lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #6440 from GPCsolutions/5.0-escapejsvar

Browse Source 
Fix: [Payments] Properly escape variable for JS
This commit is contained in:
Laurent Destailleur 2017-02-17 17:16:54 +01:00 committed by GitHub
commit cd2f655333
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
htdocs/compta/paiement.php
View File

@ -369,7 +369,7 @@ if ($action == 'create' || $action == 'confirm_paiement' || $action == 'add_paie
}
if ($(\'#fieldchqemetteur\').val() == \'\')
{
var emetteur = ('.$facture->type.' == 2) ? \''.dol_escape_htmltag($conf->global->MAIN_INFO_SOCIETE_NOM).'\' : jQuery(\'#thirdpartylabel\').val();
var emetteur = ('.$facture->type.' == 2) ? \''.dol_escape_js(dol_escape_htmltag($conf->global->MAIN_INFO_SOCIETE_NOM)).'\' : jQuery(\'#thirdpartylabel\').val();
$(\'#fieldchqemetteur\').val(emetteur);
}
}