diff --git a/CHANGELOG.md b/CHANGELOG.md index e727db5f4..aafb19784 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,10 @@ + +## [UNRELEASE] + +### Bug Fixes + +* Display special chars + ## [2.13.10](https://github.com/pluginsGLPI/formcreator/compare/2.13.9...2.13.10) (2025-02-26) diff --git a/inc/form.class.php b/inc/form.class.php index 5a314bcef..714d4147d 100644 --- a/inc/form.class.php +++ b/inc/form.class.php @@ -32,6 +32,7 @@ use GlpiPlugin\Formcreator\Exception\ImportFailureException; use GlpiPlugin\Formcreator\Exception\ExportFailureException; use Glpi\Application\View\TemplateRenderer; +use Glpi\Toolbox\Sanitizer; if (!defined('GLPI_ROOT')) { die("Sorry. You can't access this file directly"); @@ -809,11 +810,11 @@ public static function getFormList(int $rootCategory = 0, string $keywords = '', } $formList[] = [ 'id' => $form['id'], - 'name' => htmlspecialchars(__($form['name'], $domain)), + 'name' => htmlspecialchars(Sanitizer::unsanitize(__($form['name'], $domain))), 'icon' => htmlspecialchars($form['icon']), 'icon_color' => htmlspecialchars($form['icon_color']), 'background_color' => htmlspecialchars($form['background_color']), - 'description' => htmlspecialchars(__($form['description'], $domain) ?? ''), + 'description' => htmlspecialchars(Sanitizer::unsanitize(__($form['description'], $domain) ?? '')), 'type' => 'form', 'usage_count' => $form['usage_count'], 'is_default' => $form['is_default'] ? "true" : "false", diff --git a/templates/pages/form.formanswer.html.twig b/templates/pages/form.formanswer.html.twig index d971d1ba5..fa453c9fa 100644 --- a/templates/pages/form.formanswer.html.twig +++ b/templates/pages/form.formanswer.html.twig @@ -54,7 +54,7 @@ {{ row.id }} {{ get_item_link('PluginFormcreatorFormAnswer', row.id) }} - {{ row.form_name }} + {{ row.form_name|verbatim_value }} {{ row.requester_name }} {{ row.request_date }}