From d1c28d904675c675a845de095a0c708c7b8ff7e5 Mon Sep 17 00:00:00 2001
From: henoheno <henoheno>
Date: Sun, 3 Apr 2005 12:33:47 +0900
Subject: [PATCH] Added htmlspecialchars() for table header. Do
 htmlspecialchars() at last. Simplify

---
 plugin/bugtrack.inc.php | 36 +++++++++++++++---------------------
 1 file changed, 15 insertions(+), 21 deletions(-)

diff --git a/plugin/bugtrack.inc.php b/plugin/bugtrack.inc.php
index ab3eb35..93723ab 100644
--- a/plugin/bugtrack.inc.php
+++ b/plugin/bugtrack.inc.php
@@ -1,5 +1,5 @@
 <?php
-// $Id: bugtrack.inc.php,v 1.24 2005/04/03 03:09:30 henoheno Exp $
+// $Id: bugtrack.inc.php,v 1.25 2005/04/03 03:33:47 henoheno Exp $
 //
 // PukiWiki BugTrack plugin
 //
@@ -265,21 +265,19 @@ function plugin_bugtrack_list_convert()
 	$data = array();
 	$pattern = $page . '/';
 	$pattern_len = strlen($pattern);
-	foreach (get_existpages() as $page) {
-		if (strpos($page, $pattern) === 0 && is_numeric(substr($page, $pattern_len))) {
-			$line = plugin_bugtrack_list_pageinfo($page);
-			array_push($data, $line);
-		}
-	}
+	foreach (get_existpages() as $page)
+		if (strpos($page, $pattern) === 0 && is_numeric(substr($page, $pattern_len)))
+			array_push($data, plugin_bugtrack_list_pageinfo($page));
 
 	$count_list = count($_plugin_bugtrack['state_list']);
 
 	$table = array();
-	for ($i = 0; $i <= $count_list + 1; ++$i)
-		$table[$i] = array();
+	for ($i = 0; $i <= $count_list + 1; ++$i) $table[$i] = array();
 
 	foreach ($data as $line) {
 		list($page, $no, $summary, $name, $priority, $state, $category) = $line;
+		foreach (array('summary', 'name', 'priority', 'state', 'category') as $item)
+			$$item = htmlspecialchars($$item);
 		$page_link = make_pagelink($page);
 
 		$state_no = array_search($state, $_plugin_bugtrack['state_sort']);
@@ -299,17 +297,13 @@ EOD;
 		$table[$state_no][$no] = $row;
 	}
 
+	$table_html = ' <tr>' . "\n";
 	$bgcolor = htmlspecialchars($_plugin_bugtrack['header_bgcolor']);
-	$table_html = <<<EOD
- <tr>
-  <th style="background-color:$bgcolor">${_plugin_bugtrack['pagename']}</th>
-  <th style="background-color:$bgcolor">${_plugin_bugtrack['state'   ]}</th>
-  <th style="background-color:$bgcolor">${_plugin_bugtrack['priority']}</th>
-  <th style="background-color:$bgcolor">${_plugin_bugtrack['category']}</th>
-  <th style="background-color:$bgcolor">${_plugin_bugtrack['name'    ]}</th>
-  <th style="background-color:$bgcolor">${_plugin_bugtrack['summary' ]}</th>
- </tr>
-EOD;
+	foreach (array('pagename', 'state', 'priority', 'category', 'name', 'summary') as $item)
+		$table_html .= '  <th style="background-color:' . $bgcolor . '">' .
+			htmlspecialchars($_plugin_bugtrack[$item]) . '</th>' . "\n";
+	$table_html .= ' </tr>' . "\n";
+
 	for ($i = 0; $i <= $count_list; ++$i) {
 		ksort($table[$i], SORT_NUMERIC);
 		$table_html .= join("\n", $table[$i]);
@@ -341,9 +335,9 @@ function plugin_bugtrack_list_pageinfo($page, $no = NULL, $recurse = TRUE)
 		$regex = '/-\s*' . preg_quote($_plugin_bugtrack[$item], '/') . '\s*:(.*)/';
 		if (preg_match($regex, $body, $matches)) {
 			if ($item == 'name') {
-				$$item = htmlspecialchars(strip_bracket(trim($matches[1])));
+				$$item = strip_bracket(trim($matches[1]));
 			} else {
-				$$item = htmlspecialchars(trim($matches[1]));
+				$$item = trim($matches[1]);
 			}
 		} else {
 				$$item = ''; // Data not found
-- 
2.11.0