Only insert utf8-encoded data into the database.

Make sure the data we use in our xml-forms are utf8 (since the database already contains !utf8-stuff). I -really- hope this doesn't break gobbling.

Only insert utf8-encoded data into the database.
Make sure the data we use in our xml-forms are utf8 (since the database already contains !utf8-stuff). I -really- hope this doesn't break gobbling.
c93458b5 · jurgbohn · 51ebb847 · c93458b5 · c93458b5 · c93458b5
Commit c93458b5 authored Apr 06, 2009 by jurgbohn
Hide whitespace changes
Inline Side-by-side

Showing with 23 additions and 19 deletions

gobbler/api/artist.php gobbler/api/artist.php +8 -6

gobbler/api/user.php gobbler/api/user.php +3 -4

gobbler/scrobble-utils.php gobbler/scrobble-utils.php +12 -9

No files found.
--- a/gobbler/api/artist.php
+++ b/gobbler/api/artist.php
@@ -28,15 +28,14 @@ class Artist {
 	$row = $res->fetchRow(MDB2_FETCHMODE_ASSOC);

 	$artist = $xml->addChild("artist", null);
-	$artist->addChild("name", $row['name']);
+	$artist->addChild("name", utf8_encode($row['name']));
 	$artist->addChild("mbid", $row['mbid']);
-	//$artist->addChild("url", $row['url']);
 	$artist->addChild("streamable", $row['streamable']);

 	$bio = $artist->addChild("bio", null);
 	$bio->addChild("published", $row['bio_published']);
-	$bio->addChild("summary", $row['bio_summary']);
-	$bio->addChild("content", $row['bio_content']);
+	$bio->addChild("summary", utf8_encode(htmlentities($row['bio_summary'])));
+	$bio->addChild("content", utf8_encode(htmlentities($row['bio_content'])));

 	$res->free();

@@ -59,12 +58,15 @@ class Artist {

 	$xml = new SimpleXMLElement("<lfm status=\"ok\"></lfm>");
 	$root = $xml->addChild("toptracks", null);
-	$root->addAttribute("artist", $artist);
+	$root->addAttribute("artist", utf8_encode(htmlentities($artist)));
 	$i = 1;
+
+	// Loop over every result and add as children to "toptracks".
+	// Encode trackname as utf8 and replace bad symbols with html-equivalents
 	while (($row = $res->fetchRow(MDB2_FETCHMODE_ASSOC))) {
 	    $track = $root->addChild("track", null);
 	    $track->addAttribute("rank", $i);
-	    $track->addChild("name", htmlentities($row['name']));
+	    $track->addChild("name", utf8_encode(htmlentities($row['name'])));
 	    $track->addChild("mbid", $row['mbid']);
 	    $track->addChild("playcount", $row['freq']);
 	    $track->addChild("listeners", $row['dist']);

--- a/gobbler/api/user.php
+++ b/gobbler/api/user.php
@@ -69,7 +69,7 @@ class User {

 	    $track = $root->addChild("track", null);
 	    $track->addAttribute("rank", $i);
-	    $track->addChild("name", htmlentities($row['name']));
+	    $track->addChild("name", utf8_encode(htmlentities($row['name'])));
 	    $track->addChild("playcount", $row['freq']);
 	    $i++;
 	}
@@ -102,13 +102,12 @@ class User {

 	while (($row = $res->fetchRow(MDB2_FETCHMODE_ASSOC))) {
 	    $track = $root->addChild("track", null);
-	    $artist = $track->addChild("artist", $row['artist']);
+	    $artist = $track->addChild("artist", utf8_encode(htmlentities($row['artist'])));
 	    $artist->addAttribute("mbid", $row['artmbid']);
-	    $track->addChild("name", htmlentities($row['name']));
+	    $track->addChild("name", utf8_encode(htmlentities($row['name'])));
 	}

 	return($xml);
-
    }	
 }
 ?>
--- a/gobbler/scrobble-utils.php
+++ b/gobbler/scrobble-utils.php
@@ -22,14 +22,14 @@ function usernameFromSID($session_id) {
 function createArtistIfNew($artist) {
 	global $mdb2;

-	$res = $mdb2->query("SELECT name FROM Artist WHERE name = " . htmlentities($artist));
+	$res = $mdb2->query("SELECT name FROM Artist WHERE name = " . utf8html($artist));
 	if(PEAR::isError($res)) {
 		die("FAILED " . $res->getMessage());
 	}

 	if(!$res->numRows()) {
 		// Artist doesn't exist, so we create them
-		$res = $mdb2->query("INSERT INTO Artist (name) VALUES (" . htmlentities($artist) . ")");
+		$res = $mdb2->query("INSERT INTO Artist (name) VALUES (" . utf8html($artist) . ")");
 		if(PEAR::isError($res)) {
 			die("FAILED " . $res->getMessage());
 		}
@@ -39,14 +39,14 @@ function createArtistIfNew($artist) {
 function createAlbumIfNew($artist, $album) {
 	global $mdb2;

-	$res = $mdb2->query("SELECT name FROM Album WHERE name = " . htmlentities($album));
+	$res = $mdb2->query("SELECT name FROM Album WHERE name = " . utf8html($album));
 	if(PEAR::isError($res)) {
 		die("FAILED " . $res->getMessage());
 	}

 	if(!$res->numRows()) {
 		// Album doesn't exist, so create it
-		$res = $mdb2->query("INSERT INTO Album (name, artist_name) VALUES (" . htmlentities($album) . ", " . htmlentities($artist) . ")");
+		$res = $mdb2->query("INSERT INTO Album (name, artist_name) VALUES (" . utf8html($album) . ", " . utf8html($artist) . ")");
 		if(PEAR::isError($res)) {
 			die("FAILED " . $res->getMessage());
 		}
@@ -56,7 +56,7 @@ function createAlbumIfNew($artist, $album) {
 function createTrackIfNew($artist, $album, $track, $mbid) {
 	global $mdb2;

-	$res = $mdb2->query("SELECT name FROM Track WHERE name = " . htmlentities($track) . " AND artist = " . htmlentities($artist));
+	$res = $mdb2->query("SELECT name FROM Track WHERE name = " . utf8html($track) . " AND artist = " . utf8html($artist));
 	if(PEAR::isError($res)) {
 		die("FAILED " . $res->getMessage());
 	}
@@ -64,14 +64,17 @@ function createTrackIfNew($artist, $album, $track, $mbid) {
 	if(!$res->numRows()) {
 		// Create new track
 		$res = $mdb2->query("INSERT INTO Track (name, artist, album, mbid) VALUES ("
-			. htmlentities($track) . ", "
-			. htmlentities($artist) . ", "
-			. htmlentities($album) . ", "
-			. htmlentities($mbid) . ")");
+			. utf8html($track) . ", "
+			. utf8html($artist) . ", "
+			. utf8html($album) . ", "
+			. utf8html($mbid) . ")");
 		if(PEAR::isError($res)) {
 			die("FAILED " . $res->getMessage());
 		}
 	}
 }

+function utf8html(&$input) {
+    $input = utf8_encode(htmlentities($input));
+}
 ?>