Revision 7678
Added by ben leinfelder almost 11 years ago
| index.jsp | ||
|---|---|---|
| 44 | 44 |
src="<%=STYLE_COMMON_URL%>/branding.js"></script> |
| 45 | 45 |
<script language="Javascript"> |
| 46 | 46 |
|
| 47 |
function encodeXML(theString) {
|
|
| 48 |
return theString.replace(/&/g, '&') |
|
| 49 |
.replace(/</g, '<') |
|
| 50 |
.replace(/>/g, '>') |
|
| 51 |
.replace(/"/g, '"'); |
|
| 52 |
} |
|
| 53 |
|
|
| 47 | 54 |
function trim(stringToTrim) {
|
| 48 | 55 |
return stringToTrim.replace(/^\s*/, '').replace(/\s*$/,''); |
| 49 | 56 |
} |
| 50 | 57 |
|
| 51 | 58 |
function checkSearch(submitFormObj) {
|
| 52 |
var searchString = trim(submitFormObj.searchstring.value); |
|
| 53 |
var checkBox = document.getElementById("searchAll");
|
|
| 59 |
var searchString = trim(submitFormObj.searchstring.value); |
|
| 60 |
searchString = encodeXML(searchString); |
|
| 61 |
var checkBox = document.getElementById("searchAll");
|
|
| 54 | 62 |
|
| 55 | 63 |
if (searchString=="") {
|
| 56 | 64 |
if (confirm("Show *all* data?")) {
|
Also available in: Unified diff
escape reserved XML characters when constructing a pathquery from user input (&). https://projects.ecoinformatics.org/ecoinfo/issues/3017