webbuild: implement a var2html function to filter for security variable to html

Currently used in chat messages
This commit is contained in:
Silvan Calarco 2015-04-04 18:49:49 +02:00
parent aca1323856
commit 77ecc7566d
2 changed files with 15 additions and 2 deletions

View File

@ -980,8 +980,7 @@ if [ "$REQUEST" = "changespec" ]; then
REQUEST="edit"; REQUEST="edit";
fi fi
elif [ "$REQUEST" = "broadcastmessage" ]; then elif [ "$REQUEST" = "broadcastmessage" ]; then
BROADCASTMESSAGE=`echo $BROADCASTMESSAGE | sed "s|<|\&lt;|g"` social_log "SUSER=$USER STYPE=broadcastmessage SEMAIL=$USER_EMAIL STEXT=\"said:&quot;<i>`var2html BROADCASTMESSAGE`</i>&quot;\" STIME=`date +%s`"
social_log "SUSER=$USER STYPE=broadcastmessage SEMAIL=$USER_EMAIL STEXT=\"said:&quot;<i>$BROADCASTMESSAGE</i>&quot;\" STIME=`date +%s`"
REQUEST= REQUEST=
fi fi

View File

@ -179,6 +179,20 @@ function cgi_getvars()
return return
} }
function var2html()
{
eval r=\$$1
r="${r//\&/&amp;}"
r="${r//\</&lt;}"
r="${r//\\\n/<br>}"
r="${r//\\/&#92;}"
r="${r//\"/&quot;}"
r="${r//\$/&#36;}"
r="${r//\`/&#96;}"
r="${r//\*/&#42;}"
echo "${r}"
}
function kill_tree() { function kill_tree() {
local killpid=$1 local killpid=$1