projects
/
koha-ffzg.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Bug 19086: Fix Stored XSS in members/member.pl
[koha-ffzg.git]
/
koha-tmpl
/
intranet-tmpl
/
prog
/
en
/
modules
/
members
/
member.tt
diff --git
a/koha-tmpl/intranet-tmpl/prog/en/modules/members/member.tt
b/koha-tmpl/intranet-tmpl/prog/en/modules/members/member.tt
index
bea3ba6
..
73598d8
100644
(file)
--- a/
koha-tmpl/intranet-tmpl/prog/en/modules/members/member.tt
+++ b/
koha-tmpl/intranet-tmpl/prog/en/modules/members/member.tt
@@
-37,7
+37,6
@@
$(document).ready(function() {
}
});
}
});
- $("#patron_list_dialog").hide();
$("#add_to_patron_list_submit").on('click', function(e){
if ( $('#add_to_patron_list').val() == 'new' ) {
if ( $('#new_patron_list').val() ) {
$("#add_to_patron_list_submit").on('click', function(e){
if ( $('#add_to_patron_list').val() == 'new' ) {
if ( $('#new_patron_list').val() ) {
@@
-116,7
+115,7
@@
var dtMemberResults;
var search = 1;
$(document).ready(function() {
[% IF searchmember %]
var search = 1;
$(document).ready(function() {
[% IF searchmember %]
- $("#searchmember_filter").val("[% searchmember %]");
+ $("#searchmember_filter").val("[% searchmember
| html
%]");
[% END %]
[% IF searchfieldstype %]
$("searchfieldstype_filter").val("[% searchfieldstype %]");
[% END %]
[% IF searchfieldstype %]
$("searchfieldstype_filter").val("[% searchfieldstype %]");
@@
-132,8
+131,9
@@
$(document).ready(function() {
[% END %]
[% IF view != "show_results" %]
[% END %]
[% IF view != "show_results" %]
- $("#searchresults").hide();
search = 0;
search = 0;
+ [% ELSE %]
+ $("#searchresults").show();
[% END %]
// Build the aLengthMenu
[% END %]
// Build the aLengthMenu
@@
-162,6
+162,10
@@
$(document).ready(function() {
// Apply DataTables on the results table
var columns_settings = [% ColumnsSettings.GetColumns( 'members', 'member', 'memberresultst', 'json' ) %];
// Apply DataTables on the results table
var columns_settings = [% ColumnsSettings.GetColumns( 'members', 'member', 'memberresultst', 'json' ) %];
+ [% UNLESS CAN_user_tools_manage_patron_lists %]
+ [%# Remove the first column if we do not display the checkbox %]
+ columns_settings.splice(0, 1);
+ [% END %]
dtMemberResults = KohaTable("#memberresultst", {
'bServerSide': true,
'sAjaxSource': "/cgi-bin/koha/svc/members/search",
dtMemberResults = KohaTable("#memberresultst", {
'bServerSide': true,
'sAjaxSource': "/cgi-bin/koha/svc/members/search",
@@
-353,7
+357,7
@@
function filterByFirstLetterSurname(letter) {
<div id="searchresults">
<div id="searchheader">
<div id="searchresults">
<div id="searchheader">
- <h3>Patrons found for: <span id="searchpattern">[% IF searchmember %] for '[% searchmember %]'[% END %]</span></h3>
+ <h3>Patrons found for: <span id="searchpattern">[% IF searchmember %] for '[% searchmember
| html
%]'[% END %]</span></h3>
</div>
[% IF CAN_user_tools_manage_patron_lists %]
<div id="searchheader">
</div>
[% IF CAN_user_tools_manage_patron_lists %]
<div id="searchheader">