Apply patch from Galen Charlton to escape email addresses in overdue notices:

"Trivial patch to turn on XML-escaping of e-mail addresses.  '&' is a
rarely used but valid character in email addresses, and failing to
escape makes the overdue notice data file non-well-formed."

git-svn-id: svn://svn.open-ils.org/ILS/trunk@14971 dcc99617-32d9-48b4-a31d-7c20da2025e4

diff --git a/Open-ILS/examples/templates/overdue_combined_xml.example b/Open-ILS/examples/templates/overdue_combined_xml.example
index 04b8735..3388137 100644 (file)
--- a/Open-ILS/examples/templates/overdue_combined_xml.example
+++ b/Open-ILS/examples/templates/overdue_combined_xml.example
@@ -23,7 +23,7 @@
             <addr_city>[% escape_xml(user_addr.city) %]</addr_city>
             <addr_state>[% user_addr.state %]</addr_state>
             <addr_post_code>[% user_addr.post_code %]</addr_post_code>
-            <email>[% user.email %]</email>
+            <email>[% escape_xml(user.email) %]</email>
             <sys_id>[% user.id %]</sys_id>
         </patron>
         <location>
@@ -35,7 +35,7 @@
             <addr_city>[% escape_xml(lib_addr.city) %]</addr_city>
             <addr_state>[% lib_addr.state %]</addr_state>
             <addr_post_code>[% lib_addr.post_code %]</addr_post_code>
-            <email>[% lib.email %]</email>
+            <email>[% escape_xml(lib.email) %]</email>
             <sys_id>[% lib.id %]</sys_id>
         </location>
         [%- FOREACH circ = circ_set.circ_list %]