projects / koha.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Bug 13618: Add html filters to all the variables
[koha.git] / koha-tmpl / intranet-tmpl / prog / en / modules / members / apikeys.tt
diff --git a/koha-tmpl/intranet-tmpl/prog/en/modules/members/apikeys.tt b/koha-tmpl/intranet-tmpl/prog/en/modules/members/apikeys.tt
index e615ba0..3307a31 100644 (file)
--- a/koha-tmpl/intranet-tmpl/prog/en/modules/members/apikeys.tt
+++ b/koha-tmpl/intranet-tmpl/prog/en/modules/members/apikeys.tt
@@ -1,3 +1,4 @@
+[% USE raw %]
 [% USE Koha %]
 [% USE Asset %]
 [% SET footerjs = 1 %]
@@ -25,8 +26,8 @@
 
                 <h1>API keys for [% INCLUDE 'patron-title.inc' %]</h1>
                 <form id="add-api-key" action="/cgi-bin/koha/members/apikeys.pl" method="post" style="display:none">
-                    <input type="hidden" name="patron_id" value="[% patron.id %]" />
-                    <input type="hidden" name="csrf_token" value="[% csrf_token %]" />
+                    <input type="hidden" name="patron_id" value="[% patron.id | html %]" />
+                    <input type="hidden" name="csrf_token" value="[% csrf_token | html %]" />
                     <input type="hidden" name="op" value="generate" />
                     <fieldset class="brief">
                         <legend>Generate new client id/secret pair</legend>
@@ -59,22 +60,22 @@
                             <tbody>
                                 [% FOREACH key IN api_keys %]
                                     <tr>
-                                        <td>[% key.description %]</td>
-                                        <td>[% key.client_id %]</td>
-                                        <td>[% key.secret %]</td>
+                                        <td>[% key.description | html %]</td>
+                                        <td>[% key.client_id | html %]</td>
+                                        <td>[% key.secret | html %]</td>
                                         <td>[% IF key.active %]Yes[% ELSE %]No[% END %]</td>
                                         <td>
                                             <form action="/cgi-bin/koha/members/apikeys.pl" method="post">
-                                                <input type="hidden" name="patron_id" value="[% patron.id %]" />
-                                                <input type="hidden" name="key" value="[% key.id %]" />
-                                                <input type="hidden" name="csrf_token" value="[% csrf_token %]" />
+                                                <input type="hidden" name="patron_id" value="[% patron.id | html %]" />
+                                                <input type="hidden" name="key" value="[% key.id | html %]" />
+                                                <input type="hidden" name="csrf_token" value="[% csrf_token | html %]" />
                                                 <input type="hidden" name="op" value="delete" />
                                                 <button class="btn btn-default btn-xs delete" type="submit"><i class="fa fa-trash"></i> Delete</button>
                                             </form>
                                             <form action="/cgi-bin/koha/members/apikeys.pl" method="post">
-                                                <input type="hidden" name="patron_id" value="[% patron.id %]" />
-                                                <input type="hidden" name="key" value="[% key.id %]" />
-                                                <input type="hidden" name="csrf_token" value="[% csrf_token %]" />
+                                                <input type="hidden" name="patron_id" value="[% patron.id | html %]" />
+                                                <input type="hidden" name="key" value="[% key.id | html %]" />
+                                                <input type="hidden" name="csrf_token" value="[% csrf_token | html %]" />
                                                 [% IF key.active %]
                                                     <input type="hidden" name="op" value="revoke" />
                                                     <button class="btn btn-default btn-xs" type="submit"><i class="fa fa-remove"></i> Revoke</button>
@@ -101,7 +102,7 @@
 
 [% MACRO jsinclude BLOCK %]
     [% INCLUDE 'str/members-menu.inc' %]
-    [% Asset.js("js/members-menu.js") %]
+    [% Asset.js("js/members-menu.js") | $raw %]
     <script>
         $(document).ready(function(){
             $(".delete").on("click", function(e){
Koha ILS @ FFZG - based on git://git.koha.org/pub/scm/koha.git