Koha-community
/
Koha
13
5
Fork 0
Code Issues Releases Wiki Activity
Browse Source

bug 5301: improve escaping of XML characters in bib output 

<, >, ', or " in an item call number will no longer make
the bib displays break when using XSLT mode.

Added a new routine to C4::Koha, xml_escape(), to implement
converting &, <, >, ', and " to their corresponding
entities.

Patch loosely based on work done by Daniel Latrémolière <daniel.latremoliere@bulac.fr>

Signed-off-by: Galen Charlton <gmcharlt@gmail.com>
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
3.6.x-rmaint/testing
Galen Charlton 14 years ago
committed by Chris Cormack
parent
8893e38c6e
commit
f88f88dcc5
3 changed files with 29 additions and 4 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 20
      C4/Koha.pm
  2. 5
      C4/XSLT.pm
  3. 8
      t/Koha.t

20
C4/Koha.pm
View File

@ -61,6 +61,7 @@ BEGIN {
&GetNormalizedISBN
&GetNormalizedEAN
&GetNormalizedOCLCNumber
&xml_escape
$DEBUG
);
@ -1190,6 +1191,25 @@ sub GetKohaAuthorisedValuesFromField {
}
}
=head2 xml_escape
my $escaped_string = C4::Koha::xml_escape($string);
Convert &, <, >, ', and " in a string to XML entities
=cut
sub xml_escape {
my $str = shift;
return '' unless defined $str;
$str =~ s/&/&amp;/g;
$str =~ s/</&lt;/g;
$str =~ s/>/&gt;/g;
$str =~ s/'/&apos;/g;
$str =~ s/"/&quot;/g;
return $str;
}
=head2 display_marc_indicators
my $display_form = C4::Koha::display_marc_indicators($field);

5
C4/XSLT.pm
View File

@ -210,9 +210,8 @@ sub buildKohaItemsNamespace {
} else {
$status = "available";
}
my $homebranch = $branches->{$item->{homebranch}}->{'branchname'};
my $itemcallnumber = $item->{itemcallnumber} || '';
$itemcallnumber =~ s/\&/\&amp\;/g;
my $homebranch = xml_escape($branches->{$item->{homebranch}}->{'branchname'});
my $itemcallnumber = xml_escape($item->{itemcallnumber});
$xml.= "<item><homebranch>$homebranch</homebranch>".
"<status>$status</status>".
"<itemcallnumber>".$itemcallnumber."</itemcallnumber>"

8
t/Koha.t
View File

@ -2,7 +2,7 @@
use strict;
use warnings;
use Test::More tests => 2;
use Test::More tests => 5;
use_ok('C4::Koha');
@ -13,3 +13,9 @@ my $date = "01/01/2002";
my $newdate = &slashifyDate("2002-01-01");
ok($date eq $newdate, 'slashifyDate');
my $undef = undef;
is(xml_escape($undef), '', 'xml_escape() returns empty string on undef input');
my $str = q{'"&<>'};
is(xml_escape($str), '&apos;&quot;&amp;&lt;&gt;&apos;', 'xml_escape() works as expected');
is($str, q{'"&<>'}, '... and does not change input in place');

Write Preview
Loading…
Cancel
Save