Skip to content
Snippets Groups Projects
Commit b363e73e authored by Uma's avatar Uma
Browse files

Fixes:#1105 ::Uma::To safe html supported on filter conditions

parent 8becca8c
Branches SafeHtml_Added_On_Conditions
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 16 additions and 16 deletions
layouts/v7/modules/HelpDesk/SelectEmailFields.tpl
+ 1
1
View file @ b363e73e
......@@ -24,7 +24,7 @@
<input type="hidden" name="operator" value="{$OPERATOR}" />
<input type="hidden" name="search_value" value="{$ALPHABET_VALUE}" />
{if $SEARCH_PARAMS}
<input type="hidden" name="search_params" value='{ZEND_JSON::encode($SEARCH_PARAMS)}' />
<input type="hidden" name="search_params" value='{Vtiger_Util_Helper::toSafeHTML(ZEND_JSON::encode($SEARCH_PARAMS))}' />
{/if}
<input type="hidden" name="fieldModule" value={$SOURCE_MODULE} />
<input type="hidden" name="to" value='{ZEND_JSON::encode($TO)}' />
......
layouts/v7/modules/Inventory/OverlayEditView.tpl
+ 1
1
View file @ b363e73e
......@@ -46,7 +46,7 @@
<input type="hidden" name="returnrelatedModule" value="{$RETURN_RELATED_MODULE}" />
<input type="hidden" name="returnpage" value="{$RETURN_PAGE}" />
<input type="hidden" name="returnviewname" value="{$RETURN_VIEW_NAME}" />
<input type="hidden" name="returnsearch_params" value='{ZEND_JSON::encode($RETURN_SEARCH_PARAMS)}' />
<input type="hidden" name="returnsearch_params" value='{Vtiger_Util_Helper::toSafeHTML(ZEND_JSON::encode($RETURN_SEARCH_PARAMS))}' />
<input type="hidden" name="returnsearch_key" value={$RETURN_SEARCH_KEY} />
<input type="hidden" name="returnsearch_value" value={$RETURN_SEARCH_VALUE} />
<input type="hidden" name="returnoperator" value={$RETURN_SEARCH_OPERATOR} />
......
layouts/v7/modules/Potentials/SelectEmailFields.tpl
+ 1
1
View file @ b363e73e
......@@ -24,7 +24,7 @@
<input type="hidden" name="operator" value="{$OPERATOR}" />
<input type="hidden" name="search_value" value="{$ALPHABET_VALUE}" />
{if $SEARCH_PARAMS}
<input type="hidden" name="search_params" value='{ZEND_JSON::encode($SEARCH_PARAMS)}' />
<input type="hidden" name="search_params" value='{Vtiger_Util_Helper::toSafeHTML(ZEND_JSON::encode($SEARCH_PARAMS))}' />
{/if}
<input type="hidden" name="fieldModule" value={$SOURCE_MODULE} />
<input type="hidden" name="to" value='{ZEND_JSON::encode($TO)}' />
......
layouts/v7/modules/Reports/MoveReports.tpl
+ 1
1
View file @ b363e73e
......@@ -19,7 +19,7 @@
<input type="hidden" name="selected_ids" value={ZEND_JSON::encode($SELECTED_IDS)} />
<input type="hidden" name="excluded_ids" value={ZEND_JSON::encode($EXCLUDED_IDS)} />
<input type="hidden" name="viewname" value="{$VIEWNAME}" />
<input type="hidden" name="search_params" value='{ZEND_JSON::encode($SEARCH_PARAMS)}' />
<input type="hidden" name="search_params" value='{Vtiger_Util_Helper::toSafeHTML(ZEND_JSON::encode($SEARCH_PARAMS))}' />
<div class="modal-body">
<div class="form-group">
<label for="inputEmail3" class="col-sm-4 control-label">{vtranslate('LBL_FOLDERS_LIST', $MODULE)}<span class="redColor">*</span></label>
......
layouts/v7/modules/Settings/Workflows/AdvanceFilter.tpl
+ 2
2
View file @ b363e73e
......@@ -24,11 +24,11 @@
<div class="filterContainer">
<input type="hidden" name="date_filters" data-value='{Vtiger_Util_Helper::toSafeHTML(ZEND_JSON::encode($DATE_FILTERS))}' />
<input type=hidden name="advanceFilterOpsByFieldType" data-value='{ZEND_JSON::encode($ADVANCED_FILTER_OPTIONS_BY_TYPE)}' />
<input type=hidden name="advanceFilterOpsByFieldType" data-value='{Vtiger_Util_Helper::toSafeHTML(ZEND_JSON::encode($ADVANCED_FILTER_OPTIONS_BY_TYPE))}' />
{foreach key=ADVANCE_FILTER_OPTION_KEY item=ADVANCE_FILTER_OPTION from=$ADVANCED_FILTER_OPTIONS}
{$ADVANCED_FILTER_OPTIONS[$ADVANCE_FILTER_OPTION_KEY] = vtranslate($ADVANCE_FILTER_OPTION, $MODULE)}
{/foreach}
<input type=hidden name="advanceFilterOptions" data-value='{ZEND_JSON::encode($ADVANCED_FILTER_OPTIONS)}' />
<input type=hidden name="advanceFilterOptions" data-value='{Vtiger_Util_Helper::toSafeHTML(ZEND_JSON::encode($ADVANCED_FILTER_OPTIONS))}' />
<div class="allConditionContainer conditionGroup contentsBackground" style="padding-bottom:15px;">
<div class="header">
<span><strong>{vtranslate('LBL_ALL_CONDITIONS',$MODULE)}</strong></span>
......
layouts/v7/modules/Settings/Workflows/WorkFlowConditions.tpl
+ 1
1
View file @ b363e73e
......@@ -11,7 +11,7 @@
-->*}
{strip}
<input type="hidden" name="conditions" id="advanced_filter" value='' />
<input type="hidden" id="olderConditions" value='{ZEND_JSON::encode($WORKFLOW_MODEL->get('conditions'))}' />
<input type="hidden" id="olderConditions" value='{Vtiger_Util_Helper::toSafeHTML(ZEND_JSON::encode($WORKFLOW_MODEL->get('conditions')))}' />
<input type="hidden" name="filtersavedinnew" value="{$WORKFLOW_MODEL->get('filtersavedinnew')}" />
<div class="editViewHeader">
<div class='row'>
......
layouts/v7/modules/Users/CalendarSettingsEditView.tpl
+ 1
1
View file @ b363e73e
......@@ -40,7 +40,7 @@
<input type="hidden" name="returnrelatedModule" value="{$RETURN_RELATED_MODULE}" />
<input type="hidden" name="returnpage" value="{$RETURN_PAGE}" />
<input type="hidden" name="returnviewname" value="{$RETURN_VIEW_NAME}" />
<input type="hidden" name="returnsearch_params" value='{ZEND_JSON::encode($RETURN_SEARCH_PARAMS)}' />
<input type="hidden" name="returnsearch_params" value='{Vtiger_Util_Helper::toSafeHTML(ZEND_JSON::encode($RETURN_SEARCH_PARAMS))}' />
<input type="hidden" name="returnsearch_key" value={$RETURN_SEARCH_KEY} />
<input type="hidden" name="returnsearch_value" value={$RETURN_SEARCH_VALUE} />
<input type="hidden" name="returnoperator" value={$RETURN_SEARCH_OPERATOR} />
......
layouts/v7/modules/Vtiger/AddCommentForm.tpl
+ 1
1
View file @ b363e73e
......@@ -21,7 +21,7 @@
<input type="hidden" name="search_key" value= "{$SEARCH_KEY}" />
<input type="hidden" name="operator" value="{$OPERATOR}" />
<input type="hidden" name="search_value" value="{$ALPHABET_VALUE}" />
<input type="hidden" name="search_params" value='{ZEND_JSON::encode($SEARCH_PARAMS)}' />
<input type="hidden" name="search_params" value='{Vtiger_Util_Helper::toSafeHTML(ZEND_JSON::encode($SEARCH_PARAMS))}' />
{assign var=HEADER_TITLE value={vtranslate('LBL_ADDING_COMMENT', $MODULE)}}
{include file="ModalHeader.tpl"|vtemplate_path:$MODULE TITLE=$HEADER_TITLE}
......
layouts/v7/modules/Vtiger/AdvanceFilter.tpl
+ 1
1
View file @ b363e73e
......@@ -24,7 +24,7 @@
<div class="filterContainer filterElements well filterConditionContainer filterConditionsDiv">
<input type="hidden" name="date_filters" data-value='{Vtiger_Util_Helper::toSafeHTML(ZEND_JSON::encode($DATE_FILTERS))}' />
<input type=hidden name="advanceFilterOpsByFieldType" data-value='{ZEND_JSON::encode($ADVANCED_FILTER_OPTIONS_BY_TYPE)}' />
<input type=hidden name="advanceFilterOpsByFieldType" data-value='{Vtiger_Util_Helper::toSafeHTML(ZEND_JSON::encode($ADVANCED_FILTER_OPTIONS_BY_TYPE))}' />
{foreach key=ADVANCE_FILTER_OPTION_KEY item=ADVANCE_FILTER_OPTION from=$ADVANCED_FILTER_OPTIONS}
{$ADVANCED_FILTER_OPTIONS[$ADVANCE_FILTER_OPTION_KEY] = vtranslate($ADVANCE_FILTER_OPTION, $MODULE)}
{/foreach}
......
