There are certainly hundred of places where they are not escaped...
Test plan:
Create a patron with "Arun <script>alert('code injection');</script>" in
some of the fields.
Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Brendan Gallagher <brendan@bywatersolutions.com>
<ul class="patronbriefinfo">
[% IF ( patronimages ) %]
[% IF ( picture ) %]
- <li><img src="/cgi-bin/koha/members/patronimage.pl?borrowernumber=[% borrowernumber | uri %]" id="patronimage" alt="[% firstname %] [% surname %] ([% cardnumber %])" style="max-width : 140px; margin: .3em 0 .3em .3em; padding: .2em; border: 1px solid #CCCCCC; width:auto !important; width:130px;" /></li>
+ <li><img src="/cgi-bin/koha/members/patronimage.pl?borrowernumber=[% borrowernumber | uri %]" id="patronimage" alt="[% firstname | html %] [% surname | html %] ([% cardnumber | html %])" style="max-width : 140px; margin: .3em 0 .3em .3em; padding: .2em; border: 1px solid #CCCCCC; width:auto !important; width:130px;" /></li>
[% ELSE %]
- <li id="patronbasics"><img src="[% interface %]/[% theme %]/img/patron-blank.png" alt="[% firstname %] [% surname %] ([% cardnumber %])" style="margin: .3em 0 .3em .3em; padding: .2em; border: 1px solid #CCCCCC;" /></li>
+ <li id="patronbasics"><img src="[% interface %]/[% theme %]/img/patron-blank.png" alt="[% firstname | html %] [% surname | html %] ([% cardnumber | html %])" style="margin: .3em 0 .3em .3em; padding: .2em; border: 1px solid #CCCCCC;" /></li>
[% END %]
[% END %]
[% IF Koha.Preference( 'AddressFormat' ) %]
[% END %]
[% IF ( phone ) %]<li class="patronphone">
- <a href="tel:[% phone %]">[% phone %]</a>
+ <a href="tel:[% phone | url %]">[% phone | html %]</a>
[% ELSE %]
[% IF ( mobile ) %]
- <a href="tel:[% mobile %]">[% mobile %]</a>
+ <a href="tel:[% mobile | url %]">[% mobile | html %]</a>
[% ELSE %]
[% IF ( phonepro ) %]
- <a href="tel:[% phonepro %]">[% phonepro %]</a>
+ <a href="tel:[% phonepro | url %]">[% phonepro | html %]</a>
[% END %]
[% END %]</li>
[% END %]
[% IF ( email ) %]
- <li class="email"> <a href="mailto:[% email %]" title="[% email %]">[% email %]</a></li>
+ <li class="email"> <a href="mailto:[% email | url %]" title="[% email | html %]">[% email | html %]</a></li>
[% ELSE %]
[% IF ( emailpro ) %]
- <li class="email"> <a href="mailto:[% emailpro %]" title="[% emailpro %]">[% emailpro %]</a></li>
+ <li class="email"> <a href="mailto:[% emailpro | url %]" title="[% emailpro | html %]">[% emailpro | html %]</a></li>
[% END %]
[% END %]
<label for="message_type">Add a message for:</label>
<select name="message_type" id="message_type">
<option value="L">Staff - Internal note</option>
- <option value="B">OPAC - [% firstname %] [% surname %]</option>
+ <option value="B">OPAC - [% firstname | html %] [% surname | html %]</option>
</select>
</li>
[% bor_notes = AuthorisedValues.Get( 'BOR_NOTES' ) %]
[%- IF ( borrower.borrowernumber ) %]
[%- IF borrower.category_type == 'I' %]
- [%- borrower.surname %] [% IF borrower.othernames %] ([% borrower.othernames %]) [% END %]
+ [%- borrower.surname | html %] [% IF borrower.othernames %] ([% borrower.othernames | html %]) [% END %]
[%- ELSE %]
[%- IF invert_name %]
- [%- borrower.surname %], [% borrower.firstname %] [% IF borrower.othernames %] ([% borrower.othernames %]) [% END %]
+ [%- borrower.surname | html %], [% borrower.firstname | html %] [% IF borrower.othernames %] ([% borrower.othernames | html %]) [% END %]
[%- ELSE %]
- [%- borrower.firstname %] [% IF borrower.othernames %] ([% borrower.othernames %]) [% END %] [% borrower.surname %]
+ [%- borrower.firstname | html %] [% IF borrower.othernames %] ([% borrower.othernames | html %]) [% END %] [% borrower.surname | html %]
[%- END -%]
[%- END -%]
[%- IF ( borrower.cardnumber ) -%]
- ([% borrower.cardnumber %])
+ ([% borrower.cardnumber | html %])
[%- END %]
