Mercurial > hgrepos > hgweb.cgi > s4
changeset 654:d6f464f0a212
Include more chars into htmlescape for m4 processing
author | HIROSE Yuuji <yuuji@gentei.org> |
---|---|
date | Mon, 11 May 2020 11:18:05 +0900 |
parents | 22f4f91656a8 |
children | a049d3cb0389 |
files | s4-funcs.sh |
diffstat | 1 files changed, 4 insertions(+), 4 deletions(-) [+] |
line wrap: on
line diff
--- a/s4-funcs.sh Sun May 10 15:28:40 2020 +0900 +++ b/s4-funcs.sh Mon May 11 11:18:05 2020 +0900 @@ -948,7 +948,7 @@ } htmlescape() { sed -e 's/\&/\&/g' -e 's/"/\"/g' -e "s/'/\'/g" \ - -e "s/</\</g; s/>/\>/g" + -e "s/</\</g; s/>/\>/g" -e 's/`/\`/g' -e 's/(/\(/g' } enascii() { if [ -z "$enascii" ]; then @@ -2411,6 +2411,7 @@ fi grp=`getgroupbyid $grid` qgrp=`sqlquote "$grp"` + htmlgrp=`echo "$grp"|htmlescape` ## err showgroup2: grid=$grid grp=$grp qgrp="[$qgrp]" if isgroup "$grp"; then tf=$tmpd/title.$$ @@ -2419,14 +2420,13 @@ WHERE gname=$qgrp AND key='regmode';"` if ismember "$user" "$grp"; then ismember="ismember" - qgrp=`sqlquote "$grp"` bodyclass="$bodyclass${bodyclass:+ }ismember" else ismember="" # bodyclass="group" fi bodyclass="$bodyclass grouphome" - echo "<div class=\"search\">`search_form grp=\"$grp\"`</div>"> $sf - echo "グループ $grp" > $tf + echo "<div class=\"search\">`search_form grp=\"$htmlgrp\"`</div>"> $sf + echo "グループ $htmlgrp" > $tf showgroupsub $formdir/grp.def "$grid" | \ _m4 -D_TITLE_="syscmd(\`cat $tf')" \