Skip to content

Commit

Permalink
Fix: js not escaped
Browse files Browse the repository at this point in the history
  • Loading branch information
@eldy
eldy committed May 30, 2012
1 parent fd95659 commit 92fe8eb
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions htdocs/core/class/html.form.class.php
View file
Expand Up @@ -2262,9 +2262,9 @@ function formconfirm($page, $title, $question, $action, $formquestion='', $selec
});
//alert(options);
}
location.href=\''.$pageyes.'\' + options;
location.href=\''.dol_escape_js($pageyes).'\' + options;
}
'.($pageno?'if (choice == \'ko\') location.href=\''.$pageno.'\';':'').'
'.($pageno?'if (choice == \'ko\') location.href=\''.dol_escape_js($pageno).'\';':'').'
},
buttons: {
\''.dol_escape_js($langs->transnoentities("Yes")).'\': function() {
Expand Down

0 comments on commit 92fe8eb

Please sign in to comment.