From 4b207647db10d1720f0293cdd4e32f282c80c5b5 Mon Sep 17 00:00:00 2001 From: Anand Doshi Date: Tue, 5 Apr 2016 18:34:11 +0530 Subject: [PATCH] [fix] sanitize html of product bundle description --- erpnext/patches.txt | 3 ++- .../v6_20x/update_product_bundle_description.py | 11 +++++++++++ 2 files changed, 13 insertions(+), 1 deletion(-) create mode 100644 erpnext/patches/v6_20x/update_product_bundle_description.py diff --git a/erpnext/patches.txt b/erpnext/patches.txt index efcceb367b..1b9cbe5a3d 100644 --- a/erpnext/patches.txt +++ b/erpnext/patches.txt @@ -257,4 +257,5 @@ erpnext.patches.v6_20x.set_compact_print execute:frappe.delete_doc_if_exists("Web Form", "contact") #2016-03-10 erpnext.patches.v6_20x.remove_fiscal_year_from_holiday_list erpnext.patches.v6_24.map_customer_address_to_shipping_address_on_po -erpnext.patches.v6_27.fix_recurring_order_status \ No newline at end of file +erpnext.patches.v6_27.fix_recurring_order_status +erpnext.patches.v6_20x.update_product_bundle_description diff --git a/erpnext/patches/v6_20x/update_product_bundle_description.py b/erpnext/patches/v6_20x/update_product_bundle_description.py new file mode 100644 index 0000000000..1fac44b001 --- /dev/null +++ b/erpnext/patches/v6_20x/update_product_bundle_description.py @@ -0,0 +1,11 @@ +from __future__ import unicode_literals +import frappe +from frappe.utils import sanitize_html + +def execute(): + for product_bundle in frappe.get_all('Product Bundle'): + doc = frappe.get_doc('Product Bundle', product_bundle.name) + for item in doc.items: + if item.description: + description = sanitize_html(item.description) + item.db_set('description', description, update_modified=False)