From ad2d5dd284dc733a5fbd2a9f60c30fa1b7a0da73 Mon Sep 17 00:00:00 2001
From: Marvin Borner
Date: Sat, 10 Oct 2020 11:37:35 +0200
Subject: Fixed HTML injection and middlename spaces

---
 quotes/public/script.js | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'quotes/public/script.js')

diff --git a/quotes/public/script.js b/quotes/public/script.js
index f8486f9..d848814 100644
--- a/quotes/public/script.js
+++ b/quotes/public/script.js
@@ -11,7 +11,7 @@ function appendOption(response) {
             (response[i - 1 < 0 ? 0 : i - 1]["class_id"] !== elem["class_id"]
                 ? `<option disabled>--${classes[elem["class_id"] - 1]}--</option>`
                 : "") +
-                `<option value="${elem["id"]}">${elem["name"]} ${elem["middlename"] ? elem["middlename"] : " "}${
+                `<option value="${elem["id"]}">${elem["name"]} ${elem["middlename"] ? elem["middlename"] + " " : ""}${
                     elem["surname"]
                 }</option>`,
         );
@@ -24,7 +24,7 @@ function appendQuote(response) {
             .getElementById(elem["class"])
             .insertAdjacentHTML(
                 "beforeend",
-                `<li>${elem["name"]} ${elem["middlename"] ? elem["middlename"] : ""}${elem["surname"]}: ${
+                `<li>${elem["name"]} ${elem["middlename"] ? elem["middlename"] + " " : ""}${elem["surname"]}: ${
                     elem["quote"]
                 }${elem["owner"] ? ' <span data-id="' + elem["id"] + '">[x]</span></li>' : ""}`,
             );
-- 
cgit v1.2.3