Fix sanitizing and UTF-8.

author Steinar H. Gunderson <Steinar H. Gunderson sesse@debian.org>

Sat, 17 Mar 2012 17:35:44 +0000 (18:35 +0100)

committer Steinar H. Gunderson <Steinar H. Gunderson sesse@debian.org>

Sat, 17 Mar 2012 17:35:44 +0000 (18:35 +0100)
author Steinar H. Gunderson <Steinar H. Gunderson sesse@debian.org>
Sat, 17 Mar 2012 17:35:44 +0000 (18:35 +0100)
committer Steinar H. Gunderson <Steinar H. Gunderson sesse@debian.org>
Sat, 17 Mar 2012 17:35:44 +0000 (18:35 +0100)
diff --git a/www/index.pl b/www/index.pl

index ecac609acdef31d01988f3e9edb7b7224bcf5b06..a4c16fd949c74e63e3e2afeb5e12295c2901f12d 100755 (executable)
--- a/www/index.pl
+++ b/www/index.pl
@@ -7,6 +7,8 @@ use CGI::Carp qw( fatalsToBrowser );
  use DBI;
  use POSIX;
  use Devel::Peek;
+use HTML::Entities;
+use Encode;
  use locale;
  require '../config.pm';
  
@@ -28,9 +30,7 @@ my %parms = ();
  my $match_stddev;
  
  sub sanitize {
-       $_ = shift;
-       y/ \t\n<>&/_/;
-       return $_;
+       return HTML::Entities::encode_entities(shift);
  }
  
  sub color {
@@ -262,7 +262,7 @@ $q->execute($season, $division, $subdivision);
  
  while (my $ref = $q->fetchrow_hashref) {
         my $id = $ref->{'id'};
-       $players{$id} = sanitize($ref->{'navn'});
+       $players{$id} = sanitize(Encode::decode_utf8($ref->{'navn'}));
         $ratings{$id} = $ref->{'rating'};
  }
  $q->finish;
author	Steinar H. Gunderson <Steinar H. Gunderson sesse@debian.org>
	Sat, 17 Mar 2012 17:35:44 +0000 (18:35 +0100)
committer	Steinar H. Gunderson <Steinar H. Gunderson sesse@debian.org>
	Sat, 17 Mar 2012 17:35:44 +0000 (18:35 +0100)