In the checkout form, if cached shipping information is found, cached versions of _cartitems.php are placed into javascript via _cartjs.php. If a single quote ( ' ) is present in the output (in the example below, note the apostrophe in "Nixon Men's Outsider Red Watch"), the resulting javascript may be invalid:
This causes all of the javascipt below this line to not execute properly.
A simple fix would be to add addslashes($value) to BaseCheckoutForm.php, line 675, and anywhere else that would be pushing html data into a json object.
In the checkout form, if cached shipping information is found, cached versions of _cartitems.php are placed into javascript via _cartjs.php. If a single quote ( ' ) is present in the output (in the example below, note the apostrophe in "Nixon Men's Outsider Red Watch"), the resulting javascript may be invalid:
This causes all of the javascipt below this line to not execute properly.
A simple fix would be to add addslashes($value) to BaseCheckoutForm.php, line 675, and anywhere else that would be pushing html data into a json object.