From 2dfadf5e93d9695e80f34099b6fc15896dbf4650 Mon Sep 17 00:00:00 2001 From: alaunois Date: Thu, 11 Aug 2022 10:13:37 +0200 Subject: [PATCH] fix(conf) fix encoding in template service listing (#11558) * fix encoding * remove useless function --- .../listServiceTemplateModel.php | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) diff --git a/www/include/configuration/configObject/service_template_model/listServiceTemplateModel.php b/www/include/configuration/configObject/service_template_model/listServiceTemplateModel.php index ebcf25df37f..68ea6f745fb 100644 --- a/www/include/configuration/configObject/service_template_model/listServiceTemplateModel.php +++ b/www/include/configuration/configObject/service_template_model/listServiceTemplateModel.php @@ -49,10 +49,7 @@ $o = ""; -$search = filter_var( - $_POST['searchST'] ?? $_GET['searchST'] ?? $centreon->historySearch[$url]['search'] ?? '', - FILTER_SANITIZE_STRING -); +$search = htmlspecialchars($_POST['searchST'] ?? $_GET['searchST'] ?? $centreon->historySearch[$url]['search'] ?? ''); $displayLocked = filter_var( $_POST['displayLocked'] ?? $_GET['displayLocked'] ?? 'off', @@ -233,11 +230,11 @@ $elemArr[$i] = array( "MenuClass" => "list_" . $style, "RowMenu_select" => $selectedElements->toHtml(), - "RowMenu_desc" => CentreonUtils::escapeSecure($service["service_description"]), - "RowMenu_alias" => CentreonUtils::escapeSecure($service["service_alias"]), - "RowMenu_parent" => CentreonUtils::escapeSecure($tplStr), + "RowMenu_desc" => htmlentities($service["service_description"]), + "RowMenu_alias" => htmlentities($service["service_alias"]), + "RowMenu_parent" => htmlentities($tplStr), "RowMenu_icon" => $svc_icon, - "RowMenu_retry" => CentreonUtils::escapeSecure( + "RowMenu_retry" => htmlentities( "$normal_check_interval $normal_units / $retry_check_interval $retry_units" ), "RowMenu_attempts" => getMyServiceField($service['service_id'], "service_max_check_attempts"),