From 481650b24f8a35e54694ef17e22feee6c42e9169 Mon Sep 17 00:00:00 2001
From: tetragon <tetragon@4979c152-3d1c-0410-bac9-87ea11338e46>
Date: Thu, 18 Oct 2007 20:16:13 +0000
Subject: Add the ampersand to the HTML escape list for parse_template and fix
 1815329.

git-svn-id: https://ledger-smb.svn.sourceforge.net/svnroot/ledger-smb/branches/1.2@1787 4979c152-3d1c-0410-bac9-87ea11338e46
---
 LedgerSMB/Form.pm | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

(limited to 'LedgerSMB/Form.pm')

diff --git a/LedgerSMB/Form.pm b/LedgerSMB/Form.pm
index 9c109b76..c26fcc1f 100755
--- a/LedgerSMB/Form.pm
+++ b/LedgerSMB/Form.pm
@@ -1311,11 +1311,11 @@ sub format_string {
 
     my %replace = (
         'order' => {
-            html => [ '<',  '>', '\n', '\r' ],
+            html => [ '<',  '>', '\n', '\r', '&' ],
             txt  => [ '\n', '\r' ],
             tex  => [
                 quotemeta('\\'), '&', '\n', '\r',
-                '\$',            '%', '_',  '#',
+                quotemeta('$'),  '%', '_',  '#',
                 quotemeta('^'),  '{', '}',  '<',
                 '>',             '£'
             ]
@@ -1323,13 +1323,14 @@ sub format_string {
         html => {
             '<'  => '&lt;',
             '>'  => '&gt;',
+            '&'  => '&amp;',
             '\n' => '<br />',
             '\r' => '<br />'
         },
         txt => { '\n' => "\n", '\r' => "\r" },
         tex => {
             '&'             => '\&',
-            '$'             => '\$',
+            quotemeta('$')  => '\$',
             '%'             => '\%',
             '_'             => '\_',
             '#'             => '\#',
-- 
cgit v1.2.3