lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix avoid to trigger sql injection detection

Browse Source
This commit is contained in:
Laurent Destailleur 2020-11-26 23:50:00 +01:00
parent b6640da281
commit 97f6efb079
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
htdocs/core/class/html.form.class.php
View File

@ -6594,7 +6594,7 @@ class Form
var separ = urlBase.indexOf("?") >= 0 ? "&" : "?";
/* console.log("params.term="+params.term); */
/* console.log("params.term encoded="+encodeURIComponent(params.term)); */
saveRemoteData[data.id].url = urlBase + separ + "sall=" + encodeURIComponent(params.term);';
saveRemoteData[data.id].url = urlBase + separ + "sall=" + encodeURIComponent(params.term.replace(/\"/g, ""));';
}
if (!$disableFiltering) {
@ -6625,7 +6625,7 @@ class Form
$.each( saveRemoteData, function( key, value ) {
if (key == selected)
{
console.log("selectArrayAjax - Do a redirect to "+value.url)
console.log("selectArrayFilter - Do a redirect to "+value.url)
location.assign(value.url);
}
});