Escape quotes in user names

This commit is contained in:
Nathan Gray 2011-03-09 18:45:08 +00:00
parent 8104bd46c4
commit 17f00ad134

View File

@ -443,7 +443,7 @@ function addOption(id,label,value,do_onchange)
$link_data['group_id'] = $group['account_id'];
$GLOBALS['egw']->template->set_var('onclick',"addOption('$element_id','".
common::grab_owner_name($group['account_id'])."','$group[account_id]',".(int)($multiple==1).")".
addslashes(common::grab_owner_name($group['account_id']))."','$group[account_id]',".(int)($multiple==1).")".
(!$multiple ? '; window.close()' : ''));
if (!$app || in_array($group['account_id'],$app_groups))
@ -456,7 +456,7 @@ function addOption(id,label,value,do_onchange)
{
$GLOBALS['egw']->template->fp('cal','group_cal',True);
$GLOBALS['egw']->template->set_var('js_addAllGroups',"addOption('$element_id','".
common::grab_owner_name($group['account_id'])."','$group[account_id]',".(int)($multiple==1).")".
addslashes(common::grab_owner_name($group['account_id']))."','$group[account_id]',".(int)($multiple==1).")".
(!$multiple ? '; window.close();' : ';'));
$GLOBALS['egw']->template->fp('selectAllGroups','group_selectAll',True);
}
@ -520,12 +520,12 @@ function addOption(id,label,value,do_onchange)
'firstname' => $user['account_firstname'] ? $user['account_firstname'] : ' ',
'lastname' => $user['account_lastname'] ? $user['account_lastname'] : ' ',
'onclick' => "addOption('$element_id','".
common::grab_owner_name($user['account_id'])."','$user[account_id]',".(int)($multiple==1).")".
addslashes(common::grab_owner_name($user['account_id']))."','$user[account_id]',".(int)($multiple==1).")".
(!$multiple ? '; window.close()' : ''),
));
$GLOBALS['egw']->template->fp('list','accounts_list',True);
$GLOBALS['egw']->template->set_var('js_addAllAccounts',"addOption('$element_id','".
common::grab_owner_name($user['account_id'])."','$user[account_id]',".(int)($multiple==1).")".
addslashes(common::grab_owner_name($user['account_id']))."','$user[account_id]',".(int)($multiple==1).")".
(!$multiple ? '; window.close()' : ';'));
$GLOBALS['egw']->template->fp('selectAllAccounts','accounts_selectAll',True);
}