Fix for Bug 5714 - Unescaped ampersands in OPAC facets

In the OPAC the "query_cgi" variable passed to the template
outputs a string like this:

idx=kw&q=thing

The ampersand is unescaped. Adding an "|html" filter to
the variable. Also correcting some TT markup which
added a new validation error (an unopened <div>).

Signed-off-by: Magnus Enger <magnus@enger.priv.no>
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>

diff --git a/koha-tmpl/opac-tmpl/prog/en/includes/opac-facets.inc b/koha-tmpl/opac-tmpl/prog/en/includes/opac-facets.inc
index eac00aa..4931283 100644 (file)
--- a/koha-tmpl/opac-tmpl/prog/en/includes/opac-facets.inc
+++ b/koha-tmpl/opac-tmpl/prog/en/includes/opac-facets.inc
@@ -2,8 +2,9 @@
 [% IF ( facets_loop ) %]
 <div id="search-facets">
 <h4>Refine your search</h4>
+[% query_cgi %]
 <ul>
-       <li>Availability<ul><li>[% IF ( available ) %]Showing only <strong>available</strong> items. <a href="/cgi-bin/koha/opac-search.pl?[% query_cgi %][% limit_cgi_not_availablity %][% IF ( sort_by ) %]&amp;sort_by=[% sort_by %][% END %]">Show all items</a>[% ELSE %]Limit to <a href="/cgi-bin/koha/opac-search.pl?[% query_cgi %][% limit_cgi |html %][% IF ( sort_by ) %]&amp;sort_by=[% sort_by %][% END %]&amp;limit=available">currently available items.</a>[% END %]</li></ul>
+       <li>Availability<ul><li>[% IF ( available ) %]Showing only <strong>available</strong> items. <a href="/cgi-bin/koha/opac-search.pl?[% query_cgi |html %][% limit_cgi_not_availablity %][% IF ( sort_by ) %]&amp;sort_by=[% sort_by %][% END %]">Show all items</a>[% ELSE %]Limit to <a href="/cgi-bin/koha/opac-search.pl?[% query_cgi |html %][% limit_cgi |html %][% IF ( sort_by ) %]&amp;sort_by=[% sort_by %][% END %]&amp;limit=available">currently available items.</a>[% END %]</li></ul>
        [% IF ( related ) %] <li>(related searches: [% FOREACH relate IN related %][% relate.related_search %][% END %])</li>[% END %]
        </li>
        
@@ -18,8 +19,8 @@
 [% IF ( facets_loo.type_label_Libraries ) %]Libraries[% END %]
 [% END %]
 <ul>
-        [% FOREACH facet IN facets_loo.facets %]<li><a href="/cgi-bin/koha/opac-search.pl?[% query_cgi %][% limit_cgi |html %][% IF ( sort_by ) %]&amp;sort_by=[% sort_by %][% END %]&amp;limit=[% facet.type_link_value %]:[% facet.facet_link_value %]" title="[% facet.facet_title_value |html %]">[% facet.facet_label_value %]</a> [% IF ( facet.displayFacetCount ) %]([% facet.facet_count %])[% END %]</li>[% END %][% IF ( facets_loo.expandable ) %]
-        <li class="showmore"><a href="/cgi-bin/koha/opac-search.pl?[% query_cgi %][% limit_cgi |html %][% IF ( sort_by ) %]&amp;sort_by=[% sort_by %][% END %]&amp;offset=[% facets_loo.offset %]&amp;expand=[% facets_loo.expand %]#[% facets_loo.type_id %]">Show More</a></li>
+        [% FOREACH facet IN facets_loo.facets %]<li><a href="/cgi-bin/koha/opac-search.pl?[% query_cgi |html %][% limit_cgi |html %][% IF ( sort_by ) %]&amp;sort_by=[% sort_by %][% END %]&amp;limit=[% facet.type_link_value %]:[% facet.facet_link_value %]" title="[% facet.facet_title_value |html %]">[% facet.facet_label_value %]</a> [% IF ( facet.displayFacetCount ) %]([% facet.facet_count %])[% END %]</li>[% END %][% IF ( facets_loo.expandable ) %]
+        <li class="showmore"><a href="/cgi-bin/koha/opac-search.pl?[% query_cgi |html %][% limit_cgi |html %][% IF ( sort_by ) %]&amp;sort_by=[% sort_by %][% END %]&amp;offset=[% facets_loo.offset %]&amp;expand=[% facets_loo.expand %]#[% facets_loo.type_id %]">Show More</a></li>
 [% END %]
 </ul></li>
 [% END %]

diff --git a/koha-tmpl/opac-tmpl/prog/en/modules/opac-results.tt b/koha-tmpl/opac-tmpl/prog/en/modules/opac-results.tt
index e08e31b..f371db1 100644 (file)
--- a/koha-tmpl/opac-tmpl/prog/en/modules/opac-results.tt
+++ b/koha-tmpl/opac-tmpl/prog/en/modules/opac-results.tt
@@ -499,7 +499,7 @@ $(document).ready(function(){
                                        [% ELSIF ( loop.first ) %]<span class="tagstatus" id="login4tags">Log in to add tags.</span>
                                     [% END %]
                                 [% END %]
-                                    [% IF ( SEARCH_RESULT.TagLoop ) %]
+                                    [% IF ( SEARCH_RESULT.TagLoop.size ) %]
                                     </div>[% END %]
                                 [% END %]
                                 [% END %][% END %]