Author: peter
Date: Fri Sep 11 16:35:36 2009
New Revision: 3236
Log:
use htmlspecialchars function to escape reserved XML special characters for XML
export
Modified:
trunk/apps/qubit/modules/informationobject/templates/exportEadSuccess.xml.php
Modified:
trunk/apps/qubit/modules/informationobject/templates/exportEadSuccess.xml.php
==============================================================================
---
trunk/apps/qubit/modules/informationobject/templates/exportEadSuccess.xml.php
Fri Sep 11 14:50:13 2009 (r3235)
+++
trunk/apps/qubit/modules/informationobject/templates/exportEadSuccess.xml.php
Fri Sep 11 16:35:36 2009 (r3236)
@@ -3,120 +3,114 @@
<ead>
-<eadheader langencoding="iso639-2b" countryencoding="iso3166-1"
dateencoding="iso8601" repositoryencoding="iso15511" scriptencoding="iso15924">
+<eadheader langencoding="iso639-2b" countryencoding="iso3166-1"
dateencoding="iso8601" repositoryencoding="iso15511" scriptencoding="iso15924"
relatedencoding="DC">
-<eadid
- countrycode="<?php if ($informationObject->getRepository()): ?><?php
echo $informationObject->getRepository()->getCountryCode() ?><?php endif; ?>"
- mainagencycode="<?php if ($informationObject->getRepository()): ?> <?php
echo
$informationObject->getRepository()->getCountryCode().'-'.$informationObject->getRepository()->getIdentifier()
?><?php endif; ?>"
- url="<?php echo
url_for('informationobject/show?id='.$informationObject->getId(), $absolute =
true) ?>">
- <?php echo $informationObject->getId().' ('.gmdate('o-m-d H:s:e').')' ?>
-</eadid>
+<eadid countrycode="<?php if ($informationObject->getRepository()): ?><?php
echo $informationObject->getRepository()->getCountryCode() ?><?php endif; ?>"
mainagencycode="<?php if ($informationObject->getRepository()): ?> <?php echo
$informationObject->getRepository()->getCountryCode().'-'.$informationObject->getRepository()->getIdentifier()
?><?php endif; ?>" url="<?php echo url_for(array('module' =>
'informationobject', 'action' => 'exportEad', 'id'
=>$informationObject->getId()), $absolute = true) ?>"
encodinganalog="Identifier"><?php echo $informationObject->getId() ?></eadid>
<filedesc>
<titlestmt>
<?php if (0 < strlen($value =
$informationObject->getTitle(array('cultureFallback' => true)))): ?>
- <titleproper><?php echo $value ?></titleproper>
+ <titleproper encodinganalog="Title"><?php echo htmlspecialchars($value)
?></titleproper>
<?php endif; ?>
+ <author></author>
</titlestmt>
<?php if (0 < strlen($value =
$informationObject->getEdition(array('cultureFallback' => true)))): ?>
<editionstmt>
- <edition><?php echo $value ?></edition>
+ <edition><?php echo htmlspecialchars($value) ?></edition>
</editionstmt>
<?php endif; ?>
<?php if ($value = $informationObject->getRepository()): ?>
<publicationstmt>
- <publisher><?php echo $value->__toString() ?></publisher>
+ <publisher encodinganalog="Publisher"><?php echo
htmlspecialchars($value->__toString()) ?></publisher>
<?php if ($address = $value->getPrimaryContact()): ?>
<address>
<?php if (0 < strlen($addressline = $address->getStreetAddress())): ?>
- <addressline><?php echo $addressline ?></addressline><?php endif; ?>
+ <addressline><?php echo htmlspecialchars($addressline)
?></addressline><?php endif; ?>
<?php if (0 < strlen($addressline = $address->getCity())): ?>
- <addressline><?php echo $addressline ?></addressline><?php endif; ?>
+ <addressline><?php echo htmlspecialchars($addressline)
?></addressline><?php endif; ?>
<?php if (0 < strlen($addressline = $address->getRegion())): ?>
- <addressline><?php echo $addressline ?></addressline><?php endif; ?>
+ <addressline><?php echo htmlspecialchars($addressline)
?></addressline><?php endif; ?>
