Skip to content

Commit ccfb80f

Browse files
Devika-GLDevika-GL
committed
AC-10528:Fix for Order Invoice Comment
1 parent dcff3c4 commit ccfb80f

File tree

2 files changed

+9
-13
lines changed

2 files changed

+9
-13
lines changed

app/code/Magento/Sales/Helper/Admin.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -201,7 +201,7 @@ public function escapeHtmlWithLinks($data, $allowedTags = null)
201201
$result = mb_decode_numericentity(
202202
// phpcs:ignore Magento2.Functions.DiscouragedFunction
203203
html_entity_decode(
204-
$domDocument->saveHTML(),
204+
htmlentities($domDocument->saveHTML()),
205205
ENT_QUOTES|ENT_SUBSTITUTE,
206206
'UTF-8'
207207
),

app/code/Magento/Sales/view/adminhtml/templates/order/comments/view.phtml

Lines changed: 8 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -5,14 +5,13 @@
55
*/
66

77
/** @var \Magento\Framework\View\Helper\SecureHtmlRenderer $secureRenderer */
8-
/** @var \Magento\Framework\Escaper $escaper */
98
?>
109
<?php if ($_entity = $block->getEntity()): ?>
1110
<div id="comments_block" class="edit-order-comments">
1211
<div class="order-history-block">
1312
<div class="admin__field field-row">
1413
<label class="admin__field-label"
15-
for="history_comment"><?= $escaper->escapeHtml(__('Comment Text')) ?></label>
14+
for="history_comment"><?= $block->escapeHtml(__('Comment Text')) ?></label>
1615
<div class="admin__field-control">
1716
<textarea name="comment[comment]"
1817
class="admin__control-textarea"
@@ -31,7 +30,7 @@
3130
id="history_notify"
3231
value="1" />
3332
<label class="admin__field-label"
34-
for="history_notify"><?= $escaper->escapeHtml(__('Notify Customer by Email')) ?></label>
33+
for="history_notify"><?= $block->escapeHtml(__('Notify Customer by Email')) ?></label>
3534
</div>
3635
<?php endif; ?>
3736
<div class="admin__field admin__field-option">
@@ -41,7 +40,7 @@
4140
class="admin__control-checkbox"
4241
value="1" />
4342
<label class="admin__field-label"
44-
for="history_visible"> <?= $escaper->escapeHtml(__('Visible on Storefront')) ?></label>
43+
for="history_visible"> <?= $block->escapeHtml(__('Visible on Storefront')) ?></label>
4544
</div>
4645
</div>
4746
<div class="order-history-comments-actions">
@@ -60,20 +59,17 @@
6059
<?= /* @noEscape */ $block->formatTime($_comment->getCreatedAt(), \IntlDateFormatter::MEDIUM) ?>
6160
</span>
6261
<span class="note-list-customer">
63-
<?= $escaper->escapeHtml(__('Customer')) ?>
62+
<?= $block->escapeHtml(__('Customer')) ?>
6463
<?php if ($_comment->getIsCustomerNotified()): ?>
65-
<span class="note-list-customer-notified"><?= $escaper->escapeHtml(__('Notified')) ?></span>
64+
<span class="note-list-customer-notified"><?= $block->escapeHtml(__('Notified')) ?></span>
6665
<?php else: ?>
6766
<span class="note-list-customer-not-notified">
68-
<?= $escaper->escapeHtml(__('Not Notified')) ?>
67+
<?= $block->escapeHtml(__('Not Notified')) ?>
6968
</span>
7069
<?php endif; ?>
7170
</span>
7271
<div class="note-list-comment">
73-
<?= /* @noEscape */ nl2br($escaper->escapeHtml(
74-
$_comment->getComment(),
75-
['b', 'br', 'strong', 'i', 'u', 'a']
76-
))?>
72+
<?= $block->escapeHtml($_comment->getComment(), ['b', 'br', 'strong', 'i', 'u', 'a']) ?>
7773
</div>
7874
</li>
7975
<?php endforeach; ?>
@@ -82,7 +78,7 @@
8278
<?php $scriptString = <<<script
8379
require(['prototype'], function(){
8480
submitComment = function() {
85-
submitAndReloadArea($('comments_block').parentNode, '{$escaper->escapeJs($block->getSubmitUrl())}')
81+
submitAndReloadArea($('comments_block').parentNode, '{$block->escapeJs($block->getSubmitUrl())}')
8682
};
8783
if ($('submit_comment_button')) {
8884
$('submit_comment_button').observe('click', submitComment);

0 commit comments

Comments
 (0)