From c69d85040be1d4a1d3b1293f7fe1777cd3085cb6 Mon Sep 17 00:00:00 2001
From: "Steinar H. Gunderson" <Steinar H. Gunderson sesse@debian.org>
Date: Sat, 17 Mar 2012 18:35:44 +0100
Subject: [PATCH] Fix sanitizing and UTF-8.

---
 www/index.pl | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/www/index.pl b/www/index.pl
index ecac609..a4c16fd 100755
--- a/www/index.pl
+++ b/www/index.pl
@@ -7,6 +7,8 @@ use CGI::Carp qw( fatalsToBrowser );
 use DBI;
 use POSIX;
 use Devel::Peek;
+use HTML::Entities;
+use Encode;
 use locale;
 require '../config.pm';
 
@@ -28,9 +30,7 @@ my %parms = ();
 my $match_stddev;
 
 sub sanitize {
-	$_ = shift;
-	y/ \t\n<>&/_/;
-	return $_;
+	return HTML::Entities::encode_entities(shift);
 }
 
 sub color {
@@ -262,7 +262,7 @@ $q->execute($season, $division, $subdivision);
 
 while (my $ref = $q->fetchrow_hashref) {
 	my $id = $ref->{'id'};
-	$players{$id} = sanitize($ref->{'navn'});
+	$players{$id} = sanitize(Encode::decode_utf8($ref->{'navn'}));
 	$ratings{$id} = $ref->{'rating'};
 }
 $q->finish;
-- 
2.39.5