diff options
-rw-r--r-- | README | 2 | ||||
-rwxr-xr-x | rh-bin/listdropboxes.cgi | 39 |
2 files changed, 21 insertions, 20 deletions
@@ -30,7 +30,7 @@ LICENSE Installation ============ -# sudo aptitude install apache2 libapache2-mod-perl2 libconfig-inifiles-perl libdbd-mysql-perl libjson-pp-perl librhrd-perl libjs-jquery rivendell-server +# sudo aptitude install apache2 libapache2-mod-perl2 libconfig-inifiles-perl libdbd-mysql-perl libjson-pp-perl libxml-quote-perl librhrd-perl libjs-jquery rivendell-server # sudo a2enmod ssl authnz_ldap perl proxy_wstunnel # sudo /etc/init.d/apache2 restart diff --git a/rh-bin/listdropboxes.cgi b/rh-bin/listdropboxes.cgi index 53da91b..b30ff50 100755 --- a/rh-bin/listdropboxes.cgi +++ b/rh-bin/listdropboxes.cgi @@ -22,6 +22,7 @@ use strict; use CGI; +use XML::Quote; use RHRD::rddb; my $status = 'ERROR'; @@ -58,33 +59,33 @@ print "Content-type: application/xml; charset=UTF-8\n\n"; if($responsecode != 200) { print "<RDWebResult>\n"; - print " <ResponseCode>" . $responsecode . "</ResponseCode>\n"; - print " <ErrorString>" . $errorstring . "</ErrorString>\n"; + print " <ResponseCode>" . xml_quote($responsecode) . "</ResponseCode>\n"; + print " <ErrorString>" . xml_quote($errorstring) . "</ErrorString>\n"; print "</RDWebResult>\n"; } else { print "<dropboxList>\n"; for my $href (@dropboxes) { print " <dropbox>\n"; - print " <group>" . $href->{'GROUP'} . "</group>\n"; - print " <group-description>" . $href->{'GROUPDESC'} . "</group-description>\n"; - print " <group-low-cart>" . $href->{'GROUPLOWCART'} . "</group-low-cart>\n"; - print " <group-high-cart>" . $href->{'GROUPHIGHCART'} . "</group-high-cart>\n"; - print " <normalization-level>" . $href->{'NORMLEVEL'} . "</normalization-level>\n"; - print " <autotrim-level>" . $href->{'TRIMLEVEL'} . "</autotrim-level>\n"; - print " <parameters>" . $href->{'PARAM'} . "</parameters>\n"; - print " <type>" . $href->{'TYPE'} . "</type>\n"; + print " <group>" . xml_quote($href->{'GROUP'}) . "</group>\n"; + print " <group-description>" . xml_quote($href->{'GROUPDESC'}) . "</group-description>\n"; + print " <group-low-cart>" . xml_quote($href->{'GROUPLOWCART'}) . "</group-low-cart>\n"; + print " <group-high-cart>" . xml_quote($href->{'GROUPHIGHCART'}) . "</group-high-cart>\n"; + print " <normalization-level>" . xml_quote($href->{'NORMLEVEL'}) . "</normalization-level>\n"; + print " <autotrim-level>" . xml_quote($href->{'TRIMLEVEL'}) . "</autotrim-level>\n"; + print " <parameters>" . xml_quote($href->{'PARAM'}) . "</parameters>\n"; + print " <type>" . xml_quote($href->{'TYPE'}) . "</type>\n"; if($href->{'TYPE'} eq "show") { - print " <show-id>" . $href->{'SHOWID'} . "</show-id>\n"; - print " <show-title>" . $href->{'SHOWTITLE'} . "</show-title>\n"; - print " <show-log>" . $href->{'SHOWLOG'} . "</show-log>\n"; - print " <show-rhythm>" . $href->{'SHOWRHYTHM'} . "</show-rhythm>\n"; - print " <show-dayofweek>" . $href->{'SHOWDOW'} . "</show-dayofweek>\n"; - print " <show-starttime>" . $href->{'SHOWSTARTTIME'} . "</show-starttime>\n"; - print " <show-length>" . $href->{'SHOWLEN'} . "</show-length>\n"; + print " <show-id>" . xml_quote($href->{'SHOWID'}) . "</show-id>\n"; + print " <show-title>" . xml_quote($href->{'SHOWTITLE'}) . "</show-title>\n"; + print " <show-log>" . xml_quote($href->{'SHOWLOG'}) . "</show-log>\n"; + print " <show-rhythm>" . xml_quote($href->{'SHOWRHYTHM'}) . "</show-rhythm>\n"; + print " <show-dayofweek>" . xml_quote($href->{'SHOWDOW'}) . "</show-dayofweek>\n"; + print " <show-starttime>" . xml_quote($href->{'SHOWSTARTTIME'}) . "</show-starttime>\n"; + print " <show-length>" . xml_quote($href->{'SHOWLEN'}) . "</show-length>\n"; } elsif($href->{'TYPE'} eq "jingle") { - print " <jingle-title>" . $href->{'JINGLETITLE'} . "</jingle-title>\n"; + print " <jingle-title>" . xml_quote($href->{'JINGLETITLE'}) . "</jingle-title>\n"; } elsif($href->{'TYPE'} eq "musicpool") { - print " <musicpool-title>" . $href->{'MUSICPOOLTITLE'} . "</musicpool-title>\n"; + print " <musicpool-title>" . xml_quote($href->{'MUSICPOOLTITLE'}) . "</musicpool-title>\n"; } print " </dropbox>\n"; } |