Skip to content

Commit

Permalink
Escape linked field value in generated JavaScript
Browse files Browse the repository at this point in the history 
If the field values contains a double-quote, the generated JavaScript
will trigger a syntax error.

Fixes #6
  • Loading branch information
@dregad
dregad committed Apr 30, 2022
1 parent 5c22f5c commit 5c944f3
Showing 1 changed file with 2 additions and 1 deletion.
3 changes: 2 additions & 1 deletion pages/bug_page_custom_field_links.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -74,7 +74,8 @@
echo 'linkedFieldValues["'.$t_custom_field_id."\"] = {};\n";

foreach( $t_linked_values as $t_source_value => $t_target_values ) {
echo 'linkedFieldValues["'.$t_custom_field_id.'"]["'. $t_source_value.'"] = ' . JavascriptUtils::toJSArray( $t_target_values ).";\n";
echo 'linkedFieldValues["' . $t_custom_field_id . '"]["' . addslashes( $t_source_value ) . '"] = '
. JavascriptUtils::toJSArray( $t_target_values ).";\n";
}
}
}
Expand Down

0 comments on commit 5c944f3

Please sign in to comment.