holm/egroupware
1
1
Fork 0
forked from extern/egroupware
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Escape ID field as well, in case there's something special in there too

Browse Source
This commit is contained in:
Nathan Gray 2008-07-02 19:43:50 +00:00
parent 7ae3cc0dda
commit 98eb1f18cc
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
etemplate/inc/class.ajax_select_widget.inc.php
View File

@ -309,8 +309,9 @@
$data = ($query['nextmatch_template']) ? array(1=>$row) : $row;
$widget =& CreateObject('etemplate.etemplate', $query['template']);
$html = addslashes(str_replace("\n", '', $widget->show($data, '', $readonlys)));
$row['id_field'] = htmlspecialchars(addslashes($row[$query['id_field']]));
$row['title'] = htmlspecialchars(addslashes($row['title']));
$response->addScript("add_ajax_result('$result_id', '${row[$query['id_field']]}', '" . $row['title'] . "', '$html');");
$response->addScript("add_ajax_result('$result_id', '${row['id_field']}', '" . $row['title'] . "', '$html');");
$count++;
if($count > $GLOBALS['egw_info']['user']['preferences']['common']['maxmatchs']) {
$response->addScript("add_ajax_result('$result_id', '', '" . lang("%1 more...", (count($result_list) - $count)) . "');");