From a683634a058566e116c0a56f1db85ef89d97987f Mon Sep 17 00:00:00 2001
From: Pierre Goiffon <pierre.goiffon@combodo.com>
Date: Mon, 12 Jul 2021 14:41:26 +0200
Subject: [PATCH 1/2] =?UTF-8?q?N=C2=B04126=20Fix=20HTML=20escaped=20in=20\?=
 =?UTF-8?q?SetupUtils::CheckDbServer=20messages=20As=20content=20is=20sent?=
 =?UTF-8?q?=20to=20JS=20returned=20to=20the=20AJAX=20request,=20we=20need?=
 =?UTF-8?q?=20to=20escape=20JS=20string=20delimiter=20(single=20quote)=20W?=
 =?UTF-8?q?e=20had=20previously=20a=20\utils::HtmlEntities=20call,=20but?=
 =?UTF-8?q?=20this=20isn't=20necessary=20as=20all=20content=20is=20generat?=
 =?UTF-8?q?ed=20internally,=20without=20calling=20any=20dict=20or=20extens?=
 =?UTF-8?q?ibility=20interface.?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 setup/setuputils.class.inc.php | 20 +++++++-------------
 1 file changed, 7 insertions(+), 13 deletions(-)

diff --git a/setup/setuputils.class.inc.php b/setup/setuputils.class.inc.php
index 565df2456..a759ee1c1 100644
--- a/setup/setuputils.class.inc.php
+++ b/setup/setuputils.class.inc.php
@@ -1381,30 +1381,24 @@ JS
 						}
 					}
 				}
-				if (count($aErrors) > 0)
-				{
-					$sErrorsToDisplay = utils::HtmlEntities(implode('<br/>', $aErrors));
+				if (count($aErrors) > 0) {
+					$sErrorsToDisplay = str_replace('\'', '\\\'', implode('<br/>', $aErrors));
 					$oPage->add_ready_script('$("#wiz_form").data("db_connection", "error");');
 					$oPage->add_ready_script(
-<<<JS
+						<<<JS
 $("#db_info").html('<div class="message message-error"><span class="message-title">Error:</span>$sErrorsToDisplay</div>');
 JS
 					);
-				}
-				else
-				{
-					if (count($aWarnings) > 0)
-					{
-						$sWarningsToDisplay = utils::HtmlEntities(implode('<br/>', $aWarnings));
+				} else {
+					if (count($aWarnings) > 0) {
+						$sWarningsToDisplay = str_replace('\'', '\\\'', implode('<br/>', $aWarnings));
 						$oPage->add_ready_script('$("#wiz_form").data("db_connection", "");');
 						$oPage->add_ready_script(
 							<<<JS
 $("#db_info").html('<div class="message message-warning"><span class="message-title">Warning:</span>$sWarningsToDisplay</div>');
 JS
 						);
-					}
-					else
-					{
+					} else {
 						$oPage->add_ready_script('$("#wiz_form").data("db_connection", "");');
 						$oPage->add_ready_script(
 							<<<JS

From da217a1cb32a97b6176a5ebea9af511d63726782 Mon Sep 17 00:00:00 2001
From: Molkobain <lajarige.guillaume@free.fr>
Date: Mon, 12 Jul 2021 18:10:22 +0200
Subject: [PATCH 2/2] =?UTF-8?q?N=C2=B04161=20-=20Fix=20ManageBrick=20crash?=
 =?UTF-8?q?=20when=20no=20item=20listed?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../src/Controller/ManageBrickController.php     | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/datamodels/2.x/itop-portal-base/portal/src/Controller/ManageBrickController.php b/datamodels/2.x/itop-portal-base/portal/src/Controller/ManageBrickController.php
index 58d19e62b..c1933372c 100644
--- a/datamodels/2.x/itop-portal-base/portal/src/Controller/ManageBrickController.php
+++ b/datamodels/2.x/itop-portal-base/portal/src/Controller/ManageBrickController.php
@@ -813,15 +813,15 @@ class ManageBrickController extends BrickController
 					'iItemsCount' => $oSet->Count(),
 					'aColumnsDefinition' => $aColumnsDefinition,
 				);
-			}
 
-			IssueLog::Debug('Portal ManageBrick query', LogChannels::PORTAL, array(
-				'sPortalId' => $sPortalId,
-				'sBrickId' => $sBrickId,
-				'sGroupingTab' => $sGroupingTab,
-				'oql' => $oSet->GetFilter()->ToOQL(),
-				'aGroupingTabs' => $aGroupingTabs,
-			));
+				IssueLog::Debug('Portal ManageBrick query', LogChannels::PORTAL, array(
+					'sPortalId' => $sPortalId,
+					'sBrickId' => $sBrickId,
+					'sGroupingTab' => $sGroupingTab,
+					'oql' => $oSet->GetFilter()->ToOQL(),
+					'aGroupingTabs' => $aGroupingTabs,
+				));
+			}
 		} else {
 			$aGroupingAreasData = array();
 			$sGroupingArea = null;