Commit 82450039 authored by sikeda's avatar sikeda
Browse files

[bug] tt2::maketext(): Numeric values are occasionally interpolated using...

[bug] tt2::maketext(): Numeric values are occasionally interpolated using inproper format: In many regions period (full stop) is not used for decimal point.
Made tools::sanitize_var() not to modify numeric values.


git-svn-id: https://subversion.renater.fr/sympa/branches/sympa-6.2-branch@10619 05aa8bb8-cd2b-0410-b1d7-8918dfa770ce
parent 3fe6d22d
......@@ -312,6 +312,11 @@ our %cpan_modules = (
'gettext_id' =>
'Used by the bulk.pl daemon to check the number of slave bulks running.',
},
'Scalar::Util' => {
required_version => '1.22',
package_name => 'Scalar-List-Utils',
'gettext_id' => 'set of various subroutines to handle scalar',
},
'SOAP::Lite' => {
required_version => '0.712',
package_name => 'SOAP-Lite',
......
......@@ -37,6 +37,7 @@ use Mail::Header;
use MIME::Lite::HTML;
use POSIX qw(strftime mkfifo strtod);
use Proc::ProcessTable;
use Scalar::Util '1.22'; # looks_like_number() works.
use Sys::Hostname;
use Text::LineFold;
use Time::Local;
......@@ -252,7 +253,10 @@ sub sanitize_var {
);
} elsif (defined $parameters{'var'}->[$index]) {
$parameters{'var'}->[$index] =
escape_html($parameters{'var'}->[$index]);
escape_html($parameters{'var'}->[$index])
unless Scalar::Util::looks_like_number(
$parameters{'var'}->[$index]
); # preserve numeric flags.
}
}
}
......@@ -269,7 +273,10 @@ sub sanitize_var {
unless ($parameters{'htmlAllowedParam'}{$key} or
$parameters{'htmlToFilter'}{$key}) {
$parameters{'var'}->{$key} =
escape_html($parameters{'var'}->{$key});
escape_html($parameters{'var'}->{$key})
unless Scalar::Util::looks_like_number(
$parameters{'var'}->{$key}
); # preserve numeric flags.
}
if ($parameters{'htmlToFilter'}{$key}) {
$parameters{'var'}->{$key} = sanitize_html(
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment