue' notify_interval='[% circ_set.notice.notify_interval %]'>
<patron>
- <barcode>[% user.card.barcode %]</barcode>
- <first_given_name>[% user.first_given_name %]</first_given_name>
- <family_name>[% user.family_name %]</family_name>
+ <barcode>[% escape_xml(user.card.barcode) %]</barcode>
+ <first_given_name>[% escape_xml(user.first_given_name) %]</first_given_name>
+ <family_name>[% escape_xml(user.family_name) %]</family_name>
<addr_street1>[% escape_xml(user_addr.street1) %]</addr_street1>
<addr_street2>[% escape_xml(user_addr.street2) %]</addr_street2>
<addr_city>[% escape_xml(user_addr.city) %]</addr_city>
- <addr_state>[% user_addr.state %]</addr_state>
- <addr_post_code>[% user_addr.post_code %]</addr_post_code>
+ <addr_state>[% escape_xml(user_addr.state) %]</addr_state>
+ <addr_post_code>[% escape_xml(user_addr.post_code) %]</addr_post_code>
<email>[% escape_xml(user.email) %]</email>
<sys_id>[% user.id %]</sys_id>
</patron>
<location>
<name>[% escape_xml(lib.name) %]</name>
<shortname>[% escape_xml(lib.shortname) %]</shortname>
- <phone>[% lib.phone %]</phone>
+ <phone>[% escape_xml(lib.phone) %]</phone>
<addr_street1>[% escape_xml(lib_addr.street1) %]</addr_street1>
<addr_street2>[% escape_xml(lib_addr.street2) %]</addr_street2>
<addr_city>[% escape_xml(lib_addr.city) %]</addr_city>
- <addr_state>[% lib_addr.state %]</addr_state>
- <addr_post_code>[% lib_addr.post_code %]</addr_post_code>
+ <addr_state>[% escape_xml(lib_addr.state) %]</addr_state>
+ <addr_post_code>[% escape_xml(lib_addr.post_code) %]</addr_post_code>
<email>[% escape_xml(lib.email) %]</email>
<sys_id>[% lib.id %]</sys_id>
</location>
More information about the open-ils-commits
mailing list