From fcfc1e7307a209bd2a3d0a708e962dbe7b2ae71d Mon Sep 17 00:00:00 2001
From: Romain Quetiez <romain.quetiez@combodo.com>
Date: Mon, 19 May 2014 08:28:39 +0000
Subject: [PATCH] #875 Could not use OQL queries with a double quote in the
 condition

SVN:trunk[3159]
---
 application/webpage.class.inc.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/application/webpage.class.inc.php b/application/webpage.class.inc.php
index 8d7a81e5f..b633cc709 100644
--- a/application/webpage.class.inc.php
+++ b/application/webpage.class.inc.php
@@ -657,7 +657,7 @@ class WebPage implements Page
 		foreach ($aActions as $aAction)
 		{
 			$sClass = isset($aAction['class']) ? " class=\"{$aAction['class']}\"" : "";
-			$sOnClick = isset($aAction['onclick']) ? " onclick=\"{$aAction['onclick']}\"" : "";
+			$sOnClick = isset($aAction['onclick']) ? ' onclick="'.htmlspecialchars($aAction['onclick'], ENT_QUOTES, "UTF-8").'"' : '';
 			$sTarget = isset($aAction['target']) ? " target=\"{$aAction['target']}\"" : "";
 			if (empty($aAction['url']))
 			{