[LON-CAPA-cvs] cvs: loncom /xml lonplot.pm

albertel lon-capa-cvs-allow@mail.lon-capa.org
Sat, 04 Aug 2007 00:01:53 -0000 

albertel		Fri Aug  3 20:01:53 2007 EDT

  Modified files:              
    /loncom/xml	lonplot.pm 
  Log:
  - escape inadvertent attempt to access the enhanced label commands
  
  
Index: loncom/xml/lonplot.pm
diff -u loncom/xml/lonplot.pm:1.126 loncom/xml/lonplot.pm:1.127
--- loncom/xml/lonplot.pm:1.126	Fri Aug  3 16:48:01 2007
+++ loncom/xml/lonplot.pm	Fri Aug  3 20:01:52 2007
@@ -1,7 +1,7 @@
 # The LearningOnline Network with CAPA
 # Dynamic plot
 #
-# $Id: lonplot.pm,v 1.126 2007/08/03 20:48:01 albertel Exp $
+# $Id: lonplot.pm,v 1.127 2007/08/04 00:01:52 albertel Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -757,6 +757,12 @@
     return $result;
 }
 
+sub gnuplot_protect {
+    my ($string) = @_;
+    $string =~ s{([_^&~\{\}]|\\\\)}{\\\\$1}g;
+    return $string;
+}
+
 ##------------------------------------------------------------------- title
 sub start_title {
     my ($target,$token,$tagstack,$parstack,$parser,$safeeval,$style)=@_;
@@ -768,6 +774,7 @@
 	if (length($title) > $max_str_len) {
 	    $title = substr($title,0,$max_str_len);
 	}
+	$title = &gnuplot_protect($title);
     } elsif ($target eq 'edit') {
 	$result.=&Apache::edit::tag_start($target,$token,'Plot Title');
 	my $text=&Apache::lonxml::get_all_text("/title",$parser,$style);
@@ -799,6 +806,7 @@
 	if (length($xlabel) > $max_str_len) {
 	    $xlabel = substr($xlabel,0,$max_str_len);
 	}
+	$xlabel = &gnuplot_protect($xlabel);
     } elsif ($target eq 'edit') {
 	$result.=&Apache::edit::tag_start($target,$token,'Plot Xlabel');
 	my $text=&Apache::lonxml::get_all_text("/xlabel",$parser,$style);
@@ -831,6 +839,7 @@
 	if (length($ylabel) > $max_str_len) {
 	    $ylabel = substr($ylabel,0,$max_str_len);
 	}
+	$ylabel = &gnuplot_protect($ylabel);
     } elsif ($target eq 'edit') {
 	$result .= &Apache::edit::tag_start($target,$token,'Plot Ylabel');
 	my $text = &Apache::lonxml::get_all_text("/ylabel",$parser,$style);
@@ -864,7 +873,7 @@
 	$text = &Apache::run::evaluate($text,$safeeval,$$parstack[-1]);
 	$text =~ s/\n/ /g;
 	$text = substr($text,0,$max_str_len) if (length($text) > $max_str_len);
-	$label{'text'} = $text;
+	$label{'text'} = &gnuplot_protect($text);
 	push(@labels,\%label);
     } elsif ($target eq 'edit') {
 	$result .= &Apache::edit::tag_start($target,$token,'Plot Label');