summaryrefslogtreecommitdiffabout
Side-by-side diff
Diffstat (more/less context) (show whitespace changes)
-rw-r--r--include/opkele/util.h7
-rw-r--r--lib/util.cc19
2 files changed, 26 insertions, 0 deletions
diff --git a/include/opkele/util.h b/include/opkele/util.h
index 6f3ddf6..719f951 100644
--- a/include/opkele/util.h
+++ b/include/opkele/util.h
@@ -91,24 +91,31 @@ namespace opkele {
*/
time_t w3c_to_time(const string& w);
/**
* Encode string to the representation suitable for using in URL.
* @param str string to encode
* @return encoded string
* @throw failed_conversion in case of failure
*/
string url_encode(const string& str);
/**
+ * Make string suitable for using as x(ht)ml attribute.
+ * @param str string to escape
+ * @return escaped string
+ */
+ string attr_escape(const string& str);
+
+ /**
* Convert number to string
* @param l number
* @return string representation
* @throw failed_conversion in case of failure
*/
string long_to_string(long l);
/**
* Convert string to number
* @param s string, containing the number
* @return the number
* @throw failed_conversion in case of failure
*/
diff --git a/lib/util.cc b/lib/util.cc
index 54d6535..b7bc437 100644
--- a/lib/util.cc
+++ b/lib/util.cc
@@ -152,24 +152,43 @@ namespace opkele {
*
*/
string url_encode(const string& str) {
char * t = curl_escape(str.c_str(),str.length());
if(!t)
throw failed_conversion(OPKELE_CP_ "failed to curl_escape()");
string rv(t);
curl_free(t);
return rv;
}
+ string attr_escape(const string& str) {
+ static const char *unsafechars = "<>&\n\"'";
+ string rv;
+ string::size_type p=0;
+ while(true) {
+ string::size_type us = str.find_first_of(unsafechars,p);
+ if(us==string::npos) {
+ if(p!=str.length())
+ rv.append(str,p,str.length()-p);
+ return rv;
+ }
+ rv.append(str,p,us-p);
+ rv += "&#";
+ rv += long_to_string((long)str[us]);
+ rv += ';';
+ p = us+1;
+ }
+ }
+
string long_to_string(long l) {
char rv[32];
int r=snprintf(rv,sizeof(rv),"%ld",l);
if(r<0 || r>=(int)sizeof(rv))
throw failed_conversion(OPKELE_CP_ "failed to snprintf()");
return rv;
}
long string_to_long(const string& s) {
char *endptr = 0;
long rv = strtol(s.c_str(),&endptr,10);
if((!endptr) || endptr==s.c_str())