From 4a2c11111f0b1e44d8c95ae281604350888b127e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Antonio=20Ca=C3=B1as=20Vargas?= Date: Fri, 8 Apr 2016 00:50:30 +0200 Subject: [PATCH] Version 15.187.1 --- swad_changelog.h | 3 +- swad_string.c | 94 ++++++++---------------------------------------- 2 files changed, 16 insertions(+), 81 deletions(-) diff --git a/swad_changelog.h b/swad_changelog.h index 4a13b8788..e98f2e38b 100644 --- a/swad_changelog.h +++ b/swad_changelog.h @@ -132,13 +132,14 @@ /****************************** Public constants *****************************/ /*****************************************************************************/ -#define Log_PLATFORM_VERSION "SWAD 15.187 (2016-04-07)" +#define Log_PLATFORM_VERSION "SWAD 15.187.1 (2016-04-08)" #define CSS_FILE "swad15.186.css" #define JS_FILE "swad15.186.js" // Number of lines (includes comments but not blank lines) has been got with the following command: // nl swad*.c swad*.h css/swad*.css py/swad*.py js/swad*.js soap/swad*.h sql/swad*.sql | tail -1 /* + Version 15.187.1: Apr 08, 2016 Code optimization in function to change format of string. (198872 lines) Version 15.187: Apr 07, 2016 Fixed bug in forms sent using content type multipart/form-data. (198938 lines) Version 15.186: Apr 07, 2016 Changes in edition of a test question. (198840 lines) Version 15.185.4: Apr 07, 2016 Changes in edition of a test question. (198832 lines) diff --git a/swad_string.c b/swad_string.c index 45c6e3dd1..d79f27811 100644 --- a/swad_string.c +++ b/swad_string.c @@ -937,6 +937,7 @@ void Str_ChangeFormat (Str_ChangeFrom_t ChangeFrom,Str_ChangeTo_t ChangeTo, char *StrDst; char *PtrSrc; char *PtrDst; + unsigned char Ch; unsigned int SpecialChar; size_t LengthSpecStrSrc = 0; size_t LengthSpecStrDst; @@ -966,91 +967,38 @@ void Str_ChangeFormat (Str_ChangeFrom_t ChangeFrom,Str_ChangeTo_t ChangeTo, for (PtrSrc = Str, PtrDst = StrDst; *PtrSrc;) { + Ch = (unsigned char) *PtrSrc; switch (ChangeFrom) { case Str_FROM_FORM: if (Gbl.ContentReceivedByCGI == Act_CONTENT_DATA) - { // The form contained data and was sent with content type multipart/form-data - switch ((unsigned char) *PtrSrc) + switch (Ch) { case 0x20: /* Space */ - IsSpecialChar = true; - LengthSpecStrSrc = 1; - SpecialChar = 0x20; - break; case 0x22: /* Change double comilla --> """ */ - IsSpecialChar = true; - LengthSpecStrSrc = 1; - SpecialChar = 0x22; - break; case 0x23: /* '#' */ - IsSpecialChar = true; - LengthSpecStrSrc = 1; - SpecialChar = 0x23; - break; case 0x26: /* Change '&' --> "&" */ - IsSpecialChar = true; - LengthSpecStrSrc = 1; - SpecialChar = 0x26; - break; case 0x27: /* Change single comilla --> "'" to avoid SQL code injection */ - IsSpecialChar = true; - LengthSpecStrSrc = 1; - SpecialChar = 0x27; - break; case 0x2C: /* ',' */ - IsSpecialChar = true; - LengthSpecStrSrc = 1; - SpecialChar = 0x2C; - break; case 0x2F: /* '/' */ - IsSpecialChar = true; - LengthSpecStrSrc = 1; - SpecialChar = 0x2F; - break; case 0x3A: /* ':' */ - IsSpecialChar = true; - LengthSpecStrSrc = 1; - SpecialChar = 0x3A; - break; case 0x3B: /* ';' */ - IsSpecialChar = true; - LengthSpecStrSrc = 1; - SpecialChar = 0x3B; - break; case 0x3C: /* '<' --> "<" */ - IsSpecialChar = true; - LengthSpecStrSrc = 1; - SpecialChar = 0x3C; - break; case 0x3E: /* '>' --> ">" */ - IsSpecialChar = true; - LengthSpecStrSrc = 1; - SpecialChar = 0x3E; - break; case 0x3F: /* '?' */ - IsSpecialChar = true; - LengthSpecStrSrc = 1; - SpecialChar = 0x3F; - break; case 0x40: /* '@' */ - IsSpecialChar = true; - LengthSpecStrSrc = 1; - SpecialChar = 0x40; - break; case 0x5C: /* '\\' */ IsSpecialChar = true; LengthSpecStrSrc = 1; - SpecialChar = 0x5C; - break; + SpecialChar = (unsigned int) Ch; + break; default: - if ((unsigned char) *PtrSrc < 0x20 || - (unsigned char) *PtrSrc > 0x7F) + if (Ch < 0x20 || Ch > 0x7F) { IsSpecialChar = true; LengthSpecStrSrc = 1; - SpecialChar = (unsigned int) (unsigned char) *PtrSrc; + SpecialChar = (unsigned int) Ch; } else { @@ -1060,11 +1008,9 @@ void Str_ChangeFormat (Str_ChangeFrom_t ChangeFrom,Str_ChangeTo_t ChangeTo, } break; } - } else // Gbl.ContentReceivedByCGI == Act_CONTENT_NORM - { // The form contained text and was sent with content type application/x-www-form-urlencoded - switch ((unsigned char) *PtrSrc) + switch (Ch) { case '+': /* Change every '+' to a space */ IsSpecialChar = true; @@ -1077,14 +1023,10 @@ void Str_ChangeFormat (Str_ChangeFrom_t ChangeFrom,Str_ChangeTo_t ChangeTo, LengthSpecStrSrc = 3; break; case 0x27: /* Change single comilla --> "'" to avoid SQL code injection */ - IsSpecialChar = true; - LengthSpecStrSrc = 1; - SpecialChar = 0x27; - break; case 0x5C: /* '\\' */ IsSpecialChar = true; LengthSpecStrSrc = 1; - SpecialChar = 0x5C; + SpecialChar = (unsigned int) Ch; break; default: IsSpecialChar = false; @@ -1092,33 +1034,24 @@ void Str_ChangeFormat (Str_ChangeFrom_t ChangeFrom,Str_ChangeTo_t ChangeTo, ThereIsSpaceChar = false; break; } - } break; case Str_FROM_HTML: case Str_FROM_TEXT: - switch ((unsigned char) *PtrSrc) + switch (Ch) { case 0x20: /* Space */ - IsSpecialChar = true; - LengthSpecStrSrc = 1; - SpecialChar = 0x20; - break; case 0x27: /* Change single comilla --> "'" to avoid SQL code injection */ - IsSpecialChar = true; - LengthSpecStrSrc = 1; - SpecialChar = 0x27; - break; case 0x5C: /* '\\' */ IsSpecialChar = true; LengthSpecStrSrc = 1; - SpecialChar = 0x5C; + SpecialChar = (unsigned int) Ch; break; default: - if ((unsigned char) *PtrSrc < 0x20) + if (Ch < 0x20) { IsSpecialChar = true; LengthSpecStrSrc = 1; - SpecialChar = (unsigned int) (unsigned char) *PtrSrc; + SpecialChar = (unsigned int) Ch; } else { @@ -1130,6 +1063,7 @@ void Str_ChangeFormat (Str_ChangeFrom_t ChangeFrom,Str_ChangeTo_t ChangeTo, } break; } + if (IsSpecialChar) { switch (SpecialChar)