KTS-2591

"When updating folder permissions for a folder with an & in its name the progresstext appears as '&amp'" Fixed. The message is being htmlentitied for cross-scripting, added a str_replace for the &. Reviewed by: Conrad Vermeulen Committed by: Megan Watson git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@7586 c91229c3-7414-0410-bfa2-8a42b809f60b

KTS-2591
"When updating folder permissions for a folder with an & in its name the progresstext appears as '&amp'" Fixed. The message is being htmlentitied for cross-scripting, added a str_replace for the &. Reviewed by: Conrad Vermeulen Committed by: Megan Watson git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@7586 c91229c3-7414-0410-bfa2-8a42b809f60b
Megan Watson
1 parent 3c732e18
Showing 1 changed file with 12 additions and 10 deletions
lib/documentmanagement/observers.inc.php
@@ -5,32 +5,32 @@
  * KnowledgeTree Open Source Edition
  * Document Management Made Simple
  * Copyright (C) 2004 - 2007 The Jam Warehouse Software (Pty) Limited
- * 
+ *
  * This program is free software; you can redistribute it and/or modify it under
  * the terms of the GNU General Public License version 3 as published by the
  * Free Software Foundation.
- * 
+ *
  * This program is distributed in the hope that it will be useful, but WITHOUT
  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
  * FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more
  * details.
- * 
+ *
  * You should have received a copy of the GNU General Public License
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
- * 
+ *
  * You can contact The Jam Warehouse Software (Pty) Limited, Unit 1, Tramber Place,
  * Blake Street, Observatory, 7925 South Africa. or email info@knowledgetree.com.
- * 
+ *
  * The interactive user interfaces in modified source and object code versions
  * of this program must display Appropriate Legal Notices, as required under
  * Section 5 of the GNU General Public License version 3.
- * 
+ *
  * In accordance with Section 7(b) of the GNU General Public License version 3,
  * these Appropriate Legal Notices must retain the display of the "Powered by
- * KnowledgeTree" logo and retain the original copyright notice. If the display of the 
+ * KnowledgeTree" logo and retain the original copyright notice. If the display of the
  * logo is not reasonably feasible for technical reasons, the Appropriate Legal Notices
- * must display the words "Powered by KnowledgeTree" and retain the original 
- * copyright notice. 
+ * must display the words "Powered by KnowledgeTree" and retain the original
+ * copyright notice.
  * Contributor( s): ______________________________________
  *
  */
@@ -83,7 +83,9 @@ class JavascriptObserver {
             printf('<script language="javascript">kt_add_document_newFile("%s")</script>', $msg->getString());
             return;
         }
-        printf('<script language="javascript">kt_add_document_addMessage("%s")</script>', htmlentities($msg->getString(),ENT_QUOTES,'UTF-8'));
+        $message = htmlentities($msg->getString(),ENT_QUOTES,'UTF-8');
+        $message = str_replace('&amp;', '&', $message);
+        printf('<script language="javascript">kt_add_document_addMessage("%s")</script>', $message);
     }
     function redirectToDocument($id) {