Mercurial > dive4elements > gnv-client
view gnv/src/main/java/de/intevation/gnv/action/ArtifactDatabaseActionBase.java @ 705:f550bd27a3f1
Html characters in strings inserted by the user are quoted (issue221).
gnv/trunk@969 c6561f87-3c4e-4783-a992-168aeb5c3f6f
| author | Ingo Weinzierl <ingo.weinzierl@intevation.de> |
|---|---|
| date | Thu, 22 Apr 2010 12:58:44 +0000 |
| parents | 89ade245ca7a |
| children | 0441e78cd900 |
line wrap: on
line source
package de.intevation.gnv.action; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.apache.log4j.Logger; import org.apache.struts.action.Action; import org.apache.struts.action.ActionForm; import org.apache.struts.action.ActionForward; import org.apache.struts.action.ActionMapping; /** * @author <a href="mailto:tim.englich@intevation.de">Tim Englich</a> * */ public class ArtifactDatabaseActionBase extends Action { protected final static String SUCCSESS_FORWARD_ID = "success"; protected final static String EXCEPTION_FORWARD_ID = "success"; /** * the logger, used to log exceptions and additonaly information */ private static Logger log = Logger .getLogger(ArtifactDatabaseActionBase.class); /** * Constructor */ public ArtifactDatabaseActionBase() { super(); } @Override public ActionForward execute(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception { log.debug("ArtifactDatabaseActionBase.execute"); ActionForward forward = mapping.findForward(SUCCSESS_FORWARD_ID); return forward; } protected ActionForward getExceptionForward(ActionMapping mapping) { log.debug("ArtifactDatabaseActionBase.getExceptionForward"); ActionForward lForward = mapping.findForward(EXCEPTION_FORWARD_ID); return lForward; } protected String encode(String s) { log.debug("String to encode: " + s); s = s.replaceAll("<", "<"); s = s.replaceAll(">", ">"); s = s.replaceAll("\"", """); s = s.replaceAll("&", "&"); log.debug("Encoded string: " + s); return s; } protected String[] encode(String[] s) { if (s == null) return null; String[] good = new String[s.length]; for (int i = 0; i < good.length; i++) { good[i] = encode(s[i]); } return good; } } // vim:set ts=4 sw=4 si et sta sts=4 fenc=utf8 :