Revision: 4842
http://web-erp.svn.sourceforge.net/web-erp/?rev=4842&view=rev
Author: daintree
Date: 2012-01-27 10:14:17 +0000 (Fri, 27 Jan 2012)
Log Message:
-----------
fixed html display from StatusComments POST using htmlentities
Modified Paths:
--------------
trunk/PO_AuthoriseMyOrders.php
Modified: trunk/PO_AuthoriseMyOrders.php
===================================================================
--- trunk/PO_AuthoriseMyOrders.php 2012-01-27 10:12:31 UTC (rev 4841)
+++ trunk/PO_AuthoriseMyOrders.php 2012-01-27 10:14:17 UTC (rev 4842)
@@ -20,7 +20,7 @@
if (mb_substr($key,0,6)=='status') {
$OrderNo=mb_substr($key,6);
$Status=$_POST['status'.$OrderNo];
- $Comment=date($_SESSION['DefaultDateFormat']).' - '._('Authorised by').' <a href="mailto:' . $EmailRow['email'].'">'.$_SESSION['UserID'].'</a><br />' . $_POST['comment'];
+ $Comment=date($_SESSION['DefaultDateFormat']).' - '._('Authorised by').' <a href="mailto:' . $EmailRow['email'].'">'.$_SESSION['UserID'].'</a><br />' . html_entity_decode($_POST['comment'],ENT_QUOTES,'UTF-8');
$sql="UPDATE purchorders
SET status='".$Status."',
stat_comment='".$Comment."',
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