[%- ELSIF ( borrowernumber ) %]
[%- IF category_type == 'I' %]
- [%- surname %] [% IF othernames %] ([% othernames %]) [% END %]
+ [%- surname | html %] [% IF othernames %] ([% othernames | html %]) [% END %]
[%- ELSE %]
[%- IF invert_name %]
- [%- surname %], [% firstname %] [% IF othernames %] ([% othernames %]) [% END %]
+ [%- surname | html %], [% firstname | html %] [% IF othernames %] ([% othernames | html %]) [% END %]
[%- ELSE %]
- [%- firstname %] [% IF othernames %] ([% othernames %]) [% END %] [% surname %]
+ [%- firstname | html %] [% IF othernames %] ([% othernames | html %]) [% END %] [% surname | html %]
[%- END %]
[%- END -%]
[%- IF ( cardnumber ) -%]
- ([% cardnumber %])
+ ([% cardnumber | html %])
[%- END %]
[%- END -%]
[% INCLUDE 'patron-search.inc' %]
<div id="breadcrumbs"><a href="/cgi-bin/koha/mainpage.pl">Home</a> › <a href="/cgi-bin/koha/members/members-home.pl">Patrons</a> ›
-[% IF (firstname || surname ) %] <a href="/cgi-bin/koha/members/moremember.pl?borrowernumber=[% borrowernumber %]">[% IF (firstname) %][% firstname %] [% END %][% IF (surname) %][% surname %] [% END %]</a> ›[% END %]
+[% IF (firstname || surname ) %] <a href="/cgi-bin/koha/members/moremember.pl?borrowernumber=[% borrowernumber %]">[% IF (firstname) %][% firstname | html %] [% END %][% IF (surname) %][% surname | html %] [% END %]</a> ›[% END %]
<strong>[% IF ( opadd ) %]Add[% ELSIF ( opduplicate ) %]Duplicate[% ELSE %] Modify[% END %] patron ([%IF ( categoryname ) %][% categoryname %][% ELSE %][% IF ( I ) %]Organization[% END %][% IF ( A ) %]Adult[% END %][% IF ( C ) %]Child[% END %][% IF ( P ) %]Professional[% END %][% IF ( S ) %]Staff[% END %][% END %])</strong>
</div>
[% IF ( opadd ) %]<div id="doc" class="yui-t7">[% ELSE %]<div id="doc3" class="yui-t2">[% END %]
[% INCLUDE 'noadd-warnings.inc' %]
[% UNLESS ( no_add ) %]
- <h1>[% IF ( opadd ) %]Add[% ELSIF ( opduplicate ) %]Duplicate[% ELSE %] Modify[% END %] patron [% IF (firstname) %][% firstname %] [% END %][% IF (surname) %][% surname %] [% END %]([%IF ( categoryname ) %][% categoryname %][% ELSE %][% IF ( I ) %]Organization[% END %][% IF ( A ) %]Adult[% END %][% IF ( C ) %]Child[% END %][% IF ( P ) %]Professional[% END %][% IF ( S ) %]Staff[% END %][% END %])</h1>
+ <h1>[% IF ( opadd ) %]Add[% ELSIF ( opduplicate ) %]Duplicate[% ELSE %] Modify[% END %] patron [% IF (firstname) %][% firstname | html %] [% END %][% IF (surname) %][% surname | html %] [% END %]([%IF ( categoryname ) %][% categoryname %][% ELSE %][% IF ( I ) %]Organization[% END %][% IF ( A ) %]Adult[% END %][% IF ( C ) %]Child[% END %][% IF ( P ) %]Professional[% END %][% IF ( S ) %]Staff[% END %][% END %])</h1>
[% IF quickadd && opadd && !check_member %]
<a href="#" class="toggle_quick_add"><i class="fa fa-plus-square"></i> Show full form</a>
<label for="firstname">
[% END %]
First name: </label>
- <input type="text" id="firstname" name="firstname" size="20" value="[% UNLESS opduplicate %][% firstname %][% END %]" />
+ <input type="text" id="firstname" name="firstname" size="20" value="[% UNLESS opduplicate %][% firstname | html %][% END %]" />
[% IF ( mandatoryfirstname ) %]<span class="required">Required</span>[% END %]
</li>
[% END %]
<label for="initials">
[% END %]
Initials: </label>
- <input type="text" id="initials" name="initials" size="20" value="[% UNLESS opduplicate %][% initials %][% END %]" />
+ <input type="text" id="initials" name="initials" size="20" value="[% UNLESS opduplicate %][% initials | html %][% END %]" />
[% IF ( mandatoryinitials ) %]<span class="required">Required</span>[% END %]
</li>
[% END %]
<label for="othernames">
[% END %]
Other name: </label>
- <input type="text" id="othernames" name="othernames" size="20" value="[% UNLESS opduplicate %][% othernames %][% END %]" />
