From: Moritz Bunkus <m.bunkus@linet-services.de>
Date: Mon, 11 Jan 2016 15:36:24 +0000 (+0100)
Subject: Admin User-Bearbeiten-Maske: JavaScript.escape() nicht als Filter aufrufen
X-Git-Tag: release-3.4.1~469
X-Git-Url: http://wagnertech.de/git?a=commitdiff_plain;h=1f6e513bac22932bb8b204accf3e8389965e4ac0;p=kivitendo-erp.git

Admin User-Bearbeiten-Maske: JavaScript.escape() nicht als Filter aufrufen

Siehe Commit-Nachricht 70654da für die Begründung.
---

diff --git a/templates/webpages/admin/edit_user.html b/templates/webpages/admin/edit_user.html
index 8b3bde11e..34a01a2de 100644
--- a/templates/webpages/admin/edit_user.html
+++ b/templates/webpages/admin/edit_user.html
@@ -173,7 +173,7 @@
   function submit_delete() {
 [% SET used_for_task_server_in_clients = SELF.is_user_used_for_task_server(SELF.user) %]
 [% IF used_for_task_server_in_clients %]
-   alert('[% LxERP.t8('The user cannot be deleted as it is used in the following clients: #1', used_for_task_server_in_clients) | js %]');
+   alert('[% JavaScript.escape(LxERP.t8('The user cannot be deleted as it is used in the following clients: #1', used_for_task_server_in_clients)) %]');
    return false;
 [% ELSE %]
     submit_with_action('delete_user');