Bug 22781: Correctly filter the emails

Ho, another bug!

The email was not correctly filtered.

Test plan:
Use the evil string for an email, do a search.
=> Notice that without this patch the results never show up

Signed-off-by: Liz Rea <wizzyrea@gmail.com>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit 5410186f6829fc4b74a845e8954bd7eea3f19862)
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Liz Rea <liz@bywatersolutions.com>

diff --git a/koha-tmpl/intranet-tmpl/prog/en/modules/members/tables/members_results.tt b/koha-tmpl/intranet-tmpl/prog/en/modules/members/tables/members_results.tt
index 759b730..cd49a3d 100644 (file)
--- a/koha-tmpl/intranet-tmpl/prog/en/modules/members/tables/members_results.tt
+++ b/koha-tmpl/intranet-tmpl/prog/en/modules/members/tables/members_results.tt
@@ -16,7 +16,7 @@
                 "dt_cardnumber":
                     "[% data.cardnumber | html | $To %]",
                 "dt_name":
-                    "<a href=\"/cgi-bin/koha/members/moremember.pl?borrowernumber=[% data.borrowernumber | html %]\" class=\"patron_preview\" data-borrowernumber=\"[% data.borrowernumber | html %]\" style='white-space:nowrap'>[% INCLUDE 'patron-title.inc' borrowernumber = data.borrowernumber category_type = data.category_type firstname = data.firstname surname = data.surname othernames = data.othernames invert_name = 1 | $To %]</a><br />[% INCLUDE escape_address data = data %][% IF data.email %]<br/>Email: <a href='mailto:[% data.email | html %]'>[% data.email | html %]</a>[% END %]",
+                    "<a href=\"/cgi-bin/koha/members/moremember.pl?borrowernumber=[% data.borrowernumber | html %]\" class=\"patron_preview\" data-borrowernumber=\"[% data.borrowernumber | html %]\" style='white-space:nowrap'>[% INCLUDE 'patron-title.inc' borrowernumber = data.borrowernumber category_type = data.category_type firstname = data.firstname surname = data.surname othernames = data.othernames invert_name = 1 | $To %]</a><br />[% INCLUDE escape_address data = data %][% IF data.email %]<br/>Email: <a href='mailto:[% data.email | html | $To %]'>[% data.email | html | $To %]</a>[% END %]",
     "dt_dateofbirth":
         "[% data.dateofbirth | $KohaDates %]",
                 "dt_category":

diff --git a/t/db_dependent/selenium/patrons_search.t b/t/db_dependent/selenium/patrons_search.t
index 5a27e2f..fa5344d 100644 (file)
--- a/t/db_dependent/selenium/patrons_search.t
+++ b/t/db_dependent/selenium/patrons_search.t
@@ -40,7 +40,7 @@ my $builder       = t::lib::TestBuilder->new;
 
 our @cleanup;
 subtest 'Search patrons' => sub {
-    plan tests => 5;
+    plan tests => 6;
 
     my @patrons;
     my $borrowernotes           = q|<strong>just 'a" note</strong> \123 ❤|;
@@ -48,6 +48,7 @@ subtest 'Search patrons' => sub {
     my $branchname = q|<strong>just 'another" library</strong> \123 ❤|;
     my $firstname  = q|<strong>fir's"tname</strong> \123 ❤|;
     my $address    = q|<strong>add'res"s</strong> \123 ❤|;
+    my $email      = q|a<strong>bad_email</strong>@example\123 ❤.com|;
     my $patron_category = $builder->build_object(
         { class => 'Koha::Patron::Categories', category_type => 'A' } );
     my $library = $builder->build_object(
@@ -65,6 +66,7 @@ subtest 'Search patrons' => sub {
                     branchcode    => $library->branchcode,
                     borrowernotes => $borrowernotes,
                     address       => $address,
+                    email         => $email,
                 }
             }
           );
@@ -83,6 +85,9 @@ subtest 'Search patrons' => sub {
     like ($td[2]->get_text, qr[\Q$address\E],
         'Column "Name" should be the 3rd and contain the address correctly filtered'
     );
+    like ($td[2]->get_text, qr[\Q$email\E],
+        'Column "Name" should be the 3rd and contain the email address correctly filtered'
+    );
     is( $td[5]->get_text, $branchname,
         'Column "Library" should be the 6th and contain the html tags - they have been html filtered'
     );