+ <input type="text" id="othernames" name="othernames" size="20" value="[% UNLESS opduplicate %][% othernames | html %][% END %]" />
[% IF ( mandatoryothernames ) %]<span class="required">Required</span>[% END %]
[% IF ( I ) %]<input type="hidden" name="sex" value="N" />[% END %]
</li>
<label for="contactname">Organization name: </label>
[% IF ( guarantorid ) %]
<span>[% contactname %]</span>
- <input name="contactname" id="contactname" type="hidden" size="20" value="[% contactname %]" />
+ <input name="contactname" id="contactname" type="hidden" size="20" value="[% contactname | html %]" />
[% ELSE %]
- <input name="contactname" id="contactname" type="text" size="20" value="[% contactname %]" />
+ <input name="contactname" id="contactname" type="text" size="20" value="[% contactname | html %]" />
[% END %]
</li>
[% ELSE %]
<label for="contactname">Surname: </label>
[% IF ( guarantorid ) %]
<span>[% contactname %]</span>
- <input name="contactname" id="contactname" type="hidden" size="20" value="[% contactname %]" />
+ <input name="contactname" id="contactname" type="hidden" size="20" value="[% contactname | html %]" />
[% ELSE %]
- <input name="contactname" id="contactname" type="text" size="20" value="[% contactname %]" />
+ <input name="contactname" id="contactname" type="text" size="20" value="[% contactname | html %]" />
[% END %]
</li>
[% END %]
<label for="contactfirstname">First name: </label>
[% IF ( guarantorid ) %]
<span>[% contactfirstname %]</span>
- <input name="contactfirstname" id="contactfirstname" type="hidden" size="20" value="[% contactfirstname %]" />
+ <input name="contactfirstname" id="contactfirstname" type="hidden" size="20" value="[% contactfirstname | html %]" />
[% ELSE %]
- <input name="contactfirstname" id="contactfirstname" type="text" size="20" value="[% contactfirstname %]" />
+ <input name="contactfirstname" id="contactfirstname" type="text" size="20" value="[% contactfirstname | html %]" />
[% END %]
</li>
[% END %]
<label for="phone">
[% END %]
Primary phone: </label>
- <input type="text" id="phone" name="phone" value="[% phone %]" />
+ <input type="text" id="phone" name="phone" value="[% phone | html %]" />
[% IF ( mandatoryphone ) %]<span class="required">Required</span>[% END %]<div class="hint">Shows on transit slips</div>
</li>
<label for="phonepro">
[% END %]
Secondary phone: </label>
- <input type="text" id="phonepro" name="phonepro" value="[% phonepro %]" />
+ <input type="text" id="phonepro" name="phonepro" value="[% phonepro | html %]" />
[% IF ( mandatoryphonepro ) %]<span class="required">Required</span>[% END %]
</li>
[% END %]
<label for="mobile">
[% END %]
Other phone: </label>
- <input type="text" id="mobile" name="mobile" value="[% mobile %]" />
+ <input type="text" id="mobile" name="mobile" value="[% mobile | html %]" />
[% IF ( mandatorymobile ) %]<span class="required">Required</span>[% END %]
</li>
[% END %]
<label for="email">
[% END %]
Primary email: </label>
- <input type="text" id="email" name="email" size="45" value="[% email %]" />
+ <input type="text" id="email" name="email" size="45" value="[% email | html %]" />
[% IF ( mandatoryemail ) %]<span class="required">Required</span>[% END %]<div class="hint">Shows on transit slips</div>
</li>
<label for="emailpro">
[% END %]
Secondary email: </label>
- <input type="text" id="emailpro" name="emailpro" size="45" value="[% emailpro %]" />
+ <input type="text" id="emailpro" name="emailpro" size="45" value="[% emailpro | html %]" />
[% IF ( mandatoryemailpro ) %]<span class="required">Required</span>[% END %]
</li>
[% END %]
<label for="fax">
[% END %]
Fax: </label>
- <input type="text" id="fax" name="fax" value="[% fax %]" />
+ <input type="text" id="fax" name="fax" value="[% fax | html %]" />
[% IF ( mandatoryfax ) %]<span class="required">Required</span>[% END %]
</li>
[% END %]
[% END %]
