diff options
| author | Stanislau Wolski <stanislau.wolski@gmail.com> | 2014-03-17 13:16:25 +0300 |
|---|---|---|
| committer | Stanislau Wolski <stanislau.wolski@gmail.com> | 2014-03-17 13:16:25 +0300 |
| commit | d5d7611f58fdbd5c49df78336c3856d747585c4e (patch) | |
| tree | 53ab9a0df891a50bcf7ef623b48fddd1264b220f /codebase | |
| parent | 994b6bb658b08010cdfc8dff332409cfab988d78 (diff) | |
| download | connector-php-d5d7611f58fdbd5c49df78336c3856d747585c4e.zip connector-php-d5d7611f58fdbd5c49df78336c3856d747585c4e.tar.gz connector-php-d5d7611f58fdbd5c49df78336c3856d747585c4e.tar.bz2 | |
[fix] escaping special chars in xml attributes
Diffstat (limited to 'codebase')
| -rw-r--r-- | codebase/data_connector.php | 5 | ||||
| -rw-r--r-- | codebase/grid_connector.php | 2 | ||||
| -rw-r--r-- | codebase/treegrid_connector.php | 2 | ||||
| -rw-r--r-- | codebase/treegridmultitable_connector.php | 2 |
4 files changed, 7 insertions, 4 deletions
diff --git a/codebase/data_connector.php b/codebase/data_connector.php index 7b73066..7c9251d 100644 --- a/codebase/data_connector.php +++ b/codebase/data_connector.php @@ -280,8 +280,11 @@ class JSONCommonDataItem extends DataItem{ } if ($this->userdata !== false) - foreach ($this->userdata as $key => $value) + foreach ($this->userdata as $key => $value){ + if ($value === null) + $data[$key]=""; $data[$key]=$value; + } return $data; } diff --git a/codebase/grid_connector.php b/codebase/grid_connector.php index 9748dee..10a98bd 100644 --- a/codebase/grid_connector.php +++ b/codebase/grid_connector.php @@ -87,7 +87,7 @@ class GridDataItem extends DataItem{ public function to_xml_start(){ if ($this->skip) return ""; - $str="<row id='".$this->get_id()."'"; + $str="<row id='".$this->xmlentities($this->get_id())."'"; foreach ($this->row_attrs as $k=>$v) $str.=" ".$k."='".$v."'"; $str.=">"; diff --git a/codebase/treegrid_connector.php b/codebase/treegrid_connector.php index f074879..0bb19ea 100644 --- a/codebase/treegrid_connector.php +++ b/codebase/treegrid_connector.php @@ -90,7 +90,7 @@ class TreeGridConnector extends GridConnector{ /*! renders self as xml, starting part */ protected function xml_start(){ - return "<rows parent='".$this->request->get_relation()."'>"; + return "<rows parent='".$this->xmlentities( $this->request->get_relation() )."'>"; } } diff --git a/codebase/treegridmultitable_connector.php b/codebase/treegridmultitable_connector.php index c380ef6..3f4bbd9 100644 --- a/codebase/treegridmultitable_connector.php +++ b/codebase/treegridmultitable_connector.php @@ -27,7 +27,7 @@ class TreeGridMultitableConnector extends TreeGridConnector{ public function xml_start(){ if (isset($_GET['id'])) { - return "<rows parent='".$this->render->level_id($_GET['id'], $this->get_level() - 1)."'>"; + return "<rows parent='".$this->xmlentities($this->render->level_id($_GET['id'], $this->get_level() - 1))."'>"; } else { return "<rows parent='0'>"; } |