X-Git-Url: http://wagnertech.de/gitweb/gitweb.cgi/mfinanz.git/blobdiff_plain/2e5f786069ded4f9e72902915ae914f3e67b62fa..c5daa6b42504dbe595de89e23fb83b9862c0ba6d:/SL/OE.pm

diff --git a/SL/OE.pm b/SL/OE.pm
index e37dae47d..326e89c70 100644
--- a/SL/OE.pm
+++ b/SL/OE.pm
@@ -45,6 +45,7 @@ use SL::DB::PeriodicInvoicesConfig;
 use SL::DB::Status;
 use SL::DB::Tax;
 use SL::DBUtils;
+use SL::HTML::Restrict;
 use SL::IC;
 use SL::TransNumber;
 
@@ -330,6 +331,7 @@ sub save {
 
   # connect to database, turn off autocommit
   my $dbh = $form->get_standard_dbh;
+  my $restricter = SL::HTML::Restrict->create;
 
   my ($query, @values, $sth, $null);
   my $exchangerate = 0;
@@ -502,7 +504,7 @@ sub save {
                           (SELECT factor FROM price_factors WHERE id = ?), ?)|;
       push(@values,
            conv_i($orderitems_id), conv_i($form->{id}), conv_i($form->{"id_$i"}),
-           $form->{"description_$i"}, $form->{"longdescription_$i"},
+           $form->{"description_$i"}, $restricter->process($form->{"longdescription_$i"}),
            $form->{"qty_$i"}, $baseqty,
            $fxsellprice, $form->{"discount_$i"},
            $form->{"unit_$i"}, conv_date($reqdate), conv_i($form->{"project_id_$i"}),
@@ -1350,7 +1352,7 @@ sub order_details {
     push(@{ $form->{TEMPLATE_ARRAYS}->{taxnumber} },      $form->{"${item}_taxnumber"});
 
     my $tax_obj     = SL::DB::Manager::Tax->find_by(taxnumber => $form->{"${item}_taxnumber"});
-    my $description = $tax_obj->translated_attribute('taxdescription',  $form->{language_id}, 0) if $tax_obj;
+    my $description = $tax_obj ? $tax_obj->translated_attribute('taxdescription',  $form->{language_id}, 0) : '';
     push(@{ $form->{TEMPLATE_ARRAYS}->{taxdescription} }, $description . q{ } . 100 * $form->{"${item}_rate"} . q{%});
   }