tyler.durden/opensupports
1
0
Fork 0
mirror of https://github.com/opensupports/opensupports.git synced 2025-07-31 01:35:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

Add htmlentities to department name

Browse Source
This commit is contained in:
Guillermo 2018-01-16 01:26:13 -03:00
parent 3d416f82bd
commit a98d7ecdd1
3 changed files with 12 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
server/controllers/system/add-department.php
View File

@ -33,7 +33,7 @@ class AddDepartmentController extends Controller {
}
public function handler() {
$name = Controller::request('name');
$name = htmlentities(Controller::request('name'));
$departmentInstance = new Department();

4
server/controllers/ticket/create.php
View File

@ -85,8 +85,8 @@ class CreateController extends Controller {
}
public function handler() {
$this->title = Controller::request('title');
$this->content = Controller::request('content', true);
$this->title = htmlentities(Controller::request('title'));
$this->content = htmlentities(Controller::request('content', true));
$this->departmentId = Controller::request('departmentId');
$this->language = Controller::request('language');
$this->email = Controller::request('email');

2
tests/system/add-department.rb
View File

@ -30,7 +30,7 @@ describe'system/add-department' do
row = $database.getRow('department', 5, 'id')
(row['name']).should.equal('<b>new department</b>')
(row['name']).should.equal('&lt;b&gt;new department&lt;/b&gt;')
lastLog = $database.getLastRow('log')
(lastLog['type']).should.equal('ADD_DEPARTMENT')