security/core#14 Add output encoding within js

author Sean Madsen <sean@seanmadsen.com>

Sun, 22 Apr 2018 23:06:46 +0000 (19:06 -0400)

committer Tim Otten <totten@civicrm.org>

Wed, 18 Jul 2018 21:55:05 +0000 (14:55 -0700)
author Sean Madsen <sean@seanmadsen.com>
Sun, 22 Apr 2018 23:06:46 +0000 (19:06 -0400)
committer Tim Otten <totten@civicrm.org>
Wed, 18 Jul 2018 21:55:05 +0000 (14:55 -0700)
diff --git a/templates/CRM/Member/Form/Membership.tpl b/templates/CRM/Member/Form/Membership.tpl

index c1831bcdff375fe8012cd1ec6fe17ff334d583f4..5d3bb8eef60114ce5732c0a5abd8cf63c8aa3622 100644 (file)
--- a/templates/CRM/Member/Form/Membership.tpl
+++ b/templates/CRM/Member/Form/Membership.tpl
@@ -398,8 +398,8 @@
        // elsewhere some script determines if there is a paying contact the
        // email should go to instead (e.g gift membership). This should be checked for here
        // and that merged into that code as currently behaviour is inconsistent.
-      var emailExists = '{$emailExists}';
-      var isStandalone = ('{$context}' == 'standalone');
+      var emailExists = {$emailExists|json_encode};
+      var isStandalone = {if $context == 'standalone'}true{else}false{/if};
        var isEmailEnabledForSite = {if $isEmailEnabledForSite}true{else}false{/if};
  
        {literal}
author	Sean Madsen <sean@seanmadsen.com>
	Sun, 22 Apr 2018 23:06:46 +0000 (19:06 -0400)
committer	Tim Otten <totten@civicrm.org>
	Wed, 18 Jul 2018 21:55:05 +0000 (14:55 -0700)