<?php if (0 < strlen($addressline =
$informationObject->getRepositoryCountry())): ?>
- <addressline><?php echo $addressline ?></addressline><?php endif; ?>
+ <addressline><?php echo htmlspecialchars($addressline)
?></addressline><?php endif; ?>
<?php if (0 < strlen($addressline = $address->getPostalCode())): ?>
- <addressline><?php echo $addressline ?></addressline><?php endif; ?>
+ <addressline><?php echo htmlspecialchars($addressline)
?></addressline><?php endif; ?>
<?php if (0 < strlen($addressline = $address->getTelephone())): ?>
- <addressline><?php echo __('telephone: ').$addressline
?></addressline><?php endif; ?>
+ <addressline><?php echo __('telephone: ').htmlspecialchars($addressline)
?></addressline><?php endif; ?>
<?php if (0 < strlen($addressline = $address->getFax())): ?>
- <addressline><?php echo __('fax: ').$addressline ?></addressline><?php
endif; ?>
+ <addressline><?php echo __('fax: ').htmlspecialchars($addressline)
?></addressline><?php endif; ?>
<?php if (0 < strlen($addressline = $address->getEmail())): ?>
- <addressline><?php echo __('email: ').$addressline ?></addressline><?php
endif; ?>
+ <addressline><?php echo __('email: ').htmlspecialchars($addressline)
?></addressline><?php endif; ?>
<?php if (0 < strlen($addressline = $address->getWebsite())): ?>
- <addressline><?php echo $addressline ?></addressline><?php endif; ?>
+ <addressline><?php echo htmlspecialchars($addressline)
?></addressline><?php endif; ?>
</address><?php endif; ?>
+ <date normal="<?php echo $publicationDate ?>" encodinganalog="Date"><?php
echo htmlspecialchars($publicationDate) ?></date>
</publicationstmt><?php endif; ?>
</filedesc>
<profiledesc>
- <?php if (0 < count($informationObject->languageOfDescription)): ?>
+ <creation><?php echo __('Generated by ') ?><?php echo
sfConfig::get('app_version') ?>
+ <date normal="<?php echo gmdate('o-m-d') ?>"><?php echo gmdate('o-m-d
H:s:e') ?></date>
+ </creation>
<langusage>
- <?php foreach ($informationObject->languageOfDescription as $languageCode):
?>
- <language langcode="<?php echo ($iso6392 =
$iso639convertor->getID3($languageCode)) ? strtolower($iso6392) : $languageCode
?>"><?php echo format_language($languageCode) ?></language>
- <?php endforeach; ?>
+ <?php if ($exportLanguage != $sourceLanguage): ?>
+ <language langcode="<?php echo ($iso6392 =
$iso639convertor->getID3($exportLanguage)) ? strtolower($iso6392) :
$exportLanguage ?>" encodinganalog="Language"><?php echo
format_language($exportLanguage) ?></language><?php endif; ?>
+ <language langcode="<?php echo ($iso6392 =
$iso639convertor->getID3($sourceLanguage)) ? strtolower($iso6392) :
$sourceLanguage ?>" encodinganalog="Language"><?php echo
format_language($sourceLanguage) ?></language>
</langusage>
- <?php endif; ?>
<?php if (0 < strlen($rules = $informationObject->getRules())): ?>
- <descrules><?php echo $rules ?></descrules>
+ <descrules><?php echo htmlspecialchars($rules) ?></descrules>
<?php endif; ?>
</profiledesc>
</eadheader>
<frontmatter></frontmatter>
-
-
-
-
<archdesc <?php if (0 < strlen($levelOfDescription =
$informationObject->getLevelOfDescription()->getName(array('culture' =>
'en')))): ?>level="<?php if (in_array(strtolower($levelOfDescription),
$eadLevels)): ?><?php echo strtolower($levelOfDescription).'"' ?><?php else:
?><?php echo 'otherlevel" otherlevel="'.$levelOfDescription.'"' ?><?php endif;
?><?php endif; ?>>
<did>
<?php if (0 < strlen($value = $informationObject->getTitle())): ?>
- <unittitle><?php echo $value ?></unittitle><?php endif; ?>
- <unitid <?php if ($informationObject->getRepository()): ?><?php if
($repocode = $informationObject->getRepository()->getIdentifier()): ?><?php
echo 'repositorycode="'.$repocode.'" ' ?><?php endif; ?>
- <?php if ($countrycode =
$informationObject->getRepository()->getCountryCode()): ?><?php echo
'countrycode="'.$countrycode.'"' ?><?php endif;?><?php endif; ?>><?php echo
$informationObject->getIdentifier() ?></unitid>
+ <unittitle><?php echo htmlspecialchars($value) ?></unittitle><?php endif; ?>
+ <unitid <?php if ($informationObject->getRepository()): ?><?php if
($repocode = $informationObject->getRepository()->getIdentifier()): ?><?php
echo 'repositorycode="'.htmlspecialchars($repocode).'" ' ?><?php endif; ?>
+ <?php if ($countrycode =
$informationObject->getRepository()->getCountryCode()): ?><?php echo
'countrycode="'.$countrycode.'"' ?><?php endif;?><?php endif; ?>><?php echo
htmlspecialchars($informationObject->getIdentifier()) ?></unitid>
<?php foreach ($informationObject->getDates() as $date): ?>
- <unitdate <?php if ($datechar = $date->getType()->__toString()): ?><?php
echo 'datechar="'.strtolower($datechar).'" ' ?><?php endif; ?><?php if
($startdate = $date->getStartDate()): ?><?php echo 'normal="'?><?php echo
collapse_date($startdate) ?><?php if ($enddate = $date->getEndDate()): ?><?php
echo '/'?><?php echo collapse_date($enddate) ?><?php endif; ?><?php echo '"'
?><?php endif; ?>><?php echo date_display($date) ?></unitdate><?php endforeach;
?>
+ <unitdate <?php if ($datechar = $date->getType()->__toString()): ?><?php
echo 'datechar="'.strtolower($datechar).'" ' ?><?php endif; ?><?php if
($startdate = $date->getStartDate()): ?><?php echo 'normal="'?><?php echo
collapse_date($startdate) ?><?php if ($enddate = $date->getEndDate()): ?><?php
echo '/'?><?php echo collapse_date($enddate) ?><?php endif; ?><?php echo '"'
?><?php endif; ?>><?php echo htmlspecialchars(date_display($date))
?></unitdate><?php endforeach; ?>
<?php if (0 < count($creators = $informationObject->getCreators())): ?>
<origination>
<?php foreach ($creators as $creator): ?>
<?php if ($type = $creator->getEntityTypeId()): ?>
<?php if ($type == QubitTerm::PERSON_ID): ?>
- <persname><?php echo $creator->getAuthorizedFormOfName()
?></persname><?php endif; ?>
+ <persname><?php echo
htmlspecialchars($creator->getAuthorizedFormOfName()) ?></persname><?php endif;
?>
<?php if ($type == QubitTerm::FAMILY_ID): ?>
- <famname><?php echo $creator->getAuthorizedFormOfName()
?></famname><?php endif; ?>
+ <famname><?php echo
htmlspecialchars($creator->getAuthorizedFormOfName()) ?></famname><?php endif;
?>
<?php if ($type == QubitTerm::CORPORATE_BODY_ID): ?>
- <corpname><?php echo $creator->getAuthorizedFormOfName()
?></corpname><?php endif; ?>
+ <corpname><?php echo
htmlspecialchars($creator->getAuthorizedFormOfName()) ?></corpname><?php endif;
?>
<?php else: ?>
- <name><?php echo $creator->getAuthorizedFormOfName() ?></name><?php
endif; ?>
+ <name><?php echo htmlspecialchars($creator->getAuthorizedFormOfName())
?></name><?php endif; ?>
<?php endforeach; ?>
</origination><?php endif; ?>
- <?php if (0 < strlen($extent = $informationObject->getExtentAndMedium())): ?>
- <physdesc><extent><?php echo $extent ?></extent></physdesc><?php endif; ?>
+ <?php if (0 < strlen($value = $informationObject->getExtentAndMedium())): ?>
+ <physdesc><extent><?php echo htmlspecialchars($value)
?></extent></physdesc><?php endif; ?>
<?php if ($value = $informationObject->getRepository()): ?>
<repository>
- <corpname><?php echo $value->__toString() ?></corpname>
+ <corpname><?php echo htmlspecialchars($value->__toString()) ?></corpname>
<?php if ($address = $value->getPrimaryContact()): ?>
<address>
<?php if (0 < strlen($addressline = $address->getStreetAddress())): ?>
- <addressline><?php echo $addressline ?></addressline><?php endif; ?>
+ <addressline><?php echo htmlspecialchars($addressline)
?></addressline><?php endif; ?>
<?php if (0 < strlen($addressline = $address->getCity())): ?>
- <addressline><?php echo $addressline ?></addressline><?php endif; ?>
+ <addressline><?php echo htmlspecialchars($addressline)
?></addressline><?php endif; ?>
<?php if (0 < strlen($addressline = $address->getRegion())): ?>
- <addressline><?php echo $addressline ?></addressline><?php endif; ?>
+ <addressline><?php echo htmlspecialchars($addressline)
?></addressline><?php endif; ?>
<?php if (0 < strlen($addressline =
$informationObject->getRepositoryCountry())): ?>
- <addressline><?php echo $addressline ?></addressline><?php endif; ?>
+ <addressline><?php echo htmlspecialchars($addressline)
?></addressline><?php endif; ?>
<?php if (0 < strlen($addressline = $address->getPostalCode())): ?>
- <addressline><?php echo $addressline ?></addressline><?php endif; ?>
+ <addressline><?php echo htmlspecialchars($addressline)
?></addressline><?php endif; ?>
<?php if (0 < strlen($addressline = $address->getTelephone())): ?>
- <addressline><?php echo __('telephone: ').$addressline
?></addressline><?php endif; ?>
+ <addressline><?php echo __('telephone: ').htmlspecialchars($addressline)
?></addressline><?php endif; ?>
<?php if (0 < strlen($addressline = $address->getFax())): ?>
- <addressline><?php echo __('fax: ').$addressline ?></addressline><?php
endif; ?>
+ <addressline><?php echo __('fax: ').htmlspecialchars($addressline)
?></addressline><?php endif; ?>
<?php if (0 < strlen($addressline = $address->getEmail())): ?>
- <addressline><?php echo __('email: ').$addressline ?></addressline><?php
endif; ?>
+ <addressline><?php echo __('email: ').htmlspecialchars($addressline)
?></addressline><?php endif; ?>
<?php if (0 < strlen($addressline = $address->getWebsite())): ?>
- <addressline><?php echo $addressline ?></addressline><?php endif; ?>
+ <addressline><?php echo htmlspecialchars($addressline)
?></addressline><?php endif; ?>
</address><?php endif; ?>
</repository><?php endif; ?>
<?php if (0 < count($langmaterial = $informationObject->language)): ?>
@@ -125,15 +119,15 @@
<language langcode="<?php echo ($iso6392 =
$iso639convertor->getID3($languageCode)) ? strtolower($iso6392) : $languageCode
?>"><?php echo format_language($languageCode) ?></language><?php endforeach; ?>
</langmaterial><?php endif; ?>
<?php if (0 < count($notes = $informationObject->getNotes())): ?><?php
foreach ($notes as $note): ?>
- <note type="<?php echo $note->getType() ?>"><p><?php echo
$note->getContent() ?></p></note><?php endforeach; ?><?php endif; ?>
+ <note type="<?php echo htmlspecialchars($note->getType()) ?>"><p><?php echo
htmlspecialchars($note->getContent()) ?></p></note><?php endforeach; ?><?php
endif; ?>
</did>
<?php foreach ($informationObject->getCreators() as $creator): ?>
- <?php if ($bioghist = $creator->getHistory()): ?>
- <bioghist><p><?php echo $bioghist ?></p></bioghist><?php endif; ?><?php
endforeach; ?>
+ <?php if ($value = $creator->getHistory()): ?>
+ <bioghist><p><?php echo htmlspecialchars($value) ?></p></bioghist><?php
endif; ?><?php endforeach; ?>
<?php if (0 < strlen($value = $informationObject->getScopeAndContent())): ?>
- <scopecontent><p><?php echo $value ?></p></scopecontent><?php endif; ?>
+ <scopecontent><p><?php echo htmlspecialchars($value)
?></p></scopecontent><?php endif; ?>
<?php if (0 < strlen($value = $informationObject->getArrangement())): ?>
- <arrangement><p><?php echo $value ?></p></arrangement><?php endif; ?>
+ <arrangement><p><?php echo htmlspecialchars($value)
?></p></arrangement><?php endif; ?>
<?php if ((0 < count($materialtypes =
$informationObject->getMaterialTypes())) ||
