Changeset 28899 for main/trunk/greenstone2/runtime-src/src/recpt/gtiaction.cpp

Timestamp:

2014-03-14T22:46:25+13:00 (10 years ago)

Author:

ak19

Message:

Third commit for security, for ensuring cgiargs macros are websafe. This time all the changes to the runtime action classes.

File:

• main/trunk/greenstone2/runtime-src/src/recpt/gtiaction.cpp (modified) (3 diffs)

main/trunk/greenstone2/runtime-src/src/recpt/gtiaction.cpp

@@ -386 +386 @@
   languageinfo_tmap loaded_languages = recpt->get_configinfo().languages;
   disp.setmacro("gtitargetlanguagename", "gti", loaded_languages[target_language_code].longname);
-  disp.setmacro("gtitranslationfiledesc", "gti", "_gti:textgti" + translation_file_key + "_");
+  disp.setmacro("gtitranslationfiledesc", "gti", "_gti:textgti" + encodeForHTML(translation_file_key) + "_");
 
   if (query_string == "") {
@@ -496 +496 @@
     disp.setmacro("gtitargetfilepath", "gti", gti_response.translation_files_key_to_target_file_path_mapping[translation_file_key]);
   }
-  disp.setmacro("gtitranslationfiledesc", "gti", "_gti:textgti" + translation_file_key + "_");
-  disp.setmacro("gtiviewtranslationfileinaction", "gti", "_gti:gtiview" + translation_file_key + "inaction_");
+  disp.setmacro("gtitranslationfiledesc", "gti", "_gti:textgti" + encodeForHTML(translation_file_key) + "_");
+  disp.setmacro("gtiviewtranslationfileinaction", "gti", "_gti:gtiview" + encodeForHTML(translation_file_key) + "inaction_");
 
   disp.setmacro("gtinumchunkstranslated", "gti", gti_response.translation_files_key_to_num_chunks_translated_mapping[translation_file_key]);
@@ -660 +660 @@
  do_gti_request(gti_arguments, logout); 
 
- disp.setmacro("gtiglihelpzipfilepath", "gti", target_language_code + "_GLIHelp.zip");
+ disp.setmacro("gtiglihelpzipfilepath", "gti", encodeForURL(target_language_code) + "_GLIHelp.zip");
 
  return true;