Card number: </label>
[% IF minlength_cardnumber == maxlength_cardnumber %]
- <input type="text" id="cardnumber" name="cardnumber" size="20" value="[% cardnumber %]" minlength="[% minlength_cardnumber %]" maxlength="[% maxlength_cardnumber %]" />
+ <input type="text" id="cardnumber" name="cardnumber" size="20" value="[% cardnumber | html %]" minlength="[% minlength_cardnumber %]" maxlength="[% maxlength_cardnumber %]" />
[% IF ( mandatorycardnumber ) %]<span class="required">Required</span>[% END %]
<div class="hint">Card number must be exactly [% minlength_cardnumber %] characters.</div>
[% ELSIF minlength_cardnumber && maxlength_cardnumber %]
- <input type="text" id="cardnumber" name="cardnumber" size="20" value="[% cardnumber %]" minlength="[% minlength_cardnumber %]" maxlength="[% maxlength_cardnumber %]" />
+ <input type="text" id="cardnumber" name="cardnumber" size="20" value="[% cardnumber | html %]" minlength="[% minlength_cardnumber %]" maxlength="[% maxlength_cardnumber %]" />
[% IF ( mandatorycardnumber ) %]<span class="required">Required</span>[% END %]
<div class="hint">Card number must be between [% minlength_cardnumber %] and [% maxlength_cardnumber %] characters.</div>
[% ELSIF maxlength_cardnumber %]
- <input type="text" id="cardnumber" name="cardnumber" size="20" value="[% cardnumber %]" maxlength="[% maxlength_cardnumber %]" />
+ <input type="text" id="cardnumber" name="cardnumber" size="20" value="[% cardnumber | html %]" maxlength="[% maxlength_cardnumber %]" />
[% IF ( mandatorycardnumber ) %]<span class="required">Required</span>[% END %]
<div class="hint">Card number can be up to [% maxlength_cardnumber %] characters.</div>
[% ELSE %]
- <input type="text" id="cardnumber" name="cardnumber" size="20" value="[% cardnumber %]" />
+ <input type="text" id="cardnumber" name="cardnumber" size="20" value="[% cardnumber | html %]" />
[% IF ( mandatorycardnumber ) %]<span class="required">Required</span>[% END %]
<div class="hint">There is no minimum or maximum character length.</div>
[% END %]
<label for="opacnote">
[% END %]
OPAC note: </label>
- <textarea id="opacnote" name="opacnote" cols="55" rows="5">[% UNLESS opduplicate %][% opacnote %][% END %]</textarea>
+ <textarea id="opacnote" name="opacnote" cols="55" rows="5">[% UNLESS opduplicate %][% opacnote | html %][% END %]</textarea>
<div class="hint">This message appears on this patron's user page in the OPAC</div>
[% IF ( mandatoryopacnote ) %]<span class="required">Required</span>[% END %]
</li>
<label for="borrowernotes">
[% END %]
Circulation note: </label>
- <textarea id="borrowernotes" name="borrowernotes" cols="55" rows="5">[% UNLESS opduplicate %][% borrowernotes %][% END %]</textarea>
+ <textarea id="borrowernotes" name="borrowernotes" cols="55" rows="5">[% UNLESS opduplicate %][% borrowernotes | html %][% END %]</textarea>
<div class="hint">This message displays when checking out to this patron</div>
[% IF ( mandatoryborrowernotes ) %]<span class="required">Required</span>[% END %]
</li>
[% END %]
<h3>[% UNLESS ( I ) %]
- [% title %] [% firstname %] [% END %] [% surname %] ([% cardnumber %])</h3>
+ [% title | html %] [% firstname | html %] [% END %] [% surname | html %] ([% cardnumber | html %])</h3>
<div class="yui-u first">
<div id="patron-information" style="padding : .5em;">
- [% UNLESS ( I ) %][% IF ( othernames ) %]“[% othernames %]”[% END %]
+ [% UNLESS ( I ) %][% IF ( othernames ) %]“[% othernames | html %]”[% END %]
<div class = "address">
[% IF Koha.Preference( 'AddressFormat' ) %]
<div class="rows">
<ol>
[% IF ( I ) %]
- [% IF ( phonepro ) %]<li><span class="label">Organization phone: </span><a href="tel:[% phonepro %]">[% phonepro %]</a></li>[% END %]
- [% IF ( emailpro ) %]<li class="email"><span class="label">Organization email: </span>[% emailpro %]</li>[% END %]
