Index: lams_monitoring/src/java/org/lamsfoundation/lams/monitoring/web/EmailNotificationsAction.java
===================================================================
diff -u -r1edbb81f16cedfcc1326e4eca6e520b5b48cbddc -r78c30a573fad76cfbaca06810da1ec4f5bf7e6a8
--- lams_monitoring/src/java/org/lamsfoundation/lams/monitoring/web/EmailNotificationsAction.java (.../EmailNotificationsAction.java) (revision 1edbb81f16cedfcc1326e4eca6e520b5b48cbddc)
+++ lams_monitoring/src/java/org/lamsfoundation/lams/monitoring/web/EmailNotificationsAction.java (.../EmailNotificationsAction.java) (revision 78c30a573fad76cfbaca06810da1ec4f5bf7e6a8)
@@ -39,6 +39,8 @@
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
+import org.apache.commons.lang.StringEscapeUtils;
+
import org.apache.struts.action.ActionForm;
import org.apache.struts.action.ActionForward;
import org.apache.struts.action.ActionMapping;
@@ -306,10 +308,10 @@
responcedata.put("total", "" + users.size());
responcedata.put("page", "" + 1);
responcedata.put("records", "" + users.size());
-
+
for (User user : users) {
JSONArray cell=new JSONArray();
- cell.put(user.getFirstName() + " " + user.getLastName() + " [" + user.getLogin() + "]");
+ cell.put(StringEscapeUtils.escapeHtml(user.getFirstName()) + " " + StringEscapeUtils.escapeHtml(user.getLastName()) + " [" + StringEscapeUtils.escapeHtml(user.getLogin()) + "]");
JSONObject cellobj = new JSONObject();
cellobj.put("id", "" + user.getUserId());
Index: lams_monitoring/web/monitor.jsp
===================================================================
diff -u -r15045d0b9b0dbb930f42a9da7757207e7a325341 -r78c30a573fad76cfbaca06810da1ec4f5bf7e6a8
--- lams_monitoring/web/monitor.jsp (.../monitor.jsp) (revision 15045d0b9b0dbb930f42a9da7757207e7a325341)
+++ lams_monitoring/web/monitor.jsp (.../monitor.jsp) (revision 78c30a573fad76cfbaca06810da1ec4f5bf7e6a8)
@@ -138,7 +138,7 @@
|
- ${lesson.lessonDescription}
+
|
@@ -173,7 +173,7 @@
|
- ${lesson.organisationName}
+
|