From: dbs <dbs@dcc99617-32d9-48b4-a31d-7c20da2025e4>
Date: Thu, 19 Nov 2009 16:14:42 +0000 (+0000)
Subject: Apply patch from Galen Charlton to escape email addresses in overdue notices:
X-Git-Url: https://old-git.evergreen-ils.org/?a=commitdiff_plain;h=29095f5bc9b7d99dbb815556c22aefe760ded24e;p=contrib%2FConifer.git

Apply patch from Galen Charlton to escape email addresses in overdue notices:

"Trivial patch to turn on XML-escaping of e-mail addresses.  '&' is a
rarely used but valid character in email addresses, and failing to
escape makes the overdue notice data file non-well-formed."


git-svn-id: svn://svn.open-ils.org/ILS/trunk@14971 dcc99617-32d9-48b4-a31d-7c20da2025e4
---

diff --git a/Open-ILS/examples/templates/overdue_combined_xml.example b/Open-ILS/examples/templates/overdue_combined_xml.example
index 04b8735483..3388137b6f 100644
--- a/Open-ILS/examples/templates/overdue_combined_xml.example
+++ b/Open-ILS/examples/templates/overdue_combined_xml.example
@@ -23,7 +23,7 @@
             <addr_city>[% escape_xml(user_addr.city) %]</addr_city>
             <addr_state>[% user_addr.state %]</addr_state>
             <addr_post_code>[% user_addr.post_code %]</addr_post_code>
-            <email>[% user.email %]</email>
+            <email>[% escape_xml(user.email) %]</email>
             <sys_id>[% user.id %]</sys_id>
         </patron>
         <location>
@@ -35,7 +35,7 @@
             <addr_city>[% escape_xml(lib_addr.city) %]</addr_city>
             <addr_state>[% lib_addr.state %]</addr_state>
             <addr_post_code>[% lib_addr.post_code %]</addr_post_code>
-            <email>[% lib.email %]</email>
+            <email>[% escape_xml(lib.email) %]</email>
             <sys_id>[% lib.id %]</sys_id>
         </location>
         [%- FOREACH circ = circ_set.circ_list %]