+ [% IF ( phonepro ) %]<li><span class="label">Organization phone: </span><a href="tel:[% phonepro %]">[% phonepro | html %]</a></li>[% END %]
+ [% IF ( emailpro ) %]<li class="email"><span class="label">Organization email: </span>[% emailpro | html %]</li>[% END %]
[% ELSE %]
- [% IF ( phone ) %]<li><span class="label">Primary phone: </span><a href="tel:[% phone %]">[% phone %]</a></li>[% END %]
- [% IF ( phonepro ) %]<li><span class="label">Secondary phone: </span><a href="tel:[% phonepro %]">[% phonepro %]</a></li>[% END %]
- [% IF ( mobile ) %]<li><span class="label">Other phone: </span><a href="tel:[% mobile %]">[% mobile %]</a></li>[% END %]
+ [% IF ( phone ) %]<li><span class="label">Primary phone: </span><a href="tel:[% phone %]">[% phone | html %]</a></li>[% END %]
+ [% IF ( phonepro ) %]<li><span class="label">Secondary phone: </span><a href="tel:[% phonepro %]">[% phonepro | html %]</a></li>[% END %]
+ [% IF ( mobile ) %]<li><span class="label">Other phone: </span><a href="tel:[% mobile %]">[% mobile | html %]</a></li>[% END %]
[% END %]
[% IF ( P ) %]
- [% IF ( phone ) %]<li><span class="label">Primary phone: </span><a href="tel:[% phone %]">[% phone %]</a></li>[% END %]
- [% IF ( mobile ) %]<li><span class="label">Other phone: </span><a href="tel:[% mobile %]">[% mobile %]</a></li>[% END %]
+ [% IF ( phone ) %]<li><span class="label">Primary phone: </span><a href="tel:[% phone %]">[% phone | html %]</a></li>[% END %]
+ [% IF ( mobile ) %]<li><span class="label">Other phone: </span><a href="tel:[% mobile %]">[% mobile | html %]</a></li>[% END %]
[% END %]
[% IF ( fax ) %]<li><span class="label">Fax: </span>[% fax %]</li>[% END %]
[% UNLESS ( I ) %]
- [% IF ( email ) %]<li class="email"><span class="label">Primary email:</span><a title="[% email %]" href="mailto:[% email %]">[% email %]</a></li>[% END %]
- [% IF ( emailpro ) %]<li class="email"><span class="label">Secondary email: </span><a title="[% emailpro %]" href="mailto:[% emailpro %]">[% emailpro %]</a></li>[% END %]
+ [% IF ( email ) %]<li class="email"><span class="label">Primary email:</span><a title="[% email %]" href="mailto:[% email | url %]">[% email | html %]</a></li>[% END %]
+ [% IF ( emailpro ) %]<li class="email"><span class="label">Secondary email: </span><a title="[% emailpro %]" href="mailto:[% emailpro | url %]">[% emailpro | html %]</a></li>[% END %]
[% END %]
[% IF ( initials ) %]<li><span class="label">Initials: </span>[% initials %]</li>[% END %]
[% IF ( dateofbirth ) %]<li><span class="label">Date of birth:</span>[% dateofbirth | $KohaDates %] ([% age %] years)</li>[% END %]
<span class="label">Guarantees:</span>
<ul>
[% FOREACH guarantee IN guarantees %]
- <li><a href="/cgi-bin/koha/members/moremember.pl?borrowernumber=[% guarantee.borrowernumber %]">[% guarantee.firstname %] [% guarantee.surname %]</a></li>
+ <li><a href="/cgi-bin/koha/members/moremember.pl?borrowernumber=[% guarantee.borrowernumber %]">[% guarantee.firstname | html %] [% guarantee.surname | html %]</a></li>
[% END %]
</ul>
</li>
<li>
<span class="label">Guarantor:</span>
[% IF guarantor.borrowernumber %]
- <a href="/cgi-bin/koha/members/moremember.pl?borrowernumber=[% guarantor.borrowernumber %]">[% guarantor.firstname %] [% guarantor.surname %]</a>
+ <a href="/cgi-bin/koha/members/moremember.pl?borrowernumber=[% guarantor.borrowernumber %]">[% guarantor.firstname | html %] [% guarantor.surname | html %]</a>
[% ELSE %]
- [% guarantor.firstname %] [% guarantor.surname %]
+ [% guarantor.firstname | html %] [% guarantor.surname | html %]
[% END %]
</li>
[% END %]
<fieldset class="brief">
[% IF ( picture ) %]
<legend>Manage patron image</legend>
- <div class="hint">To update the image for [% title %] [% surname %], select a new image file and click 'Upload.' <br />Click the 'Delete' button to remove the current image.
