[ofbiz-framework] branch release17.12 updated: Fixed: Handle special characters like single quote in Freemarker template (prevent encoding) (OFBIZ-12029)
Locked
[ofbiz-framework] branch release17.12 updated: Fixed: Handle special characters like single quote in Freemarker template (prevent encoding) (OFBIZ-12029)
 
|
This is an automated email from the ASF dual-hosted git repository.
jleroux pushed a commit to branch release17.12 in repository https://gitbox.apache.org/repos/asf/ofbiz-framework.git The following commit(s) were added to refs/heads/release17.12 by this push: new 4925d81 Fixed: Handle special characters like single quote in Freemarker template (prevent encoding) (OFBIZ-12029) 4925d81 is described below commit 4925d81d07a3f73a3ad43673f4130c8d148bcf87 Author: Jacques Le Roux <[hidden email]> AuthorDate: Tue Nov 10 11:09:46 2020 +0100 Fixed: Handle special characters like single quote in Freemarker template (prevent encoding) (OFBIZ-12029) A such case was reported by Amit Gadaley at https://markmail.org/message/ybyjkngdiwrywut6 The solution is to use StringUtil.wrapString() to prevent encoding. --- applications/order/template/entry/SplitShip.ftl | 4 ++-- applications/order/template/entry/cart/MiniCart.ftl | 6 +++--- applications/order/template/entry/cart/ShowCartItems.ftl | 8 ++++---- 3 files changed, 9 insertions(+), 9 deletions(-) diff --git a/applications/order/template/entry/SplitShip.ftl b/applications/order/template/entry/SplitShip.ftl index 75b3e04..c84601a 100644 --- a/applications/order/template/entry/SplitShip.ftl +++ b/applications/order/template/entry/SplitShip.ftl @@ -185,7 +185,7 @@ function submitForm(form, mode, value) { </#if> <#-- end code to display a small image of the product --> <a href="<@ofbizUrl>product?product_id=${cartLine.getProductId()}</@ofbizUrl>" class="buttontext">${cartLine.getProductId()} - - ${cartLine.getName(dispatcher)!}</a> : ${cartLine.getDescription(dispatcher)!} + ${StringUtil.wrapString(cartLine.getName(dispatcher))!}</a> : ${StringUtil.wrapString(cartLine.getDescription(dispatcher))!} <#-- display the registered ship groups and quantity --> <#assign itemShipGroups = cart.getShipGroups(cartLine)> @@ -205,7 +205,7 @@ function submitForm(form, mode, value) { <#else> <#-- this is a non-product item --> - <b>${cartLine.getItemTypeDescription()!}</b> : ${cartLine.getName(dispatcher)!} + <b>${StringUtil.wrapString(cartLine.getItemTypeDescription())!}</b> : ${StringUtil.wrapString(cartLine.getName(dispatcher))!} </#if> </div> diff --git a/applications/order/template/entry/cart/MiniCart.ftl b/applications/order/template/entry/cart/MiniCart.ftl index 0dba056..72a224b 100644 --- a/applications/order/template/entry/cart/MiniCart.ftl +++ b/applications/order/template/entry/cart/MiniCart.ftl @@ -60,12 +60,12 @@ under the License. <td> <#if cartLine.getProductId()??> <#if cartLine.getParentProductId()??> - <a href="<@ofbizCatalogAltUrl productId=cartLine.getParentProductId()/>" class="linktext">${cartLine.getName(dispatcher)}</a> + <a href="<@ofbizCatalogAltUrl productId=cartLine.getParentProductId()/>" class="linktext">${StringUtil.wrapString(cartLine.getName(dispatcher))}</a> <#else> - <a href="<@ofbizCatalogAltUrl productId=cartLine.getProductId()/>" class="linktext">${cartLine.getName(dispatcher)}</a> + <a href="<@ofbizCatalogAltUrl productId=cartLine.getProductId()/>" class="linktext">${StringUtil.wrapString(cartLine.getName(dispatcher))}</a> </#if> <#else> - <strong>${cartLine.getItemTypeDescription()!}</strong> + <strong>${StringUtil.wrapString(cartLine.getItemTypeDescription())!}</strong> </#if> </td> <td><@ofbizCurrency amount=cartLine.getDisplayItemSubTotal() isoCode=shoppingCart.getCurrency()/></td> diff --git a/applications/order/template/entry/cart/ShowCartItems.ftl b/applications/order/template/entry/cart/ShowCartItems.ftl index f9004fe..39d942c 100644 --- a/applications/order/template/entry/cart/ShowCartItems.ftl +++ b/applications/order/template/entry/cart/ShowCartItems.ftl @@ -80,8 +80,8 @@ under the License. <#if cartLine.getProductId()??> <#-- product item --> <a href="<@ofbizUrl>product?product_id=${cartLine.getProductId()}</@ofbizUrl>" class="buttontext">${cartLine.getProductId()}</a> - - <input size="60" type="text" name="description_${cartLineIndex}" value="${cartLine.getName(dispatcher)?default("")}"/><br /> - <i>${cartLine.getDescription(dispatcher)!}</i> + <input size="60" type="text" name="description_${cartLineIndex}" value="${StringUtil.wrapString(cartLine.getName(dispatcher))?default("")}"/><br /> + <i>${StringUtil.wrapString(cartLine.getDescription(dispatcher))!}</i> <#if shoppingCart.getOrderType() != "PURCHASE_ORDER"> <#-- only applies to sales orders, not purchase orders --> <#-- if inventory is not required check to see if it is out of stock and needs to have a message shown about that... --> @@ -93,7 +93,7 @@ under the License. </#if> <#else> <#-- this is a non-product item --> - <b>${cartLine.getItemTypeDescription()!}</b> : ${cartLine.getName(dispatcher)!} + <b>${StringUtil.wrapString(StringUtil.wrapString(cartLine.getItemTypeDescription()))!}</b> : ${StringUtil.wrapString(cartLine.getName(dispatcher))!} </#if> <#-- display the item's features --> <#assign features = ""> @@ -132,7 +132,7 @@ under the License. </#if> <#if cartLine.getItemComment()?has_content> <tr><td><div>${uiLabelMap.CommonComment} : </div></td> - <td><div><input size="60" type="text" name="comment_${cartLineIndex}" value="${cartLine.getItemComment()?default("")}"/><br /></div></td> + <td><div><input size="60" type="text" name="comment_${cartLineIndex}" value="${StringUtil.wrapString(cartLine.getItemComment())?default("")}"/><br /></div></td> </tr> </#if> <#if cartLine.getDesiredDeliveryDate()?has_content> |
«
Return to OFBiz - Commits
|
1 view|%1 views
| Free forum by Nabble | Edit this page |