We are no longer offering accounts on this server. Consider https://gitlab.freedesktop.org/ as a place to host projects.

Commit c93458b5 authored by jurgbohn's avatar jurgbohn

Only insert utf8-encoded data into the database.

Make sure the data we use in our xml-forms are utf8 (since the database already 
contains !utf8-stuff). I -really- hope this doesn't break gobbling.
parent 51ebb847
......@@ -28,15 +28,14 @@ class Artist {
$row = $res->fetchRow(MDB2_FETCHMODE_ASSOC);
$artist = $xml->addChild("artist", null);
$artist->addChild("name", $row['name']);
$artist->addChild("name", utf8_encode($row['name']));
$artist->addChild("mbid", $row['mbid']);
//$artist->addChild("url", $row['url']);
$artist->addChild("streamable", $row['streamable']);
$bio = $artist->addChild("bio", null);
$bio->addChild("published", $row['bio_published']);
$bio->addChild("summary", $row['bio_summary']);
$bio->addChild("content", $row['bio_content']);
$bio->addChild("summary", utf8_encode(htmlentities($row['bio_summary'])));
$bio->addChild("content", utf8_encode(htmlentities($row['bio_content'])));
$res->free();
......@@ -59,12 +58,15 @@ class Artist {
$xml = new SimpleXMLElement("<lfm status=\"ok\"></lfm>");
$root = $xml->addChild("toptracks", null);
$root->addAttribute("artist", $artist);
$root->addAttribute("artist", utf8_encode(htmlentities($artist)));
$i = 1;
// Loop over every result and add as children to "toptracks".
// Encode trackname as utf8 and replace bad symbols with html-equivalents
while (($row = $res->fetchRow(MDB2_FETCHMODE_ASSOC))) {
$track = $root->addChild("track", null);
$track->addAttribute("rank", $i);
$track->addChild("name", htmlentities($row['name']));
$track->addChild("name", utf8_encode(htmlentities($row['name'])));
$track->addChild("mbid", $row['mbid']);
$track->addChild("playcount", $row['freq']);
$track->addChild("listeners", $row['dist']);
......
......@@ -69,7 +69,7 @@ class User {
$track = $root->addChild("track", null);
$track->addAttribute("rank", $i);
$track->addChild("name", htmlentities($row['name']));
$track->addChild("name", utf8_encode(htmlentities($row['name'])));
$track->addChild("playcount", $row['freq']);
$i++;
}
......@@ -102,13 +102,12 @@ class User {
while (($row = $res->fetchRow(MDB2_FETCHMODE_ASSOC))) {
$track = $root->addChild("track", null);
$artist = $track->addChild("artist", $row['artist']);
$artist = $track->addChild("artist", utf8_encode(htmlentities($row['artist'])));
$artist->addAttribute("mbid", $row['artmbid']);
$track->addChild("name", htmlentities($row['name']));
$track->addChild("name", utf8_encode(htmlentities($row['name'])));
}
return($xml);
}
}
?>
......@@ -22,14 +22,14 @@ function usernameFromSID($session_id) {
function createArtistIfNew($artist) {
global $mdb2;
$res = $mdb2->query("SELECT name FROM Artist WHERE name = " . htmlentities($artist));
$res = $mdb2->query("SELECT name FROM Artist WHERE name = " . utf8html($artist));
if(PEAR::isError($res)) {
die("FAILED " . $res->getMessage());
}
if(!$res->numRows()) {
// Artist doesn't exist, so we create them
$res = $mdb2->query("INSERT INTO Artist (name) VALUES (" . htmlentities($artist) . ")");
$res = $mdb2->query("INSERT INTO Artist (name) VALUES (" . utf8html($artist) . ")");
if(PEAR::isError($res)) {
die("FAILED " . $res->getMessage());
}
......@@ -39,14 +39,14 @@ function createArtistIfNew($artist) {
function createAlbumIfNew($artist, $album) {
global $mdb2;
$res = $mdb2->query("SELECT name FROM Album WHERE name = " . htmlentities($album));
$res = $mdb2->query("SELECT name FROM Album WHERE name = " . utf8html($album));
if(PEAR::isError($res)) {
die("FAILED " . $res->getMessage());
}
if(!$res->numRows()) {
// Album doesn't exist, so create it
$res = $mdb2->query("INSERT INTO Album (name, artist_name) VALUES (" . htmlentities($album) . ", " . htmlentities($artist) . ")");
$res = $mdb2->query("INSERT INTO Album (name, artist_name) VALUES (" . utf8html($album) . ", " . utf8html($artist) . ")");
if(PEAR::isError($res)) {
die("FAILED " . $res->getMessage());
}
......@@ -56,7 +56,7 @@ function createAlbumIfNew($artist, $album) {
function createTrackIfNew($artist, $album, $track, $mbid) {
global $mdb2;
$res = $mdb2->query("SELECT name FROM Track WHERE name = " . htmlentities($track) . " AND artist = " . htmlentities($artist));
$res = $mdb2->query("SELECT name FROM Track WHERE name = " . utf8html($track) . " AND artist = " . utf8html($artist));
if(PEAR::isError($res)) {
die("FAILED " . $res->getMessage());
}
......@@ -64,14 +64,17 @@ function createTrackIfNew($artist, $album, $track, $mbid) {
if(!$res->numRows()) {
// Create new track
$res = $mdb2->query("INSERT INTO Track (name, artist, album, mbid) VALUES ("
. htmlentities($track) . ", "
. htmlentities($artist) . ", "
. htmlentities($album) . ", "
. htmlentities($mbid) . ")");
. utf8html($track) . ", "
. utf8html($artist) . ", "
. utf8html($album) . ", "
. utf8html($mbid) . ")");
if(PEAR::isError($res)) {
die("FAILED " . $res->getMessage());
}
}
}
function utf8html(&$input) {
$input = utf8_encode(htmlentities($input));
}
?>
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment