<, >, ', or " in an item call number will no longer make
the bib displays break when using XSLT mode.
Added a new routine to C4::Koha, xml_escape(), to implement
converting &, <, >, ', and " to their corresponding
entities.
Patch loosely based on work done by Daniel Latrémolière <daniel.latremoliere@bulac.fr>
Signed-off-by: Galen Charlton <gmcharlt@gmail.com>
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
Signed-off-by: Chris Nighswonger <chris.nighswonger@gmail.com>
&GetNormalizedISBN
&GetNormalizedEAN
&GetNormalizedOCLCNumber
+ &xml_escape
$DEBUG
);
}
}
+=head2 xml_escape
+
+ my $escaped_string = C4::Koha::xml_escape($string);
+
+Convert &, <, >, ', and " in a string to XML entities
+
+=cut
+
+sub xml_escape {
+ my $str = shift;
+ return '' unless defined $str;
+ $str =~ s/&/&/g;
+ $str =~ s/</</g;
+ $str =~ s/>/>/g;
+ $str =~ s/'/'/g;
+ $str =~ s/"/"/g;
+ return $str;
+}
+
=head2 display_marc_indicators
my $display_form = C4::Koha::display_marc_indicators($field);
} else {
$status = "available";
}
- my $homebranch = $branches->{$item->{homebranch}}->{'branchname'};
- my $itemcallnumber = $item->{itemcallnumber} || '';
- $itemcallnumber =~ s/\&/\&\;/g;
+ my $homebranch = xml_escape($branches->{$item->{homebranch}}->{'branchname'});
+ my $itemcallnumber = xml_escape($item->{itemcallnumber});
$xml.= "<item><homebranch>$homebranch</homebranch>".
"<status>$status</status>".
"<itemcallnumber>".$itemcallnumber."</itemcallnumber>"
use strict;
use warnings;
-use Test::More tests => 2;
+use Test::More tests => 5;
use_ok('C4::Koha');
my $newdate = &slashifyDate("2002-01-01");
ok($date eq $newdate, 'slashifyDate');
+
+my $undef = undef;
+is(xml_escape($undef), '', 'xml_escape() returns empty string on undef input');
+my $str = q{'"&<>'};
+is(xml_escape($str), ''"&<>'', 'xml_escape() works as expected');
+is($str, q{'"&<>'}, '... and does not change input in place');
projects / koha.git / commitdiff