layouts/v7/modules/Vtiger/ComposeEmailForm.tpl
+ 1
1
View file @ b363e73e
......@@ -38,7 +38,7 @@
<input type="hidden" name="search_key" value= "{$SEARCH_KEY}" />
<input type="hidden" name="operator" value="{$OPERATOR}" />
<input type="hidden" name="search_value" value="{$ALPHABET_VALUE}" />
<input type="hidden" name="search_params" value='{ZEND_JSON::encode($SEARCH_PARAMS)}' />
<input type="hidden" name="search_params" value='{Vtiger_Util_Helper::toSafeHTML(ZEND_JSON::encode($SEARCH_PARAMS))}' />
<div class="row toEmailField">
<div class="col-lg-12">
......
layouts/v7/modules/Vtiger/Export.tpl
+ 1
1
View file @ b363e73e
......@@ -22,7 +22,7 @@
<input type="hidden" name="search_key" value= "{$SEARCH_KEY}" />
<input type="hidden" name="operator" value="{$OPERATOR}" />
<input type="hidden" name="search_value" value="{$ALPHABET_VALUE}" />
<input type="hidden" name="search_params" value='{ZEND_JSON::encode($SEARCH_PARAMS)}' />
<input type="hidden" name="search_params" value='{Vtiger_Util_Helper::toSafeHTML(ZEND_JSON::encode($SEARCH_PARAMS))}' />
<input type="hidden" name="orderby" value="{$ORDER_BY}" />
<input type="hidden" name="sortorder" value="{$SORT_ORDER}" />
<input type="hidden" name="tag_params" value='{Zend_JSON::encode($TAG_PARAMS)}' />
......
layouts/v7/modules/Vtiger/MassEditForm.tpl
+ 1
1
View file @ b363e73e
......@@ -17,7 +17,7 @@
<input type="hidden" name="viewname" value="{$CVID}" />
<input type="hidden" name="selected_ids" value={ZEND_JSON::encode($SELECTED_IDS)}>
<input type="hidden" name="excluded_ids" value={ZEND_JSON::encode($EXCLUDED_IDS)}>
<input type="hidden" name="search_params" value='{ZEND_JSON::encode($SEARCH_PARAMS)}' />
<input type="hidden" name="search_params" value='{Vtiger_Util_Helper::toSafeHTML(ZEND_JSON::encode($SEARCH_PARAMS))}' />
<div>
<header class="overlayHeader" style='flex:0 0 auto;'>
{assign var=TITLE value="{vtranslate('LBL_MASS_EDITING',$MODULE)}"}
......
layouts/v7/modules/Vtiger/OverlayEditView.tpl
+ 1
1
View file @ b363e73e
......@@ -46,7 +46,7 @@
<input type="hidden" name="returnrelatedModule" value="{$RETURN_RELATED_MODULE}" />
<input type="hidden" name="returnpage" value="{$RETURN_PAGE}" />
<input type="hidden" name="returnviewname" value="{$RETURN_VIEW_NAME}" />
<input type="hidden" name="returnsearch_params" value='{ZEND_JSON::encode($RETURN_SEARCH_PARAMS)}' />
<input type="hidden" name="returnsearch_params" value='{Vtiger_Util_Helper::toSafeHTML(ZEND_JSON::encode($RETURN_SEARCH_PARAMS))}' />
<input type="hidden" name="returnsearch_key" value={$RETURN_SEARCH_KEY} />
<input type="hidden" name="returnsearch_value" value={$RETURN_SEARCH_VALUE} />
<input type="hidden" name="returnoperator" value={$RETURN_SEARCH_OPERATOR} />
......
layouts/v7/modules/Vtiger/SelectEmailFields.tpl
+ 1
1
View file @ b363e73e
......@@ -24,7 +24,7 @@
<input type="hidden" name="operator" value="{$OPERATOR}" />
<input type="hidden" name="search_value" value="{$ALPHABET_VALUE}" />
{if $SEARCH_PARAMS}
<input type="hidden" name="search_params" value='{ZEND_JSON::encode($SEARCH_PARAMS)}' />
<input type="hidden" name="search_params" value='{Vtiger_Util_Helper::toSafeHTML(ZEND_JSON::encode($SEARCH_PARAMS))}' />
{/if}
<input type="hidden" name="fieldModule" value={$SOURCE_MODULE} />
<input type="hidden" name="to" value='{ZEND_JSON::encode($TO)}' />
......
layouts/v7/modules/Vtiger/SendSMSForm.tpl
+ 1
1
View file @ b363e73e
......@@ -23,7 +23,7 @@
<input type="hidden" name="search_key" value= "{$SEARCH_KEY}" />
<input type="hidden" name="operator" value="{$OPERATOR}" />
<input type="hidden" name="search_value" value="{$ALPHABET_VALUE}" />
<input type="hidden" name="search_params" value='{ZEND_JSON::encode($SEARCH_PARAMS)}' />
<input type="hidden" name="search_params" value='{Vtiger_Util_Helper::toSafeHTML(ZEND_JSON::encode($SEARCH_PARAMS))}' />
<div class="modal-body">
<div>
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment

Copyright 2023 Vtiger. All rights reserved.