From 6cdc7cf9b0e29628f1ee845bd645991f8efc1840 Mon Sep 17 00:00:00 2001 From: gmc Date: Thu, 7 Apr 2011 15:50:28 +0000 Subject: [PATCH] further fixes to maintain_901 Now correctly handles &, <, or > appearing in the tcn_value or tcn_source. Also introduces a trivial utility stored function, evergreen.xml_escape(): evergreen.xml_escape(TEXT) returns TEXT: converts '&', '<', and '>' to XML entities Signed-off-by: Galen Charlton git-svn-id: svn://svn.open-ils.org/ILS/trunk@20014 dcc99617-32d9-48b4-a31d-7c20da2025e4 --- Open-ILS/src/sql/Pg/000.functions.general.sql | 7 +++++++ Open-ILS/src/sql/Pg/002.functions.config.sql | 13 ++----------- Open-ILS/src/sql/Pg/002.schema.config.sql | 2 +- 3 files changed, 10 insertions(+), 12 deletions(-) diff --git a/Open-ILS/src/sql/Pg/000.functions.general.sql b/Open-ILS/src/sql/Pg/000.functions.general.sql index f9603412dd..cb6f82b37d 100644 --- a/Open-ILS/src/sql/Pg/000.functions.general.sql +++ b/Open-ILS/src/sql/Pg/000.functions.general.sql @@ -11,6 +11,13 @@ CREATE OR REPLACE FUNCTION evergreen.lowercase( TEXT ) RETURNS TEXT AS $$ return lc(shift); $$ LANGUAGE PLPERLU STRICT IMMUTABLE; +CREATE OR REPLACE FUNCTION evergreen.xml_escape(str TEXT) RETURNS text AS $$ + SELECT REPLACE(REPLACE(REPLACE($1, + '&', '&'), + '<', '<'), + '>', '>'); +$$ LANGUAGE SQL IMMUTABLE; + CREATE OR REPLACE FUNCTION evergreen.change_db_setting(setting_name TEXT, settings TEXT[]) RETURNS VOID AS $$ BEGIN EXECUTE 'ALTER DATABASE ' || quote_ident(current_database()) || ' SET ' || quote_ident(setting_name) || ' = ' || array_to_string(settings, ','); diff --git a/Open-ILS/src/sql/Pg/002.functions.config.sql b/Open-ILS/src/sql/Pg/002.functions.config.sql index 99f98d81d9..cc594d0cf9 100644 --- a/Open-ILS/src/sql/Pg/002.functions.config.sql +++ b/Open-ILS/src/sql/Pg/002.functions.config.sql @@ -422,8 +422,6 @@ $f$ LANGUAGE PLPERLU; CREATE OR REPLACE FUNCTION maintain_901 () RETURNS TRIGGER AS $func$ DECLARE use_id_for_tcn BOOLEAN; - norm_tcn_value TEXT; - norm_tcn_source TEXT; BEGIN -- Remove any existing 901 fields before we insert the authoritative one NEW.marc := REGEXP_REPLACE(NEW.marc, E']*?tag="901".+?', '', 'g'); @@ -435,21 +433,14 @@ BEGIN IF use_id_for_tcn = 't' THEN NEW.tcn_value := NEW.id; - norm_tcn_value := NEW.tcn_value; - ELSE - -- yes, ampersands can show up in tcn_values ... - norm_tcn_value := REGEXP_REPLACE(NEW.tcn_value, E'&(?!\\S+;)', '&', 'g'); END IF; - -- ... and TCN sources - -- FIXME we have here yet another (stub) version of entityize - norm_tcn_source := REGEXP_REPLACE(NEW.tcn_source, E'&(?!\\S+;)', '&', 'g'); NEW.marc := REGEXP_REPLACE( NEW.marc, E'()', E'' || - '' || norm_tcn_value || E'' || - '' || norm_tcn_source || E'' || + '' || evergreen.xml_escape(NEW.tcn_value) || E'' || + '' || evergreen.xml_escape(NEW.tcn_source) || E'' || '' || NEW.id || E'' || '' || TG_TABLE_SCHEMA || E'' || CASE WHEN NEW.owner IS NOT NULL THEN '' || NEW.owner || E'' ELSE '' END || diff --git a/Open-ILS/src/sql/Pg/002.schema.config.sql b/Open-ILS/src/sql/Pg/002.schema.config.sql index 2f4138cd17..cf73e7bc5a 100644 --- a/Open-ILS/src/sql/Pg/002.schema.config.sql +++ b/Open-ILS/src/sql/Pg/002.schema.config.sql @@ -70,7 +70,7 @@ CREATE TABLE config.upgrade_log ( install_date TIMESTAMP WITH TIME ZONE NOT NULL DEFAULT NOW() ); -INSERT INTO config.upgrade_log (version) VALUES ('0508'); -- gmc +INSERT INTO config.upgrade_log (version) VALUES ('0509'); -- gmc CREATE TABLE config.bib_source ( id SERIAL PRIMARY KEY, -- 2.11.0