HTML: Better quoting to the export strings

Move the quote function to membuffer.c and adding wrappers that call
it from both xml and html exporters to get rid of redundancy.

Quote the location, buddy, suit, tags and notes This
prevents js code from crashing.

[Miika Turkia: minor whitespace and code fix]

Signed-off-by: Gehad elrobey <gehadelrobey@gmail.com>
Signed-off-by: Miika Turkia <miika.turkia@gmail.com>
Signed-off-by: Dirk Hohndel <dirk@hohndel.org>

membuffer.c

@@ -96,7 +96,7 @@ void put_vformat(struct membuffer *b, const char *fmt, va_list args)
 			return;
 		}
 
-		room = len+1;
+		room = len + 1;
 	}
 }
 
@@ -174,5 +174,57 @@ void put_degrees(struct membuffer *b, degrees_t value, const char *pre, const ch
 		udeg = -udeg;
 		sign = "-";
 	}
-	put_format(b,"%s%s%u.%06u%s", pre, sign, FRACTION(udeg, 1000000), post);
+	put_format(b, "%s%s%u.%06u%s", pre, sign, FRACTION(udeg, 1000000), post);
+}
+
+void put_quoted(struct membuffer *b, const char *text, int is_attribute, int is_html)
+{
+	const char *p = text;
+
+	for (;;) {
+		const char *escape;
+
+		switch (*p++) {
+		default:
+			continue;
+		case 0:
+			escape = NULL;
+			break;
+		case 1 ... 8:
+		case 11:
+		case 12:
+		case 14 ... 31:
+			escape = "?";
+			break;
+		case '<':
+			escape = "&lt;";
+			break;
+		case '>':
+			escape = "&gt;";
+			break;
+		case '&':
+			escape = "&amp;";
+			break;
+		case '\'':
+			if (!is_attribute)
+				continue;
+			escape = "&apos;";
+			break;
+		case '\"':
+			if (!is_attribute)
+				continue;
+			escape = "&quot;";
+			break;
+		case '\n':
+			if (!is_html)
+				continue;
+			else
+				escape = "<br>";
+		}
+		put_bytes(b, text, (p - text - 1));
+		if (!escape)
+			break;
+		put_string(b, escape);
+		text = p;
+	}
 }

membuffer.h

@@ -22,6 +22,7 @@ extern void free_buffer(struct membuffer *);
 extern void flush_buffer(struct membuffer *, FILE *);
 extern void put_bytes(struct membuffer *, const char *, int);
 extern void put_string(struct membuffer *, const char *);
+extern void put_quoted(struct membuffer *, const char *, int, int);
 extern void strip_mb(struct membuffer *);
 extern const char *mb_cstring(struct membuffer *);
 extern __printf(2, 0) void put_vformat(struct membuffer *, const char *, va_list);

save-html.c

@@ -8,65 +8,18 @@ void put_HTML_date(struct membuffer *b, struct dive *dive, const char *pre, cons
 	put_format(b, "%s%04u-%02u-%02u%s", pre, tm.tm_year + 1900, tm.tm_mon + 1, tm.tm_mday, post);
 }
 
-char *replace_char(char *str, char replace, char *replace_by)
+void put_HTML_quoted(struct membuffer *b, const char *text)
 {
-	/*
-		this function can't replace a character with a substring
-		where the substring contains the character, infinite loop.
-	*/
-
-	if (!str)
-		return 0;
-
-	int i = 0, char_count = 0, new_size;
-
-	while (str[i] != '\0') {
-		if (str[i] == replace)
-			char_count++;
-		i++;
-	}
-
-	new_size = strlen(str) + char_count * strlen(replace_by) + 1;
-	char *result = malloc(new_size);
-	char *temp = strdup(str);
-	char *p0, *p1;
-	if (!result || !temp)
-		return 0;
-	result[0] = '\0';
-	p0 = temp;
-	p1 = strchr(temp, replace);
-	while (p1) {
-		*p1 = '\0';
-		strcat(result, p0);
-		strcat(result, replace_by);
-		p0 = p1 + 1;
-		p1 = strchr(p0, replace);
-	}
-	strcat(result, p0); /*concat the rest of the string*/
-	free(temp);
-	return result;
-}
-
-char *quote(char *string)
-{
-	char *less_than_removed = replace_char(string, '<', "&lt;");
-	char *greater_than_removed = replace_char(less_than_removed, '>', "&gt;");
-	char *new_line_removed = replace_char(greater_than_removed, '\n', "<br>");
-	char *double_quotes_removed = replace_char(new_line_removed, '"', "&quot;");
-	char *single_quotes_removed = replace_char(double_quotes_removed, '\'', "&#39;");
-	free(new_line_removed);
-	free(less_than_removed);
-	free(greater_than_removed);
-	free(double_quotes_removed);
-	return single_quotes_removed;
+	int is_html = 1, is_attribute = 1;
+	put_quoted(b, text, is_attribute, is_html);
 }
 
 void put_HTML_notes(struct membuffer *b, struct dive *dive, const char *pre, const char *post)
 {
 	if (dive->notes) {
-		char *notes = quote(dive->notes);
-		put_format(b, "%s%s%s", pre, notes, post);
-		free(notes);
+		put_string(b, pre);
+		put_HTML_quoted(b, dive->notes);
+		put_string(b, post);
 	}
 }
 
