Mercurial > dive4elements > gnv-client

diff gnv/src/main/java/de/intevation/gnv/action/ArtifactDatabaseActionBase.java @ 705:f550bd27a3f1

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Html characters in strings inserted by the user are quoted (issue221). gnv/trunk@969 c6561f87-3c4e-4783-a992-168aeb5c3f6f
author Ingo Weinzierl <ingo.weinzierl@intevation.de>
date Thu, 22 Apr 2010 12:58:44 +0000
parents 89ade245ca7a
children 0441e78cd900
line wrap: on
line diff
--- a/gnv/src/main/java/de/intevation/gnv/action/ArtifactDatabaseActionBase.java	Mon Apr 19 15:36:11 2010 +0000
+++ b/gnv/src/main/java/de/intevation/gnv/action/ArtifactDatabaseActionBase.java	Thu Apr 22 12:58:44 2010 +0000
@@ -49,5 +49,30 @@
         ActionForward lForward = mapping.findForward(EXCEPTION_FORWARD_ID);
         return lForward;
     }
+
+
+    protected String encode(String s) {
+        log.debug("String to encode: " + s);
+        s = s.replaceAll("<", "&lt;");
+        s = s.replaceAll(">", "&gt;");
+        s = s.replaceAll("\"", "&quot;");
+        s = s.replaceAll("&", "&amp;");
+
+        log.debug("Encoded string: " + s);
+        return s;
+    }
+
+
+    protected String[] encode(String[] s) {
+        if (s == null)
+            return null;
+
+        String[] good = new String[s.length];
+        for (int i = 0; i < good.length; i++) {
+            good[i] = encode(s[i]);
+        }
+
+        return good;
+    }
 }
 // vim:set ts=4 sw=4 si et sta sts=4 fenc=utf8 :
http://dive4elements.wald.intevation.org