From 95de2412457a5a711f09067dddac29e1c9401659 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 5 Apr 2021 15:21:17 +0200 Subject: [PATCH] FIx #yogosha5774 --- htdocs/accountancy/admin/categories.php | 2 -- htdocs/core/class/html.formaccounting.class.php | 6 ++++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/htdocs/accountancy/admin/categories.php b/htdocs/accountancy/admin/categories.php index 7bb9d81607f..7e77817ac5c 100644 --- a/htdocs/accountancy/admin/categories.php +++ b/htdocs/accountancy/admin/categories.php @@ -32,9 +32,7 @@ $error = 0; // Load translation files required by the page $langs->loadLangs(array("bills", "accountancy")); -$mesg = ''; $id = GETPOST('id', 'int'); -$rowid = GETPOST('rowid', 'int'); $cancel = GETPOST('cancel', 'alpha'); $action = GETPOST('action', 'aZ09'); $cat_id = GETPOST('account_category', 'int'); diff --git a/htdocs/core/class/html.formaccounting.class.php b/htdocs/core/class/html.formaccounting.class.php index 87706703c23..afbda03be8e 100644 --- a/htdocs/core/class/html.formaccounting.class.php +++ b/htdocs/core/class/html.formaccounting.class.php @@ -275,8 +275,10 @@ class FormAccounting extends Form if ($obj->rowid == $selected) { $out .= ' selected'; } - $out .= '>'.($maxlen ? dol_trunc($obj->type, $maxlen) : $obj->type); - $out .= ' ('.$obj->range_account.')'; + $out .= '>'; + $titletoshow = dol_string_nohtmltag(($maxlen ? dol_trunc($obj->type, $maxlen) : $obj->type).' ('.$obj->range_account.')'); + $out .= dol_escape_htmltag($titletoshow); + $out .= ''; $i++; } $out .= '';