Created
July 6, 2018 02:19
-
-
Save seamuslee001/fca5d9f13dc81e050bb2908fc85bbbec to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- a/civicrm/templates/CRM/Report/Form/Statistics.tpl | |
+++ b/civicrm/templates/CRM/Report/Form/Statistics.tpl | |
@@ -33,13 +33,13 @@ | |
{foreach from=$statistics.groups item=row} | |
<tr> | |
<th class="statistics" scope="row">{$row.title}</th> | |
- <td>{$row.value}</td> | |
+ <td>{$row.value|escape}</td> | |
</tr> | |
{/foreach} | |
{foreach from=$statistics.filters item=row} | |
<tr> | |
<th class="statistics" scope="row">{$row.title}</th> | |
- <td>{$row.value}</td> | |
+ <td>{$row.value|escape}</td> | |
</tr> | |
{/foreach} | |
</table> | |
@@ -53,11 +53,11 @@ | |
<th class="statistics" scope="row">{$row.title}</th> | |
<td> | |
{if $row.type eq 1024} | |
- {$row.value|crmMoney} | |
+ {$row.value|crmMoney|escape} | |
{elseif $row.type eq 2} | |
- {$row.value} | |
+ {$row.value|escape} | |
{else} | |
- {$row.value|crmNumberFormat} | |
+ {$row.value|crmNumberFormat|escape} | |
{/if} | |
</td> | |
diff --git a/wp-content/plugins/civicrm/civicrm/templates/CRM/Report/Form/Tabs/Developer.tpl b/wp-content/plugins/civicrm/civicrm/templates/CRM/Report/Form/Tabs/Developer.tpl | |
index 774f5c7..56225b3 100644 | |
--- a/civicrm/templates/CRM/Report/Form/Tabs/Developer.tpl | |
+++ b/civicrm/templates/CRM/Report/Form/Tabs/Developer.tpl | |
@@ -1,4 +1,4 @@ | |
<div id="report-tab-set-developer" class="civireport-criteria"> | |
<p><b>{ts}Class used{/ts}: {$report_class}</b></p> | |
- <pre>{$sql}</pre> | |
+ <pre>{$sql|escape}</pre> | |
</div> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment