ct: db in template escapen

author Sven Schöling <s.schoeling@googlemail.com>

Fri, 26 Nov 2021 09:08:53 +0000 (10:08 +0100)

committer Sven Schöling <s.schoeling@googlemail.com>

Sun, 5 Dec 2021 18:28:14 +0000 (19:28 +0100)
author Sven Schöling <s.schoeling@googlemail.com>
Fri, 26 Nov 2021 09:08:53 +0000 (10:08 +0100)
committer Sven Schöling <s.schoeling@googlemail.com>
Sun, 5 Dec 2021 18:28:14 +0000 (19:28 +0100)
diff --git a/templates/webpages/ct/search.html b/templates/webpages/ct/search.html

index f948b5f..d4d8d7e 100644 (file)
--- a/templates/webpages/ct/search.html
+++ b/templates/webpages/ct/search.html
@@ -116,8 +116,8 @@
          <label for="l_id">[% 'ID' | $T8 %]</label>
         </td>
         <td>
-        <input name="l_[% db %]number" id="l_[% db %]number" type="checkbox" class="checkbox" value="Y" checked>
-        <label for="l_[% db %]number">[% IF IS_CUSTOMER %][% 'Customer Number' | $T8 %][% ELSE %][% 'Vendor Number' | $T8 %][% END %]</label>
+        <input name="l_[% db | html %]number" id="l_[% db | html %]number" type="checkbox" class="checkbox" value="Y" checked>
+        <label for="l_[% db | html %]number">[% IF IS_CUSTOMER %][% 'Customer Number' | $T8 %][% ELSE %][% 'Vendor Number' | $T8 %][% END %]</label>
         </td>
         <td>
          <input name="l_name" id="l_name" type="checkbox" class="checkbox" value="Y" checked>
author	Sven Schöling <s.schoeling@googlemail.com>
	Fri, 26 Nov 2021 09:08:53 +0000 (10:08 +0100)
committer	Sven Schöling <s.schoeling@googlemail.com>
	Sun, 5 Dec 2021 18:28:14 +0000 (19:28 +0100)