From d72929b12b6247d6e09340e0b3e36695a47c8645 Mon Sep 17 00:00:00 2001
From: miker <miker@dcc99617-32d9-48b4-a31d-7c20da2025e4>
Date: Fri, 15 May 2009 15:25:07 +0000
Subject: [PATCH] avoid regex-izing user supplied strings

git-svn-id: svn://svn.open-ils.org/ILS/trunk@13168 dcc99617-32d9-48b4-a31d-7c20da2025e4
---
 Open-ILS/web/opac/skin/default/js/myopac.js | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/Open-ILS/web/opac/skin/default/js/myopac.js b/Open-ILS/web/opac/skin/default/js/myopac.js
index 2229613e3..f3294d2c0 100644
--- a/Open-ILS/web/opac/skin/default/js/myopac.js
+++ b/Open-ILS/web/opac/skin/default/js/myopac.js
@@ -800,7 +800,8 @@ function _myOPACSummaryShowUer(r) {
     }
 
 	var iv1 = user.ident_value()+'';
-	if (iv1.length > 4) iv1 = iv1.replace(new RegExp(iv1.substring(0,iv1.length - 4)), '***********');
+    if (iv1.length > 4 && iv1.match(/\d{4}/)) iv1 = iv1.substring(0,4) + '***********';
+
 
 	appendClear($('myopac_summary_prefix'),text(user.prefix()));
 	appendClear($('myopac_summary_first'),text(user.first_given_name()));
-- 
2.11.0