From 464a611d8d5dbef8c3d62320f7b89e6c4ffaab53 Mon Sep 17 00:00:00 2001 From: Gehad elrobey Date: Mon, 2 Jun 2014 20:10:54 +0300 Subject: HTML: Better quoting to the export strings Move the quote function to membuffer.c and adding wrappers that call it from both xml and html exporters to get rid of redundancy. Quote the location, buddy, suit, tags and notes This prevents js code from crashing. [Miika Turkia: minor whitespace and code fix] Signed-off-by: Gehad elrobey Signed-off-by: Miika Turkia Signed-off-by: Dirk Hohndel --- membuffer.c | 56 +++++++++++++++++++++++++++++++++++++++++++++-- membuffer.h | 1 + save-html.c | 67 +++++++++++---------------------------------------------- save-html.h | 4 +--- save-xml.c | 45 ++------------------------------------ worldmap-save.c | 4 +++- 6 files changed, 73 insertions(+), 104 deletions(-) diff --git a/membuffer.c b/membuffer.c index 82816ece6..c8a06662f 100644 --- a/membuffer.c +++ b/membuffer.c @@ -96,7 +96,7 @@ void put_vformat(struct membuffer *b, const char *fmt, va_list args) return; } - room = len+1; + room = len + 1; } } @@ -174,5 +174,57 @@ void put_degrees(struct membuffer *b, degrees_t value, const char *pre, const ch udeg = -udeg; sign = "-"; } - put_format(b,"%s%s%u.%06u%s", pre, sign, FRACTION(udeg, 1000000), post); + put_format(b, "%s%s%u.%06u%s", pre, sign, FRACTION(udeg, 1000000), post); +} + +void put_quoted(struct membuffer *b, const char *text, int is_attribute, int is_html) +{ + const char *p = text; + + for (;;) { + const char *escape; + + switch (*p++) { + default: + continue; + case 0: + escape = NULL; + break; + case 1 ... 8: + case 11: + case 12: + case 14 ... 31: + escape = "?"; + break; + case '<': + escape = "<"; + break; + case '>': + escape = ">"; + break; + case '&': + escape = "&"; + break; + case '\'': + if (!is_attribute) + continue; + escape = "'"; + break; + case '\"': + if (!is_attribute) + continue; + escape = """; + break; + case '\n': + if (!is_html) + continue; + else + escape = "
"; + } + put_bytes(b, text, (p - text - 1)); + if (!escape) + break; + put_string(b, escape); + text = p; + } } diff --git a/membuffer.h b/membuffer.h index ee0305eee..153815fd8 100644 --- a/membuffer.h +++ b/membuffer.h @@ -22,6 +22,7 @@ extern void free_buffer(struct membuffer *); extern void flush_buffer(struct membuffer *, FILE *); extern void put_bytes(struct membuffer *, const char *, int); extern void put_string(struct membuffer *, const char *); +extern void put_quoted(struct membuffer *, const char *, int, int); extern void strip_mb(struct membuffer *); extern const char *mb_cstring(struct membuffer *); extern __printf(2, 0) void put_vformat(struct membuffer *, const char *, va_list); diff --git a/save-html.c b/save-html.c index 4f378498f..212cf2494 100644 --- a/save-html.c +++ b/save-html.c @@ -8,65 +8,18 @@ void put_HTML_date(struct membuffer *b, struct dive *dive, const char *pre, cons put_format(b, "%s%04u-%02u-%02u%s", pre, tm.tm_year + 1900, tm.tm_mon + 1, tm.tm_mday, post); } -char *replace_char(char *str, char replace, char *replace_by) +void put_HTML_quoted(struct membuffer *b, const char *text) { - /* - this function can't replace a character with a substring - where the substring contains the character, infinite loop. - */ - - if (!str) - return 0; - - int i = 0, char_count = 0, new_size; - - while (str[i] != '\0') { - if (str[i] == replace) - char_count++; - i++; - } - - new_size = strlen(str) + char_count * strlen(replace_by) + 1; - char *result = malloc(new_size); - char *temp = strdup(str); - char *p0, *p1; - if (!result || !temp) - return 0; - result[0] = '\0'; - p0 = temp; - p1 = strchr(temp, replace); - while (p1) { - *p1 = '\0'; - strcat(result, p0); - strcat(result, replace_by); - p0 = p1 + 1; - p1 = strchr(p0, replace); - } - strcat(result, p0); /*concat the rest of the string*/ - free(temp); - return result; -} - -char *quote(char *string) -{ - char *less_than_removed = replace_char(string, '<', "<"); - char *greater_than_removed = replace_char(less_than_removed, '>', ">"); - char *new_line_removed = replace_char(greater_than_removed, '\n', "