+ <div class="hint">To update the image for [% title | html %] [% surname | html %], select a new image file and click 'Upload.' <br />Click the 'Delete' button to remove the current image.
[% ELSE %]
<legend>Upload patron image</legend>
- <div class="hint">[% title %] [% firstname %] [% surname %] does not currently have an image available. To import an image for [% title %] [% surname %], enter the name of an image file to upload.
+ <div class="hint">[% title %] [% firstname | html %] [% surname | html %] does not currently have an image available. To import an image for [% title %] [% surname | html %], enter the name of an image file to upload.
[% END %]
<br />Only PNG, GIF, JPEG, XPM formats are supported.
</div>
<input type="hidden" id="image" name="filetype" value="image" />
- <input type="hidden" id="cardnumber" name="cardnumber" value="[% cardnumber %]" />
+ <input type="hidden" id="cardnumber" name="cardnumber" value="[% cardnumber | html %]" />
<input type="hidden" name="borrowernumber" value="[% borrowernumber %]" />
<ol>
<li>
<div id="patron-alternative-contact" style="padding-top: 1em;">
<h3>Alternative contact</h3>
- <div class="rows"> <ol><li><span class="label">Surname: </span>[% altcontactsurname %]</li>
- <li><span class="label">First name: </span>[% altcontactfirstname %]</li>
- <li><span class="label">Address: </span>[% altcontactaddress1 %]</li>
- <li><span class="label">Address 2: </span>[% altcontactaddress2 %]</li>
- <li><span class="label">City: </span>[% altcontactaddress3 %]</li>
- [% IF ( altcontactstate ) %]<li><span class="label">State: </span>[% altcontactstate %]</li>[% END %]
- <li><span class="label">ZIP/Postal code: </span>[% altcontactzipcode %]</li>
- [% IF ( altcontactcountry ) %]<li><span class="label">Country: </span>[% altcontactcountry %]</li>[% END %]
- [% IF ( altcontactphone ) %]<li><span class="label">Phone: </span><a href="tel:[% altcontactphone %]">[% altcontactphone %]</a></li>[% END %]
+ <div class="rows"> <ol><li><span class="label">Surname: </span>[% altcontactsurname | html %]</li>
+ <li><span class="label">First name: </span>[% altcontactfirstname | html %]</li>
+ <li><span class="label">Address: </span>[% altcontactaddress1 | html %]</li>
+ <li><span class="label">Address 2: </span>[% altcontactaddress2 | html %]</li>
+ <li><span class="label">City: </span>[% altcontactaddress3 | html %]</li>
+ [% IF ( altcontactstate ) %]<li><span class="label">State: </span>[% altcontactstate | html %]</li>[% END %]
+ <li><span class="label">ZIP/Postal code: </span>[% altcontactzipcode | html %]</li>
+ [% IF ( altcontactcountry ) %]<li><span class="label">Country: </span>[% altcontactcountry | html %]</li>[% END %]
+ [% IF ( altcontactphone ) %]<li><span class="label">Phone: </span><a href="tel:[% altcontactphone | url %]">[% altcontactphone | html %]</a></li>[% END %]
</ol></div>
</div>
<div class="action"><a href="memberentry.pl?op=modify&borrowernumber=[% borrowernumber %]&step=2">Edit</a></div>
projects / koha.git / commitdiff