IntenseFinance/gnucash
3
0
Fork 0
mirror of https://github.com/Gnucash/gnucash.git synced 2025-02-20 11:48:30 -06:00
Code Issues Packages Projects Releases Wiki Activity

Escape labels for jqplot charts

Browse Source 
Escape single- and double-quotes as needed in the generation of the
HTML/JavaScript for the jqplot charts to avoid JavaScript errors.

Author: Aaron Lindsay <aaron@aclindsay.com>

git-svn-id: svn+ssh://svn.gnucash.org/repo/gnucash/trunk@23754 57a11ea4-9604-0410-9ed3-97b8803252fd
This commit is contained in:
Geert Janssens 2014-01-24 19:22:48 +00:00
parent ca225fe9b0
commit 549e23a48c
4 changed files with 24 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
src/report/report-system/html-barchart.scm
View File

@ -355,7 +355,7 @@
(push series-index)
(push ");\n")
(push "series.push({ label: \"")
(push label)
(push (jqplot-escape-string label))
(push "\"});\n\n")))
; Use a unique chart-id for each chart. This prevents chart
; clashed on multi-column reports
@ -447,12 +447,14 @@
(if title
(begin
(push " options.title = \"")
(push title) (push "\";\n")))
(push (jqplot-escape-string title))
(push "\";\n")))
(if subtitle
(begin
(push " options.title += \" (")
(push subtitle) (push ")\";\n")))
(push (jqplot-escape-string subtitle))
(push ")\";\n")))
(if (and (string? x-label) (> (string-length x-label) 0))
(begin

9
src/report/report-system/html-jqplot.scm
View File

@ -14,3 +14,12 @@
"\" />\n"
))
(define (jqplot-escape-string s1)
;; Escape single and double quotes and backslashes
(set! s1 (regexp-substitute/global #f "\\\\" s1 'pre "\\\\" 'post))
(set! s1 (regexp-substitute/global #f "'" s1 'pre "\\'" 'post))
(set! s1 (regexp-substitute/global #f "\"" s1 'pre "\\\"" 'post))
;; Escape HTML special characters
(set! s1 (regexp-substitute/global #f "&" s1 'pre "&amp;" 'post))
(set! s1 (regexp-substitute/global #f "<" s1 'pre "&lt;" 'post))
(regexp-substitute/global #f ">" s1 'pre "&gt;" 'post))

8
src/report/report-system/html-linechart.scm
View File

@ -387,7 +387,7 @@
(push series-index)
(push ");\n")
(push "series.push({ label: \"")
(push label)
(push (jqplot-escape-string label))
(push "\"});\n\n")))
; Use a unique chart-id for each chart. This prevents chart
; clashed on multi-column reports
@ -489,12 +489,14 @@
(if title
(begin
(push " options.title = \"")
(push title) (push "\";\n")))
(push (jqplot-escape-string title))
(push "\";\n")))
(if subtitle
(begin
(push " options.title += \" (")
(push subtitle) (push ")\";\n")))
(push (jqplot-escape-string subtitle))
(push ")\";\n")))
(if (and (string? x-label) (> (string-length x-label) 0))
(begin

8
src/report/report-system/html-piechart.scm
View File

@ -229,7 +229,7 @@
(for-each
(lambda (datum label)
(push " data.push(['")
(push label)
(push (jqplot-escape-string label))
(push "',")
(push datum)
(push "]);\n"))
@ -247,11 +247,13 @@
(if title
(begin
(push " options.title = \"")
(push title) (push "\";\n")))
(push (jqplot-escape-string title))
(push "\";\n")))
(if subtitle
(begin
(push " options.title += \" (")
(push subtitle) (push ")\";\n")))
(push (jqplot-escape-string subtitle))
(push ")\";\n")))
(push "$.jqplot.config.enablePlugins = true;\n")
(push "var plot = $.jqplot('")(push chart-id)(push "', [data], options);\n")