Bug 8171 - Improper escaping of quotes during z39.50 queries leads to broken html

Implementing fix as suggested by Chris Cormack:

http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8171#c4

Signed-off-by: Jared Camins-Esakov <jcamins@cpbibliography.com>
Signed-off-by: Paul Poulain <paul.poulain@biblibre.com>

diff --git a/koha-tmpl/intranet-tmpl/prog/en/modules/cataloguing/z3950_search.tt b/koha-tmpl/intranet-tmpl/prog/en/modules/cataloguing/z3950_search.tt
index 3db24d3..ffd29d2 100644 (file)
--- a/koha-tmpl/intranet-tmpl/prog/en/modules/cataloguing/z3950_search.tt
+++ b/koha-tmpl/intranet-tmpl/prog/en/modules/cataloguing/z3950_search.tt
@@ -91,7 +91,7 @@ tr.selected { background-color : #FFFFCC; } tr.selected td { background-color :
        <div class="yui-g">
     <div class="yui-u first">
            <fieldset class="rows"> 
-                <ol><li><label for="title">Title: </label> <input type="text" id="title"  name="title" value="[% title %]" /></li>
+        <ol><li><label for="title">Title: </label> <input type="text" id="title"  name="title" value="[% title |html %]" /></li>
                 <li><label for="isbn">ISBN/ISSN: </label> <input type="text" id="isbn" name="isbn" value="[% isbn %]" /></li>
         <li><label for="lccall">LC call number: </label> <input type="text" id="lccall" name="lccall" value="" /></li>
         <li><label for="controlnumber">Control no.: </label> <input type="text" id="controlnumber" name="controlnumber" value="" /></li>