"); - char *double_quotes_removed = replace_char(new_line_removed, '"', """); - char *single_quotes_removed = replace_char(double_quotes_removed, '\'', "'"); - free(new_line_removed); - free(less_than_removed); - free(greater_than_removed); - free(double_quotes_removed); - return single_quotes_removed; + int is_html = 1, is_attribute = 1; + put_quoted(b, text, is_attribute, is_html); } void put_HTML_notes(struct membuffer *b, struct dive *dive, const char *pre, const char *post) { if (dive->notes) { - char *notes = quote(dive->notes); - put_format(b, "%s%s%s", pre, notes, post); - free(notes); + put_string(b, pre); + put_HTML_quoted(b, dive->notes); + put_string(b, post); } } @@ -113,7 +66,9 @@ void put_HTML_tags(struct membuffer *b, struct dive *dive, const char *pre, cons put_string(b, "\"--\","); while (tag) { - put_format(b, "\"%s\",", tag->tag->name); + put_string(b, "\""); + put_HTML_quoted(b, tag->tag->name); + put_string(b, "\","); tag = tag->next; } put_string(b, "]"); @@ -124,7 +79,9 @@ void write_attribute(struct membuffer *b, const char *att_name, const char *valu { if (!value) value = "--"; - put_format(b, "\"%s\":\"%s\",", att_name, value); + put_format(b, "\"%s\":\"", att_name); + put_HTML_quoted(b, value); + put_string(b, "\","); } void write_one_dive(struct membuffer *b, struct dive *dive, int *dive_no) diff --git a/save-html.h b/save-html.h index 47f6d218d..96813f39b 100644 --- a/save-html.h +++ b/save-html.h @@ -13,9 +13,7 @@ void put_HTML_airtemp(struct membuffer *b, struct dive *dive, const char *pre, c void put_HTML_watertemp(struct membuffer *b, struct dive *dive, const char *pre, const char *post); void put_HTML_time(struct membuffer *b, struct dive *dive, const char *pre, const char *post); void put_HTML_notes(struct membuffer *b, struct dive *dive, const char *pre, const char *post); - -char *replace_char(char *str, char replace, char *replace_by); -char *quote(char *string); +void put_HTML_quoted(struct membuffer *b, const char *text); void export_HTML(const char *file_name, const bool selected_only); diff --git a/save-xml.c b/save-xml.c index d48d0ef08..9f2c2b46a 100644 --- a/save-xml.c +++ b/save-xml.c @@ -23,49 +23,8 @@ */ static void quote(struct membuffer *b, const char *text, int is_attribute) { - const char *p = text; - - for (;;) { - const char *escape; - - switch (*p++) { - default: - continue; - case 0: - escape = NULL; - break; - case 1 ... 8: - case 11: - case 12: - case 14 ... 31: - escape = "?"; - break; - case '<': - escape = "<"; - break; - case '>': - escape = ">"; - break; - case '&': - escape = "&"; - break; - case '\'': - if (!is_attribute) - continue; - escape = "'"; - break; - case '\"': - if (!is_attribute) - continue; - escape = """; - break; - } - put_bytes(b, text, (p - text - 1)); - if (!escape) - break; - put_string(b, escape); - text = p; - } + int is_html = 0; + put_quoted(b, text, is_attribute, is_html); } static void show_utf8(struct membuffer *b, const char *text, const char *pre, const char *post, int is_attribute) diff --git a/worldmap-save.c b/worldmap-save.c index 0b22b554c..0dbc4791f 100644 --- a/worldmap-save.c +++ b/worldmap-save.c @@ -38,7 +38,9 @@ void writeMarkers(struct membuffer *b, const bool selected_only) put_depth(b, dive->maxdepth, translate("gettextFromC", "

Max Depth: "), translate("gettextFromC", " m

")); put_HTML_airtemp(b, dive, translate("gettextFromC", "

Air Temp: "), "

"); put_HTML_watertemp(b, dive, translate("gettextFromC", "

Water Temp : "), "

"); - put_format(b, "

Location : %s

", quote(dive->location)); + put_string(b, "

Location : "); + put_HTML_quoted(b, dive->location); + put_string(b, "

"); put_HTML_notes(b, dive, translate("gettextFromC", "

Notes"), "

"); put_string(b, "

'+''+''});\ninfowindows.push(tempinfowindow);\n"); put_format(b, "google.maps.event.addListener(markers[%d], 'mouseover', function() {\ninfowindows[%d].open(map,markers[%d]);}", dive_no, dive_no, dive_no); -- cgit v1.2.3-70-g09d2