(0 < count($subjects =
$informationObject->getSubjectAccessPoints())) ||
(0 < count($places = $informationObject->getPlaceAccessPoints()))
||
@@ -141,103 +135,103 @@
<controlaccess>
<?php foreach ($informationObject->getActorEvents() as $event): ?>
<?php if ($event->getActor()->getEntityTypeId() == QubitTerm::PERSON_ID):
?>
- <persname role="<?php echo $event->getType()->getRole() ?>"><?php echo
render_title($event->getActor()) ?> </persname>
+ <persname role="<?php echo $event->getType()->getRole() ?>"><?php echo
htmlspecialchars(render_title($event->getActor())) ?> </persname>
<?php elseif ($event->getActor()->getEntityTypeId() ==
QubitTerm::FAMILY_ID): ?>
- <famname role="<?php echo $event->getType()->getRole() ?>"><?php echo
render_title($event->getActor()) ?> </famname>
+ <famname role="<?php echo $event->getType()->getRole() ?>"><?php echo
htmlspecialchars(render_title($event->getActor())) ?> </famname>
<?php else: ?>
- <corpname role="<?php echo $event->getType()->getRole() ?>"><?php echo
render_title($event->getActor()) ?> </corpname>
+ <corpname role="<?php echo $event->getType()->getRole() ?>"><?php echo
htmlspecialchars(render_title($event->getActor())) ?> </corpname>
<?php endif; ?>
<?php endforeach; ?>
<?php foreach ($materialtypes as $materialtype): ?>
- <genreform><?php echo $materialtype->getTerm() ?></genreform>
+ <genreform><?php echo htmlspecialchars($materialtype->getTerm())
?></genreform>
<?php endforeach; ?>
<?php foreach ($subjects as $subject): ?>
- <subject><?php echo $subject->getTerm() ?></subject>
+ <subject><?php echo htmlspecialchars($subject->getTerm()) ?></subject>
<?php endforeach; ?>
<?php foreach ($places as $place): ?>
- <geogname><?php echo $place->getTerm() ?></geogname>
+ <geogname><?php echo htmlspecialchars($place->getTerm()) ?></geogname>
<?php endforeach; ?>
</controlaccess>
<?php endif; ?>
- <?php if (0 < strlen($phystech =
$informationObject->getPhysicalCharacteristics())): ?>
- <phystech><p><?php echo $phystech ?></p></phystech><?php endif; ?>
+ <?php if (0 < strlen($value =
$informationObject->getPhysicalCharacteristics())): ?>
+ <phystech><p><?php echo htmlspecialchars($value) ?></p></phystech><?php
endif; ?>
<?php if (0 < strlen($value = $informationObject->getAppraisal())): ?>
- <appraisal><p><?php echo $value ?></p></appraisal><?php endif; ?>
+ <appraisal><p><?php echo htmlspecialchars($value) ?></p></appraisal><?php
endif; ?>
<?php if (0 < strlen($value = $informationObject->getAcquisition())): ?>
- <acqinfo><p><?php echo $value ?></p></acqinfo><?php endif; ?>
+ <acqinfo><p><?php echo htmlspecialchars($value) ?></p></acqinfo><?php endif;
?>
<?php if (0 < strlen($value = $informationObject->getAccruals())): ?>
- <accruals><p><?php echo $value ?></p></accruals><?php endif; ?>
+ <accruals><p><?php echo htmlspecialchars($value) ?></p></accruals><?php
endif; ?>
<?php if (0 < strlen($value = $informationObject->getArchivalHistory())): ?>
- <custodhist><p><?php echo $value ?></p></custodhist><?php endif; ?>
+ <custodhist><p><?php echo htmlspecialchars($value) ?></p></custodhist><?php
endif; ?>
<?php if (0 < strlen($value = $informationObject->getRevisionHistory())): ?>
- <processinfo><p><?php echo $value ?></p></processinfo><?php endif; ?>
+ <processinfo><p><?php echo htmlspecialchars($value)
?></p></processinfo><?php endif; ?>
<?php if (0 < strlen($value =
$informationObject->getLocationOfOriginals())): ?>
- <originalsloc><p><?php echo $value ?></p></originalsloc><?php endif; ?>
+ <originalsloc><p><?php echo htmlspecialchars($value)
?></p></originalsloc><?php endif; ?>
<?php if (0 < strlen($value = $informationObject->getLocationOfCopies())): ?>
