diff --git a/app/Controllers/Expenses.php b/app/Controllers/Expenses.php index d36d474a9..258ae1dcf 100644 --- a/app/Controllers/Expenses.php +++ b/app/Controllers/Expenses.php @@ -102,10 +102,6 @@ class Expenses extends Secure_Controller $data['employees'] = []; if ($can_assign_employee) { foreach ($this->employee->get_all()->getResult() as $employee) { - foreach (get_object_vars($employee) as $property => $value) { - $employee->$property = $value; - } - $data['employees'][$employee->person_id] = $employee->first_name . ' ' . $employee->last_name; } } else { diff --git a/app/Views/expenses/form.php b/app/Views/expenses/form.php index 8169cc8a9..64407e8e1 100644 --- a/app/Views/expenses/form.php +++ b/app/Views/expenses/form.php @@ -130,7 +130,7 @@ employee_id, 'id="employee_id" class="form-control"') ?> employee_id) ?> - 'employee_name', 'value' => $employees[$expenses_info->employee_id] ?? '', 'class' => 'form-control', 'readonly' => 'readonly']) ?> + 'employee_name', 'value' => esc($employees[$expenses_info->employee_id] ?? ''), 'class' => 'form-control', 'readonly' => 'readonly']) ?> diff --git a/app/Views/receivings/form.php b/app/Views/receivings/form.php index 561549171..e4c161440 100644 --- a/app/Views/receivings/form.php +++ b/app/Views/receivings/form.php @@ -55,7 +55,7 @@ - 'employee_name', 'value' => $employees[$receiving_info['employee_id']] ?? '', 'class' => 'form-control input-sm', 'readonly' => 'readonly']) ?> + 'employee_name', 'value' => esc($employees[$receiving_info['employee_id']] ?? ''), 'class' => 'form-control input-sm', 'readonly' => 'readonly']) ?>