diff options
| author | bbaetz%student.usyd.edu.au <> | 2002-12-15 18:23:55 +0100 |
|---|---|---|
| committer | bbaetz%student.usyd.edu.au <> | 2002-12-15 18:23:55 +0100 |
| commit | 1cee4770ca5e09e3b56c0de0e8c77c2684542d18 (patch) | |
| tree | a31b3c625607961094750db3f7619619a9d7767f /Bugzilla/Util.pm | |
| parent | ee84183ca9efa0839c49ad02f293d60db0a4d76f (diff) | |
| download | bugzilla-1cee4770ca5e09e3b56c0de0e8c77c2684542d18.tar.gz bugzilla-1cee4770ca5e09e3b56c0de0e8c77c2684542d18.tar.xz | |
Bug 158499 - Templatise XML bug output
r=gerv, justdave
a=justdave
Diffstat (limited to 'Bugzilla/Util.pm')
| -rw-r--r-- | Bugzilla/Util.pm | 27 |
1 files changed, 22 insertions, 5 deletions
diff --git a/Bugzilla/Util.pm b/Bugzilla/Util.pm index efd107c0a..5aecb5ad9 100644 --- a/Bugzilla/Util.pm +++ b/Bugzilla/Util.pm @@ -25,15 +25,15 @@ package Bugzilla::Util; -use Bugzilla::Config; +use strict; use base qw(Exporter); @Bugzilla::Util::EXPORT = qw(is_tainted trick_taint detaint_natural - html_quote url_quote value_quote + html_quote url_quote value_quote xml_quote lsearch max min trim format_time); -use strict; +use Bugzilla::Config; # This is from the perlsec page, slightly modifed to remove a warning # From that page: @@ -89,6 +89,16 @@ sub value_quote { return $var; } +sub xml_quote { + my ($var) = (@_); + $var =~ s/\&/\&/g; + $var =~ s/</\</g; + $var =~ s/>/\>/g; + $var =~ s/\"/\"/g; + $var =~ s/\'/\'/g; + return $var; +} + sub lsearch { my ($list,$item) = (@_); my $count = 0; @@ -124,7 +134,6 @@ sub trim { return $str; } -# Bug 67077 sub format_time { my ($time) = @_; @@ -149,7 +158,8 @@ sub format_time { } if (defined $year) { - $time = "$year-$month-$day $hour:$min " . &::Param('timezone'); + $time = "$year-$month-$day $hour:$min"; + $time .= " " . &::Param('timezone') if &::Param('timezone'); } return $time; } @@ -175,6 +185,7 @@ Bugzilla::Util - Generic utility functions for bugzilla html_quote($var); url_quote($var); value_quote($var); + xml_quote($var); # Functions for searching $loc = lsearch(\@arr, $val); @@ -252,6 +263,12 @@ Quotes characters so that they may be included as part of a url. As well as escaping html like C<html_quote>, this routine converts newlines into 
, suitable for use in html attributes. +=item C<xml_quote($val)> + +This is similar to C<html_quote>, except that ' is escaped to '. This +is kept separate from html_quote partly for compatibility with previous code +(for ') and partly for future handling of non-ASCII characters. + =back =head2 Searching |