- <altformavail><p><?php echo $value ?></p></altformavail><?php endif; ?>
+ <altformavail><p><?php echo htmlspecialchars($value)
?></p></altformavail><?php endif; ?>
<?php if (0 < strlen($value =
$informationObject->getRelatedUnitsOfDescription())): ?>
- <relatedmaterial><p><?php echo $value ?></p></relatedmaterial><?php endif; ?>
+ <relatedmaterial><p><?php echo htmlspecialchars($value)
?></p></relatedmaterial><?php endif; ?>
<?php if (0 < strlen($value = $informationObject->getAccessConditions())): ?>
- <accessrestrict><p><?php echo $value ?></p></accessrestrict><?php endif; ?>
+ <accessrestrict><p><?php echo htmlspecialchars($value)
?></p></accessrestrict><?php endif; ?>
<?php if (0 < strlen($value =
$informationObject->getReproductionConditions())): ?>
- <userestrict><p><?php echo $value ?></p></userestrict><?php endif; ?>
+ <userestrict><p><?php echo htmlspecialchars($value)
?></p></userestrict><?php endif; ?>
<?php if (0 < strlen($value = $informationObject->getFindingAids())): ?>
- <otherfindaid><p><?php echo $value ?></p></otherfindaid><?php endif; ?>
+ <otherfindaid><p><?php echo htmlspecialchars($value)
?></p></otherfindaid><?php endif; ?>
<dsc type="combined"><?php $nestedRgt = array() ?><?php foreach
($informationObject->getDescendants()->orderBy('lft') as $descendant): ?>
<c <?php if (0 < strlen($levelOfDescription =
$descendant->getLevelOfDescription()->getName(array('culture' => 'en')))):
?>level="<?php if (in_array(strtolower($levelOfDescription), $eadLevels)):
?><?php echo strtolower($levelOfDescription).'"' ?><?php else: ?><?php echo
'otherlevel" otherlevel="'.$levelOfDescription.'"' ?><?php endif; ?><?php
endif; ?>>
<did>
<?php foreach ($descendant->getPhysicalObjects() as $physicalObject):
?><?php if ($physicalObject->getLocation()): ?>
- <physloc><?php echo $physicalObject->getLocation() ?></physloc><?php
endif; ?>
+ <physloc><?php echo htmlspecialchars($physicalObject->getLocation())
?></physloc><?php endif; ?>
<?php if ($physicalObject->getName()): ?>
- <container type="<?php echo str_replace(' ', '',
$physicalObject->getType()) ?>"><?php echo $physicalObject->getName()
?></container><?php endif; ?>
+ <container type="<?php echo str_replace(' ', '',
$physicalObject->getType()) ?>"><?php echo
htmlspecialchars($physicalObject->getName()) ?></container><?php endif; ?>
<?php endforeach; ?>
<?php if (0 < strlen($value = $descendant->getTitle())): ?>
- <unittitle><?php echo $value ?></unittitle><?php endif; ?>
- <unitid <?php if ($descendant->getRepository()): ?><?php if ($repocode =
$descendant->getRepository()->getIdentifier()): ?><?php echo
'repositorycode="'.$repocode.'" ' ?><?php endif; ?>
- <?php if ($countrycode = $descendant->getRepository()->getCountryCode()):
?><?php echo 'countrycode="'.$countrycode.'"' ?><?php endif;?><?php endif;
?>><?php echo $descendant->getIdentifier() ?></unitid>
+ <unittitle><?php echo htmlspecialchars($value) ?></unittitle><?php endif;
?>
+ <unitid <?php if ($descendant->getRepository()): ?><?php if ($repocode =
$descendant->getRepository()->getIdentifier()): ?><?php echo
'repositorycode="'.htmlspecialchars($repocode).'" ' ?><?php endif; ?>
+ <?php if ($countrycode = $descendant->getRepository()->getCountryCode()):
?><?php echo 'countrycode="'.$countrycode.'"' ?><?php endif;?><?php endif;
?>><?php echo htmlspecialchars($descendant->getIdentifier()) ?></unitid>
<?php foreach ($descendant->getDates() as $date): ?>
- <unitdate <?php if ($datechar = $date->getType()->__toString()): ?><?php
echo 'datechar="'.strtolower($datechar).'" ' ?><?php endif; ?><?php if
($startdate = $date->getStartDate()): ?><?php echo 'normal="'?><?php echo
collapse_date($startdate) ?><?php if ($enddate = $date->getEndDate()): ?><?php
