Bug 22781: Does not double filter address

Ho, a bug!
Some fields in the address where double filtered.

Test plan:
Use the evil strings in the address field and do a search, you will see
double html encoded characters without this patch.

Signed-off-by: Liz Rea <wizzyrea@gmail.com>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit ecb12104ffc7284089a1c8134ca8811e99e7419c)
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

diff --git a/koha-tmpl/intranet-tmpl/prog/en/modules/members/tables/members_results.tt b/koha-tmpl/intranet-tmpl/prog/en/modules/members/tables/members_results.tt
index 0020f75..21853df 100644 (file)
--- a/koha-tmpl/intranet-tmpl/prog/en/modules/members/tables/members_results.tt
+++ b/koha-tmpl/intranet-tmpl/prog/en/modules/members/tables/members_results.tt
@@ -42,8 +42,8 @@
 }
 [% BLOCK escape_address %]
 [%~ SET address = data.streetnumber _ ' ' %]
-[%~ IF data.streettype %][% address = address _ AuthorisedValues.GetByCode( 'ROADTYPE', data.streettype ) _ ' ' | html %][% END %]
-[%~ IF data.address %][% address = address _ data.address _ ' ' | html %][% END %]
-[%~ IF data.address2 %][% address = address _ data.address2 _ ' ' | html %][% END %]
-[%~ To.json( address ) | $raw ~%]
+[%~ IF data.streettype %][% SET address = address _ AuthorisedValues.GetByCode( 'ROADTYPE', data.streettype ) _ ' ' %][% END %]
+[%~ IF data.address %][% SET address = address _ data.address _ ' ' %][% END %]
+[%~ IF data.address2 %][% SET address = address _ data.address2 _ ' ' %][% END %]
+[%~ address | html | $To ~%]
 [% END %]

diff --git a/t/db_dependent/selenium/patrons_search.t b/t/db_dependent/selenium/patrons_search.t
index 8ea5f86..5a27e2f 100644 (file)
--- a/t/db_dependent/selenium/patrons_search.t
+++ b/t/db_dependent/selenium/patrons_search.t
@@ -40,13 +40,14 @@ my $builder       = t::lib::TestBuilder->new;
 
 our @cleanup;
 subtest 'Search patrons' => sub {
-    plan tests => 4;
+    plan tests => 5;
 
     my @patrons;
     my $borrowernotes           = q|<strong>just 'a" note</strong> \123 ❤|;
     my $borrowernotes_displayed = q|just 'a" note \123 ❤|;
     my $branchname = q|<strong>just 'another" library</strong> \123 ❤|;
     my $firstname  = q|<strong>fir's"tname</strong> \123 ❤|;
+    my $address    = q|<strong>add'res"s</strong> \123 ❤|;
     my $patron_category = $builder->build_object(
         { class => 'Koha::Patron::Categories', category_type => 'A' } );
     my $library = $builder->build_object(
@@ -63,6 +64,7 @@ subtest 'Search patrons' => sub {
                     categorycode  => $patron_category->categorycode,
                     branchcode    => $library->branchcode,
                     borrowernotes => $borrowernotes,
+                    address       => $address,
                 }
             }
           );
@@ -78,6 +80,9 @@ subtest 'Search patrons' => sub {
     like ($td[2]->get_text, qr[\Q$firstname\E],
         'Column "Name" should be the 3rd and contain the firstname correctly filtered'
     );
+    like ($td[2]->get_text, qr[\Q$address\E],
+        'Column "Name" should be the 3rd and contain the address correctly filtered'
+    );
     is( $td[5]->get_text, $branchname,
         'Column "Library" should be the 6th and contain the html tags - they have been html filtered'
     );