From 20984faa66a30b2d9a09977bf3f835a05b0245e1 Mon Sep 17 00:00:00 2001
From: Peter Rotich <peter@enhancesoft.com>
Date: Wed, 27 Nov 2013 01:13:26 +0000
Subject: [PATCH] oops: use text instead of html

---
 include/staff/ticket-edit.inc.php | 4 ++--
 include/staff/ticket-open.inc.php | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/include/staff/ticket-edit.inc.php b/include/staff/ticket-edit.inc.php
index 2ce26ddb5..6294cda92 100644
--- a/include/staff/ticket-edit.inc.php
+++ b/include/staff/ticket-edit.inc.php
@@ -32,8 +32,8 @@ if ($_POST)
                     $.userLookup('ajax.php/tickets/<?php echo $ticket->getId(); ?>/change-user',
                             function(user) {
                                 $('input#user_id').val(user.id);
-                                $('#client-name').html(user.name);
-                                $('#client-email').html('&lt;'+user.email+'&gt;');
+                                $('#client-name').text(user.name);
+                                $('#client-email').text('<'+user.email+'>');
                     });
                     return false;
                 "><i class="icon-edit"></i> Change</a>
diff --git a/include/staff/ticket-open.inc.php b/include/staff/ticket-open.inc.php
index c4f6d2746..a143ebb80 100644
--- a/include/staff/ticket-open.inc.php
+++ b/include/staff/ticket-open.inc.php
@@ -34,7 +34,7 @@ $info=Format::htmlchars(($errors && $_POST)?$_POST:$info);
                         $.userLookup('ajax.php/users/select/'+$('input#uid').val(),
                             function(user) {
                                 $('input#uid').val(user.id);
-                                $('#client-name').html(user.name);
+                                $('#client-name').text(user.name);
                                 $('#client-email').text('<'+user.email+'>');
                         });
                         return false;
-- 
GitLab