From 45bba4faa82e6ebee1c3e415be18c5f9f57aa3e4 Mon Sep 17 00:00:00 2001
From: alejandro-campos <alejandro.campos@artica.es>
Date: Thu, 21 Feb 2019 19:00:47 +0100
Subject: [PATCH] fix agent name input

Former-commit-id: 51b7566719392d1cc43ca04a9ec91ae007e73feb
---
 pandora_console/godmode/agentes/agent_manager.php     | 2 +-
 pandora_console/godmode/agentes/configurar_agente.php | 8 ++++----
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/pandora_console/godmode/agentes/agent_manager.php b/pandora_console/godmode/agentes/agent_manager.php
index 059f5fdba6..44ff373089 100644
--- a/pandora_console/godmode/agentes/agent_manager.php
+++ b/pandora_console/godmode/agentes/agent_manager.php
@@ -229,7 +229,7 @@ if (!$new_agent) {
     $table->data[0][1] .= "&nbsp;&nbsp;<span align='right'><a onClick=\"if (!confirm('".__('Are you sure?')."')) return false;\" href='index.php?sec=gagente&sec2=godmode/agentes/modificar_agente&borrar_agente=$id_agente&search=&offset=0&sort_field=&sort=none'>".html_print_image('images/cross.png', true, ['title' => __('Delete agent')]).'</a>';
 }
 
-$table->data[1][0] = __('Alias').ui_print_help_tip(__('Characters /,\,|,%,#,&,$ are not allowed'), true).'</span>';
+$table->data[1][0] = __('Alias').ui_print_help_tip(__('Characters /,\,|,%,#,&,$ will be ignored'), true).'</span>';
 $table->data[1][1] = html_print_input_text('alias', $alias, '', 50, 100, true);
 if ($new_agent) {
     $table->data[1][1] .= html_print_checkbox('alias_as_name', 1, $config['alias_as_name'], true).__('Use alias as name');
diff --git a/pandora_console/godmode/agentes/configurar_agente.php b/pandora_console/godmode/agentes/configurar_agente.php
index 5e68f0140c..4d000e7cb7 100644
--- a/pandora_console/godmode/agentes/configurar_agente.php
+++ b/pandora_console/godmode/agentes/configurar_agente.php
@@ -158,8 +158,8 @@ $module_macros = [];
 // Create agent
 if ($create_agent) {
     $mssg_warning = 0;
-    $alias = trim (preg_replace('/[\/\\\|%#&$-]/', '',
-        html_entity_decode( str_replace('`','&lsquo;',(string) get_parameter_post ("alias", "")))));
+    $alias_safe_output = io_safe_output(get_parameter("alias",""));
+    $alias = io_safe_input(trim (preg_replace('/[\/\\\|%#&$-]/', '', $alias_safe_output)));
     $alias_as_name = (int) get_parameter_post('alias_as_name', 0);
     $direccion_agente = (string) get_parameter_post('direccion', '');
 
@@ -756,8 +756,8 @@ if ($update_agent) {
     $mssg_warning = 0;
     $id_agente = (int) get_parameter_post('id_agente');
     $nombre_agente = str_replace('`', '&lsquo;', (string) get_parameter_post('agente', ''));
-    $alias = trim (preg_replace('/[\/\\\|%#&$-]/', '',
-        html_entity_decode( str_replace('`','&lsquo;',(string) get_parameter_post ("alias", "")))));
+    $alias_safe_output = io_safe_output(get_parameter("alias",""));
+    $alias = io_safe_input(trim (preg_replace('/[\/\\\|%#&$-]/', '', $alias_safe_output)));
     $alias_as_name = (int) get_parameter_post('alias_as_name', 0);
     $direccion_agente = (string) get_parameter_post('direccion', '');
     // safe_output only validate ip