[Samba] Re: [PATCH] Display of quoted parameters in Swat

Wed, 24 Apr 2002 06:49:20 -0700 

Hello Tim,

On Wed, Apr 24, 2002 at 10:34:00AM +0200, [EMAIL PROTECTED] wrote:

> There is a problem with Swat and it's handling of quoted strings. I've
> tested this on the latest released version of Samba (2.2.3a).

The patch you're actually looking for is attached.

Cheers,
Steve Langasek
postmodern programmer

--- samba-2.2.2.cvs20020120.orig/source/web/swat.c
+++ samba-2.2.2.cvs20020120/source/web/swat.c
@@ -49,6 +49,19 @@
 #define ENABLE_USER_FLAG "enable_user_flag"
 #define RHOST "remote_host"
 
+typedef struct html_conversion {
+       char src;
+       char *dest;
+} html_conversion;
+
+static const html_conversion entities[] = {
+       { '"', """ },
+       { '&', "&"  },
+       { '<', "&lt;"   },
+       { '>', "&gt;"   },
+       { '\0', NULL },
+};
+
 /* we need these because we link to locking*.o */
  void become_root(void) {}
  void unbecome_root(void) {}
@@ -77,6 +90,51 @@
        return newstring;
 }
 
+static char *htmlentities(char *str)
+{
+       int i,j, destlen = 0;
+       int length = strlen(str);
+       /* Feel free to use a pstring if appropriate -- I haven't 
+          checked if it's guaranteed to be long enough, and suspect it 
+          isn't. -SRL */
+       char *dststr = NULL;
+       char *p;
+
+       for (i = 0; i < length; i++) {
+               for (j = 0; entities[j].src; j++) {
+                       if (str[i] == entities[j].src) {
+                               destlen += strlen(entities[j].dest);
+                               break;
+                       }
+               }
+               if (!entities[j].src) {
+                       destlen++;
+               }
+       }
+       if (length == destlen) {
+               return(strdup(str));
+       }
+       p = dststr = malloc(destlen + 1);
+       if (!dststr) {
+               return(NULL);
+       }
+       dststr[destlen] = '\0';
+       for (i = 0; i < length; i++) {
+               for (j = 0; entities[j].src; j++) {
+                       if (str[i] == entities[j].src) {
+                               strncpy(p, entities[j].dest,
+                                       strlen(entities[j].dest));
+                               p += strlen(entities[j].dest);
+                               break;
+                       }
+               }
+               if (!entities[j].src) {
+                       *p++ = str[i];
+               }
+       }
+       return(dststr);
+}
+
 static char *stripspace(char *str)
 {
 static char newstring[1024];
@@ -182,8 +240,12 @@
 
        case P_STRING:
        case P_USTRING:
-               printf("<input type=text size=40 name=\"parm_%s\" value=\"%s\">",
-                      make_parm_name(parm->label), *(char **)ptr);
+               str = htmlentities(*(char **)ptr);
+               printf("<input type=\"text\" size=\"40\" name=\"parm_%s\" 
+value=\"%s\">",
+                      make_parm_name(parm->label), str);
+               if (str != NULL) {
+                       free(str);
+               }
                printf("<input type=button value=\"Set Default\" 
onClick=\"swatform.parm_%s.value=\'%s\'\">",
                        make_parm_name(parm->label),fix_backslash((char 
*)(parm->def.svalue)));
                break;

Attachment: msg01041/pgp00000.pgp
Description: PGP signature

Reply via email to