echo '/'?><?php echo collapse_date($enddate) ?><?php endif; ?><?php echo '"'
?><?php endif; ?>><?php echo date_display($date) ?></unitdate><?php endforeach;
?>
+ <unitdate <?php if ($datechar = $date->getType()->__toString()): ?><?php
echo 'datechar="'.strtolower($datechar).'" ' ?><?php endif; ?><?php if
($startdate = $date->getStartDate()): ?><?php echo 'normal="'?><?php echo
collapse_date($startdate) ?><?php if ($enddate = $date->getEndDate()): ?><?php
echo '/'?><?php echo collapse_date($enddate) ?><?php endif; ?><?php echo '"'
?><?php endif; ?>><?php echo htmlspecialchars(date_display($date))
?></unitdate><?php endforeach; ?>
<?php if (0 < count($creators = $descendant->getCreators())): ?>
<origination>
<?php foreach ($creators as $creator): ?>
<?php if ($type = $creator->getEntityTypeId()): ?>
<?php if ($type == QubitTerm::PERSON_ID): ?>
- <persname><?php echo $creator->getAuthorizedFormOfName()
?></persname><?php endif; ?>
+ <persname><?php echo
htmlspecialchars($creator->getAuthorizedFormOfName()) ?></persname><?php endif;
?>
<?php if ($type == QubitTerm::FAMILY_ID): ?>
- <famname><?php echo $creator->getAuthorizedFormOfName()
?></famname><?php endif; ?>
+ <famname><?php echo
htmlspecialchars($creator->getAuthorizedFormOfName()) ?></famname><?php endif;
?>
<?php if ($type == QubitTerm::CORPORATE_BODY_ID): ?>
- <corpname><?php echo $creator->getAuthorizedFormOfName()
?></corpname><?php endif; ?>
+ <corpname><?php echo
htmlspecialchars($creator->getAuthorizedFormOfName()) ?></corpname><?php endif;
?>
<?php else: ?>
- <name><?php echo $creator->getAuthorizedFormOfName() ?></name><?php
endif; ?>
+ <name><?php echo htmlspecialchars($creator->getAuthorizedFormOfName())
?></name><?php endif; ?>
<?php endforeach; ?>
</origination><?php endif; ?>
- <?php if (0 < strlen($extent = $descendant->getExtentAndMedium())): ?>
- <physdesc><extent><?php echo $extent ?></extent></physdesc><?php endif; ?>
+ <?php if (0 < strlen($value = $descendant->getExtentAndMedium())): ?>
+ <physdesc><extent><?php echo htmlspecialchars($value)
?></extent></physdesc><?php endif; ?>
<?php if ($value = $descendant->getRepository()): ?>
<repository>
- <corpname><?php echo $value->__toString() ?></corpname>
+ <corpname><?php echo htmlspecialchars($value->__toString()) ?></corpname>
<?php if ($address = $value->getPrimaryContact()): ?>
<address>
<?php if (0 < strlen($addressline = $address->getStreetAddress())): ?>
- <addressline><?php echo $addressline ?></addressline><?php endif; ?>
+ <addressline><?php echo htmlspecialchars($addressline)
?></addressline><?php endif; ?>
<?php if (0 < strlen($addressline = $address->getCity())): ?>
- <addressline><?php echo $addressline ?></addressline><?php endif; ?>
+ <addressline><?php echo htmlspecialchars($addressline)
?></addressline><?php endif; ?>
<?php if (0 < strlen($addressline = $address->getRegion())): ?>
- <addressline><?php echo $addressline ?></addressline><?php endif; ?>
+ <addressline><?php echo htmlspecialchars($addressline)
?></addressline><?php endif; ?>
<?php if (0 < strlen($addressline =
$informationObject->getRepositoryCountry())): ?>
- <addressline><?php echo $addressline ?></addressline><?php endif; ?>
+ <addressline><?php echo htmlspecialchars($addressline)
?></addressline><?php endif; ?>
<?php if (0 < strlen($addressline = $address->getPostalCode())): ?>
- <addressline><?php echo $addressline ?></addressline><?php endif; ?>
+ <addressline><?php echo htmlspecialchars($addressline)
?></addressline><?php endif; ?>
<?php if (0 < strlen($addressline = $address->getTelephone())): ?>
- <addressline><?php echo __('telephone: ').$addressline
