From 7aab9839b794a48adaf4b3049fc0b8a999d925f8 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Paul=20H=C3=A4nsch?= Date: Wed, 22 Jan 2020 17:07:53 +0100 Subject: [PATCH] global and improved pdi escaping functions --- cards/index.cgi | 2 +- cards/update_card.sh | 24 ++++++++---------------- cards/widgets.sh | 36 ++++++++++++++++++------------------ pdiread.sh | 27 +++++++++++++++++++++++++++ 4 files changed, 54 insertions(+), 35 deletions(-) diff --git a/cards/index.cgi b/cards/index.cgi index 6fb7bae..24f7a86 100755 --- a/cards/index.cgi +++ b/cards/index.cgi @@ -11,7 +11,7 @@ fi . $_EXEC/cards/widgets.sh . $_EXEC/cards/list.sh -unescape() { [ $# = 0 ] && sed -E 's;\\(.);\1;g' || printf %s "$*" |sed -E 's;\\(.);\1;g'; } +#unescape() { [ $# = 0 ] && sed -E 's;\\(.);\1;g' || printf %s "$*" |sed -E 's;\\(.);\1;g'; } upcase=' y;abcdefghijklmnopqrstuvwxyzäöüé;ABCDEFGHIJKLMNOPQRSTUVWXYZÄÖÜÉ;; ' filter="$(GET f)" diff --git a/cards/update_card.sh b/cards/update_card.sh index fd0b210..84d9c7e 100755 --- a/cards/update_card.sh +++ b/cards/update_card.sh @@ -49,40 +49,32 @@ elif [ "$(POST tid)" != "$(transid "$tempfile")" ]; then exit 0 fi -vcf_escape(){ - for each in "$@"; do - printf %s\\n "$each" \ - | sed -E ':X;$!{N;bX}; s;\r\n;\n;g; s;([;,\\]);\\\1;g; s;\n;\\n;g;' - done \ - | sed -E ':X;$!{N;bX}; s;\n;\;;g' -} - # [ "${_POST[hi_select]}" = "list" ] || _POST[hi_company]="${_POST[hi_other]}" # [ -n "${_POST[hi_company]}${_POST[hi_number]}${_POST[hi_status]}" ] \ -# && _POST[X-HEALTH-INSURANCE]="$(vcf_escape "${_POST[hi_company]}" "${_POST[hi_number]}" "${_POST[hi_status]}")" +# && _POST[X-HEALTH-INSURANCE]="$(pdi_escape "${_POST[hi_company]}" "${_POST[hi_number]}" "${_POST[hi_status]}")" # vcf="$(pdi_load "$cardfile")" vcf="$(pdi_load "$tempfile")" -vcf="$(pdi_update_value "$vcf" N 1 "$(vcf_escape "$(POST 1N)" "$(POST 2N)" "$(POST 3N)" "$(POST 4N)" "$(POST 5N)")")" -vcf="$(pdi_update_value "$vcf" FN 1 "$(vcf_escape "$(POST 4N) $(POST 2N) $(POST 3N) $(POST 1N) $(POST 5N)" \ +vcf="$(pdi_update_value "$vcf" N 1 "$(pdi_escape "$(POST 1N)" "$(POST 2N)" "$(POST 3N)" "$(POST 4N)" "$(POST 5N)")")" +vcf="$(pdi_update_value "$vcf" FN 1 "$(pdi_escape "$(POST 4N) $(POST 2N) $(POST 3N) $(POST 1N) $(POST 5N)" \ | sed -E 's;^ +;;; s; +$;;; s; +; ;g;')" )" for field in $(POST_KEYS |grep -xE '[A-Z][A-Z0-9-]*'); do for cnt in $(seq 1 $(POST_COUNT "$field")); do case "$field" in # (TEL) - # printf '%s;TYPE=%s:%s\r\n' "${field}" "${_POST[phonetype${key#TEL}]}" "$(vcf_escape "$(POST "$field" "$cnt")")" + # printf '%s;TYPE=%s:%s\r\n' "${field}" "${_POST[phonetype${key#TEL}]}" "$(pdi_escape "$(POST "$field" "$cnt")")" # ;; X-HEALTH-INSURANCE) hi_select="$(POST "$field" "$cnt")" if [ "$hi_select" = list ]; then - vcf="$(pdi_update_value "$vcf" "$field" "$cnt" "$(vcf_escape "$(POST "hi_company" "$cnt")" \ + vcf="$(pdi_update_value "$vcf" "$field" "$cnt" "$(pdi_escape "$(POST "hi_company" "$cnt")" \ "$(POST "hi_number" "$cnt")" \ "$(POST "hi_status" "$cnt")" \ )")" elif [ "$hi_select" = other ]; then - vcf="$(pdi_update_value "$vcf" "$field" "$cnt" "$(vcf_escape "$(POST "hi_other" "$cnt")" \ + vcf="$(pdi_update_value "$vcf" "$field" "$cnt" "$(pdi_escape "$(POST "hi_other" "$cnt")" \ "$(POST "hi_number" "$cnt")" \ "$(POST "hi_status" "$cnt")" \ )")" @@ -90,10 +82,10 @@ for field in $(POST_KEYS |grep -xE '[A-Z][A-Z0-9-]*'); do ;; TEL) vcf="$(pdi_update_attrib "$vcf" TEL $cnt TYPE="$(POST teltype $cnt |grep -Exm1 'HOME|WORK|CELL|FAX')")" - vcf="$(pdi_update_value "$vcf" "$field" "$cnt" "$(vcf_escape "$(POST "$field" "$cnt")")")" + vcf="$(pdi_update_value "$vcf" "$field" "$cnt" "$(pdi_escape "$(POST "$field" "$cnt")")")" ;; *) - vcf="$(pdi_update_value "$vcf" "$field" "$cnt" "$(vcf_escape "$(POST "$field" "$cnt")")")" + vcf="$(pdi_update_value "$vcf" "$field" "$cnt" "$(pdi_escape "$(POST "$field" "$cnt")")")" ;; esac done; done diff --git a/cards/widgets.sh b/cards/widgets.sh index 63c450b..b0d188c 100755 --- a/cards/widgets.sh +++ b/cards/widgets.sh @@ -68,13 +68,13 @@ card_item(){ cnt="$(pdi_count "$card" "$item")" case $item in - FN) printf '[h2 .item .FN . %s]' "$(pdi_value "$card" FN |unescape |HTML)" + FN) printf '[h2 .item .FN . %s]' "$(pdi_value "$card" FN |pdi_unescape |HTML)" ;; GENDER) printf '[span .item .GENDER . %s]' "$(pdi_value "$card" GENDER |l10n)" ;; NICKNAME) seq 1 $cnt |while read c; do printf '[span .item .NICKNAME aka. "%s"]' \ - "$(pdi_value "$card" NICKNAME $c |unescape |HTML)" + "$(pdi_value "$card" NICKNAME $c |pdi_unescape |HTML)" done ;; X-ZACK-JOINDATE|X-ZACK-LEAVEDATE) if [ $cnt -gt 0 ]; then @@ -102,8 +102,8 @@ card_item(){ [ $cnt -gt 0 ] && printf '[h3 %s]' "$(l10n EMAIL)" seq 1 $cnt |while read c; do printf '[a .item .EMAIL href="mailto:%s" . %s]' \ - "$(pdi_value "$card" EMAIL $c |unescape |HTML)" \ - "$(pdi_value "$card" EMAIL $c |unescape |HTML)" + "$(pdi_value "$card" EMAIL $c |pdi_unescape |HTML)" \ + "$(pdi_value "$card" EMAIL $c |pdi_unescape |HTML)" done ;; TEL) @@ -113,9 +113,9 @@ card_item(){ [ "$teltype" ] \ && printf '[span .item .TEL [span .type . %s:] %s]' \ "$(l10n "TYPE=$teltype" |HTML)" \ - "$(pdi_value "$card" TEL $c |unescape |HTML)" \ + "$(pdi_value "$card" TEL $c |pdi_unescape |HTML)" \ || printf '[span .item .TEL . %s]' \ - "$(pdi_value "$card" TEL $c |unescape |HTML)" + "$(pdi_value "$card" TEL $c |pdi_unescape |HTML)" done ;; X-HEALTH-INSURANCE) @@ -127,9 +127,9 @@ card_item(){ printf '[span .item .hi_company . %s] [span .item .hi_number [label %s:] %s] [span .item .hi_status [label %s:] %s] - ' "$(unescape "$hi_name" |HTML)" \ - "$(l10n hi_number)" "$(unescape "$hi_number" |HTML)" \ - "$(l10n hi_status)" "$(unescape "$hi_status" |HTML)" + ' "$(pdi_unescape "$hi_name" |HTML)" \ + "$(l10n hi_number)" "$(pdi_unescape "$hi_number" |HTML)" \ + "$(l10n hi_status)" "$(pdi_unescape "$hi_status" |HTML)" done ;; therapies) @@ -152,7 +152,7 @@ card_item(){ shy="$(printf '\302\255')" seq 1 $cnt |while read c; do printf '[span .item .%s . %s]' "$item" \ - "$(pdi_value "$card" "$item" $c |sed -r "s;(straße|weg|damm|allee|ufer);${shy}\1;g" |unescape |HTML)" + "$(pdi_value "$card" "$item" $c |sed -r "s;(straße|weg|damm|allee|ufer);${shy}\1;g" |pdi_unescape |HTML)" done ;; esac @@ -175,7 +175,7 @@ edit_item(){ $N EOF else - N="$(pdi_value "$card" FN |unescape)" + N="$(pdi_value "$card" FN |pdi_unescape)" n1="${N%%[a-z]*}" n1="${N#$n1}" [ "$n1" ] || n1="${N##* }" n2="${N%$n1}" @@ -219,7 +219,7 @@ edit_item(){ printf '[checkbox "%s_delete_%i" "true" .delete #%s_delete_%i][label for="%s_delete_%i" %s]' \ "$item" $c "$item" $c "$item" $c "$(l10n delete)" printf '' \ - "$item" "$item" "$(pdi_value "$card" "$item" $c |unescape |HTML)" + "$item" "$item" "$(pdi_value "$card" "$item" $c |pdi_unescape |HTML)" done printf '[button type="submit" name="action" value="addfield %s" %s ]' "$item" "$(l10n edit_addfield)" ;; @@ -242,7 +242,7 @@ edit_item(){ "$([ "$teltype" = 'FAX' ] && printf 'selected="selected"')" "$(l10n TYPE=FAX)" printf '[input .item .%s name="%s" value="%s" placeholder="%s"]' \ - "$item" "$item" "$(pdi_value "$card" "$item" $c |unescape |HTML)" "$(l10n "$item")" + "$item" "$item" "$(pdi_value "$card" "$item" $c |pdi_unescape |HTML)" "$(l10n "$item")" done printf '[button type="submit" name="action" value="addfield %s" %s ]' "$item" "$(l10n edit_addfield)" ;; @@ -262,14 +262,14 @@ edit_item(){ -->[select class="item" name="hi_company" [option value="" disabled="disabled" $(selected "${hi_name}" "") . $(l10n hi_company)] $(list_hi_companies |while read f; do - printf '[option value="%s" %s . %s]' "$(unescape "$f" |HTML)" \ + printf '[option value="%s" %s . %s]' "$(pdi_unescape "$f" |HTML)" \ "$(selected "$f" "$hi_name")" \ - "$(unescape "$f" |HTML)" + "$(pdi_unescape "$f" |HTML)" done) ] [input type="text" name="hi_other" value="$hi_name" placeholder="$(l10n hi_company)"] - [input name="hi_number" value="$(unescape "$hi_number" |HTML)" placeholder="$(l10n hi_number)"] - [input name="hi_status" value="$(unescape "$hi_status" |HTML)" placeholder="$(l10n hi_status)"] + [input name="hi_number" value="$(pdi_unescape "$hi_number" |HTML)" placeholder="$(l10n hi_number)"] + [input name="hi_status" value="$(pdi_unescape "$hi_status" |HTML)" placeholder="$(l10n hi_status)"] EOF done ;; @@ -278,7 +278,7 @@ edit_item(){ printf '[checkbox "%s_delete_%i" "true" .delete #%s_delete_%i][label for="%s_delete_%i" %s]' \ "$item" $c "$item" $c "$item" $c "$(l10n delete)" printf '[input .item .%s name="%s" value="%s" placeholder="%s"]' \ - "$item" "$item" "$(pdi_value "$card" "$item" $c |unescape |HTML)" "$(l10n "$item")" + "$item" "$item" "$(pdi_value "$card" "$item" $c |pdi_unescape |HTML)" "$(l10n "$item")" done printf '[button type="submit" name="action" value="addfield %s" %s ]' "$item" "$(l10n edit_addfield)" ;; diff --git a/pdiread.sh b/pdiread.sh index 8118318..49c2c20 100755 --- a/pdiread.sh +++ b/pdiread.sh @@ -103,6 +103,33 @@ pdi_load() { p;' "$1" } +pdi_escape(){ + local in out='' + for in in "$@"; do + out="${out}${out:+;}" + while [ "$in" ]; do case $in in + \\*) out="${out}\\\\"; in="${in#\\}" ;; + ,*) out="${out}\\,"; in="${in#,}" ;; + \;*) out="${out}\\;"; in="${in#;}" ;; + "$BR"*) out="${out}\\n"; in="${in#${BR}}" ;; + *) out="${out}${in%%[\\,;${BR}]*}"; in="${in#${in%%[\\,;${BR}]*}}" ;; + esac; done + done + printf '%s\n' "$out" +} + +pdi_unescape(){ + local in out='' + [ $# -gt 0 ] && in="$*" || in="$(cat)" + while [ "$in" ]; do case $in in + \\\\*) out="${out}\\"; in="${in#\\\\}" ;; + \\n*) out="${out}${BR}"; in="${in#\\n}" ;; + \\*) in="${in#\\}" ;; + *) out="${out}${in%%\\*}"; in="${in#${in%%\\*}}" ;; + esac; done + printf '%s\n' "$out" +} + pdi_count(){ local card="$1" name="$2" rc='' cnt=0 while rc="${card#*${BR}${name};}"; do -- 2.39.2