X-Git-Url: https://git.stderr.nl/gitweb?p=matthijs%2Fupstream%2Fblosxom.git;a=blobdiff_plain;f=blosxom.cgi;h=2e6181fee151acdaa4a6685941cf9b4d3ada775a;hp=29b9a540d4ebf6022a0e38a47ba1cb9de0f799f8;hb=4ca079445f95088dac8bdc7506aa04696513fb12;hpb=282b6119e5aa8e7c679eb6c39aeaae5b16a8d6dd

diff --git a/blosxom.cgi b/blosxom.cgi
index 29b9a54..2e6181f 100755
--- a/blosxom.cgi
+++ b/blosxom.cgi
@@ -1,8 +1,8 @@
 #!/usr/bin/perl
 
 # Blosxom
-# Author: Rael Dornfest <rael@oreilly.com>
-# Version: 2.0.2
+# Author: Rael Dornfest (2003), The Blosxom Development Team (2005-2008)
+# Version: 2.1.0
 # Home/Docs/Licensing: http://blosxom.sourceforge.net/
 # Development/Downloads: http://sourceforge.net/projects/blosxom
 
@@ -88,7 +88,7 @@ use File::stat;
 use Time::Local;
 use CGI qw/:standard :netscape/;
 
-$version = "2.0.2";
+$version = "2.1.0";
 
 # Should I encode entities for xml content-types? (plugins can turn this off if they do it themselves)
 $encode_xml_entities = 1;
@@ -661,17 +661,30 @@ sub generate {
             }
 
             if ( $encode_xml_entities && $content_type =~ m{\bxml\b} ) {
+                # Escape special characters inside the <link> container
+
+                # The following line should be moved more towards to top for
+                # performance reasons -- Axel Beckert, 2008-07-22
+                my $url_escape_re = qr([^-/a-zA-Z0-9:._]);
+
+                $url   =~ s($url_escape_re)(sprintf('%%%02X', ord($&)))eg;
+                $path  =~ s($url_escape_re)(sprintf('%%%02X', ord($&)))eg;
+                $fn    =~ s($url_escape_re)(sprintf('%%%02X', ord($&)))eg;
 
                 # Escape <, >, and &, and to produce valid RSS
                 my %escape = (
                     '<' => '&lt;',
                     '>' => '&gt;',
                     '&' => '&amp;',
-                    '"' => '&quot;'
+                    '"' => '&quot;',
+                    "'" => '&apos;'
                 );
                 my $escape_re = join '|' => keys %escape;
                 $title =~ s/($escape_re)/$escape{$1}/g;
                 $body  =~ s/($escape_re)/$escape{$1}/g;
+                $url   =~ s/($escape_re)/$escape{$1}/g;
+                $path  =~ s/($escape_re)/$escape{$1}/g;
+                $fn    =~ s/($escape_re)/$escape{$1}/g;
             }
 
             $story = &$interpolate($story);
@@ -735,34 +748,31 @@ sub nice_date {
 __DATA__
 html content_type text/html; charset=$blog_encoding
 
+html head <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
 html head <html>
 html head     <head>
-html head         <meta http-equiv="content-type" content="text/html;charset=$blog_encoding" />
-html head         <link rel="alternate" type="application/rss+xml" title="RSS" href="$url/index.rss" />
-html head         <title>$blog_title $path_info_da $path_info_mo $path_info_yr
-html head         </title>
+html head         <meta http-equiv="content-type" content="text/html;charset=$blog_encoding" >
+html head         <link rel="alternate" type="application/rss+xml" title="RSS" href="$url/index.rss" >
+html head         <title>$blog_title $path_info_da $path_info_mo $path_info_yr</title>
 html head     </head>
 html head     <body>
-html head         <center>
-html head             <font size="+3">$blog_title</font><br />
-html head             $path_info_da $path_info_mo $path_info_yr
-html head         </center>
-html head         <p />
+html head         <div align="center">
+html head             <h1>$blog_title</h1>
+html head             <p>$path_info_da $path_info_mo $path_info_yr</p>
+html head         </div>
 
-html story        <p>
-html story            <a name="$fn"><b>$title</b></a><br />
-html story            $body<br />
-html story            <br />
-html story            posted at: $ti | path: <a href="$url$path">$path </a> | <a href="$url/$yr/$mo_num/$da#$fn">permanent link to this entry</a>
-html story        </p>
+html story         <div>
+html story             <h3><a name="$fn">$title</a></h3>
+html story             <div>$body</div>
+html story             <p>posted at: $ti | path: <a href="$url$path">$path</a> | <a href="$url/$yr/$mo_num/$da#$fn">permanent link to this entry</a></p>
+html story         </div>
 
-html date         <h3>$dw, $da $mo $yr</h3>
+html date         <h2>$dw, $da $mo $yr</h2>
 
 html foot
-html foot         <p />
-html foot         <center>
-html foot             <a href="http://blosxom.sourceforge.net/"><img src="http://blosxom.sourceforge.net/images/pb_blosxom.gif" border="0" /></a>
-html foot         </center>
+html foot         <div align="center">
+html foot             <a href="http://blosxom.sourceforge.net/"><img src="http://blosxom.sourceforge.net/images/pb_blosxom.gif" alt="powered by blosxom" border="0" width="90" height="33" ></a>
+html foot         </div>
 html foot     </body>
 html foot </html>
 
@@ -794,15 +804,17 @@ rss foot </rss>
 
 error content_type text/html
 
+error head <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
 error head <html>
-error head <body>
-error head     <p><font color="red">Error: I'm afraid this is the first I've heard of a "$flavour" flavoured Blosxom.  Try dropping the "/+$flavour" bit from the end of the URL.</font></p>
-
+error head <head><title>Error: unknown Blosxom flavour "$flavour"</title></head>
+error head     <body>
+error head         <h1><font color="red">Error: unknown Blosxom flavour "$flavour"</font></h1>
+error head         <p>I'm afraid this is the first I've heard of a "$flavour" flavoured Blosxom.  Try dropping the "/+$flavour" bit from the end of the URL.</p>
 
-error story <p><b>$title</b><br />
-error story $body <a href="$url/$yr/$mo_num/$da#fn.$default_flavour">#</a></p>
+error story        <h3>$title</h3>
+error story        <div>$body</div> <p><a href="$url/$yr/$mo_num/$da#fn.$default_flavour">#</a></p>
 
-error date <h3>$dw, $da $mo $yr</h3>
+error date         <h2>$dw, $da $mo $yr</h2>
 
 error foot     </body>
 error foot </html>