@@ -113,7 +66,9 @@ void put_HTML_tags(struct membuffer *b, struct dive *dive, const char *pre, cons
 		put_string(b, "\"--\",");
 
 	while (tag) {
-		put_format(b, "\"%s\",", tag->tag->name);
+		put_string(b, "\"");
+		put_HTML_quoted(b, tag->tag->name);
+		put_string(b, "\",");
 		tag = tag->next;
 	}
 	put_string(b, "]");
@@ -124,7 +79,9 @@ void write_attribute(struct membuffer *b, const char *att_name, const char *valu
 {
 	if (!value)
 		value = "--";
-	put_format(b, "\"%s\":\"%s\",", att_name, value);
+	put_format(b, "\"%s\":\"", att_name);
+	put_HTML_quoted(b, value);
+	put_string(b, "\",");
 }
 
 void write_one_dive(struct membuffer *b, struct dive *dive, int *dive_no)

save-html.h

@@ -13,9 +13,7 @@ void put_HTML_airtemp(struct membuffer *b, struct dive *dive, const char *pre, c
 void put_HTML_watertemp(struct membuffer *b, struct dive *dive, const char *pre, const char *post);
 void put_HTML_time(struct membuffer *b, struct dive *dive, const char *pre, const char *post);
 void put_HTML_notes(struct membuffer *b, struct dive *dive, const char *pre, const char *post);
-
-char *replace_char(char *str, char replace, char *replace_by);
-char *quote(char *string);
+void put_HTML_quoted(struct membuffer *b, const char *text);
 
 void export_HTML(const char *file_name, const bool selected_only);
 

save-xml.c

@@ -23,49 +23,8 @@
  */
 static void quote(struct membuffer *b, const char *text, int is_attribute)
 {
-	const char *p = text;
-
-	for (;;) {
-		const char *escape;
-
-		switch (*p++) {
-		default:
-			continue;
-		case 0:
-			escape = NULL;
-			break;
-		case 1 ... 8:
-		case 11:
-		case 12:
-		case 14 ... 31:
-			escape = "?";
-			break;
-		case '<':
-			escape = "&lt;";
-			break;
-		case '>':
-			escape = "&gt;";
-			break;
-		case '&':
-			escape = "&amp;";
-			break;
-		case '\'':
-			if (!is_attribute)
-				continue;
-			escape = "&apos;";
-			break;
-		case '\"':
-			if (!is_attribute)
-				continue;
-			escape = "&quot;";
-			break;
-		}
-		put_bytes(b, text, (p - text - 1));
-		if (!escape)
-			break;
-		put_string(b, escape);
-		text = p;
-	}
+	int is_html = 0;
+	put_quoted(b, text, is_attribute, is_html);
 }
 
 static void show_utf8(struct membuffer *b, const char *text, const char *pre, const char *post, int is_attribute)

worldmap-save.c

@@ -38,7 +38,9 @@ void writeMarkers(struct membuffer *b, const bool selected_only)
 		put_depth(b, dive->maxdepth, translate("gettextFromC", "<p>Max Depth: "), translate("gettextFromC", " m</p>"));
 		put_HTML_airtemp(b, dive, translate("gettextFromC", "<p>Air Temp: "), "</p>");
 		put_HTML_watertemp(b, dive, translate("gettextFromC", "<p>Water Temp : "), "</p>");
-		put_format(b, "<p>Location : <b>%s</b></p>", quote(dive->location));
+		put_string(b, "<p>Location : <b>");
+		put_HTML_quoted(b, dive->location);
+		put_string(b, "</b></p>");
 		put_HTML_notes(b, dive, translate("gettextFromC", "<p> Notes"), " </p>");
 		put_string(b, "</p>'+'</div>'+'</div>'});\ninfowindows.push(tempinfowindow);\n");
 		put_format(b, "google.maps.event.addListener(markers[%d], 'mouseover', function() {\ninfowindows[%d].open(map,markers[%d]);}", dive_no, dive_no, dive_no);