composer/iTop
6
0
Fork 0
mirror of https://github.com/Combodo/iTop.git synced 2026-02-13 07:24:13 +01:00
Code Issues Packages Projects Releases Wiki Activity

N°2198 ReloadBlock call and parameter escaping improvements

Browse Source 
Use an anonymous function instead of a string to get rid of a useless level of escaping
Use json_encode instead of addslashes
(many thanks for the tips @bruno-ds !!)
This commit is contained in:
Pierre Goiffon
2019-05-09 10:36:52 +02:00
parent a58529f46c
commit 89d310258b
1 changed files with 8 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
application/displayblock.class.inc.php
View File

@@ -1173,8 +1173,10 @@ EOF
if (($bAutoReload) && ($this->m_sStyle != 'search')) // Search form do NOT auto-reload
{
// Used either for asynchronous or auto_reload
$sFilter = addslashes(str_replace("'", "\'", $this->m_oFilter->serialize()));
$sExtraParams = addslashes(str_replace("'", "\'", json_encode($aExtraParams)));
// does a json_encode twice to get a string usable as function parameter
$sFilterBefore = $this->m_oFilter->serialize();
$sFilter = json_encode($sFilterBefore);
$sExtraParams = json_encode(json_encode($aExtraParams));
$oPage->add_script(
<<<JS
@@ -1184,7 +1186,10 @@ if (typeof window.oAutoReloadBlock == "undefined") {
if (typeof window.oAutoReloadBlock['$sId'] != "undefined") {
clearInterval(window.oAutoReloadBlock['$sId']);
}
window.oAutoReloadBlock['$sId'] = setInterval("ReloadBlock('$sId', '{$this->m_sStyle}', '$sFilter', '$sExtraParams')", '$iReloadInterval');
window.oAutoReloadBlock['$sId'] = setInterval(function() {
ReloadBlock('$sId', '{$this->m_sStyle}', $sFilter, $sExtraParams);
}, '$iReloadInterval');
JS
);
}