?></addressline><?php endif; ?>
+ <addressline><?php echo __('telephone: ').htmlspecialchars($addressline)
?></addressline><?php endif; ?>
<?php if (0 < strlen($addressline = $address->getFax())): ?>
- <addressline><?php echo __('fax: ').$addressline ?></addressline><?php
endif; ?>
+ <addressline><?php echo __('fax: ').htmlspecialchars($addressline)
?></addressline><?php endif; ?>
<?php if (0 < strlen($addressline = $address->getEmail())): ?>
- <addressline><?php echo __('email: ').$addressline ?></addressline><?php
endif; ?>
+ <addressline><?php echo __('email: ').htmlspecialchars($addressline)
?></addressline><?php endif; ?>
<?php if (0 < strlen($addressline = $address->getWebsite())): ?>
- <addressline><?php echo $addressline ?></addressline><?php endif; ?>
+ <addressline><?php echo htmlspecialchars($addressline)
?></addressline><?php endif; ?>
</address><?php endif; ?>
</repository><?php endif; ?>
<?php if (0 < count($langmaterial = $descendant->language)): ?>
@@ -246,17 +240,15 @@
<language langcode="<?php echo ($iso6392 =
$iso639convertor->getID3($languageCode)) ? strtolower($iso6392) : $languageCode
?>"><?php echo format_language($languageCode) ?></language><?php endforeach; ?>
</langmaterial><?php endif; ?>
<?php if (0 < count($notes = $descendant->getNotes())): ?><?php foreach
($notes as $note): ?>
- <note type="<?php echo $note->getType() ?>"><p><?php echo
$note->getContent() ?></p></note><?php endforeach; ?><?php endif; ?>
+ <note type="<?php echo htmlspecialchars($note->getType()) ?>"><p><?php
echo htmlspecialchars($note->getContent()) ?></p></note><?php endforeach;
?><?php endif; ?>
</did>
- <?php if (0 < strlen($phystech =
$descendant->getPhysicalCharacteristics())): ?>
- <phystech><p><?php echo $phystech ?></p></phystech><?php endif; ?>
<?php foreach ($descendant->getCreators() as $creator): ?>
- <?php if ($bioghist = $creator->getHistory()): ?>
- <bioghist><p><?php echo $bioghist ?></p></bioghist><?php endif; ?><?php
endforeach; ?>
+ <?php if ($value = $creator->getHistory()): ?>
+ <bioghist><p><?php echo htmlspecialchars($value) ?></p></bioghist><?php
endif; ?><?php endforeach; ?>
<?php if (0 < strlen($value = $descendant->getScopeAndContent())): ?>
- <scopecontent><p><?php echo $value ?></p></scopecontent><?php endif; ?>
+ <scopecontent><p><?php echo htmlspecialchars($value)
?></p></scopecontent><?php endif; ?>
<?php if (0 < strlen($value = $descendant->getArrangement())): ?>
- <arrangement><p><?php echo $value ?></p></arrangement><?php endif; ?>
+ <arrangement><p><?php echo htmlspecialchars($value)
?></p></arrangement><?php endif; ?>
<?php if ((0 < count($materialtypes = $descendant->getMaterialTypes())) ||
(0 < count($subjects = $descendant->getSubjectAccessPoints())) ||
(0 < count($places = $descendant->getPlaceAccessPoints())) ||
@@ -264,47 +256,47 @@
<controlaccess>
<?php foreach ($descendant->getActorEvents() as $event): ?>
<?php if ($event->getActor()->getEntityTypeId() ==
QubitTerm::PERSON_ID): ?>
- <persname role="<?php echo $event->getType()->getRole() ?>"><?php echo
render_title($event->getActor()) ?> </persname>
+ <persname role="<?php echo $event->getType()->getRole() ?>"><?php echo
htmlspecialchars(render_title($event->getActor())) ?> </persname>
<?php elseif ($event->getActor()->getEntityTypeId() ==
QubitTerm::FAMILY_ID): ?>
- <famname role="<?php echo $event->getType()->getRole() ?>"><?php echo
render_title($event->getActor()) ?> </famname>
+ <famname role="<?php echo $event->getType()->getRole() ?>"><?php echo
htmlspecialchars(render_title($event->getActor())) ?> </famname>
<?php else: ?>
- <corpname role="<?php echo $event->getType()->getRole() ?>"><?php echo
render_title($event->getActor()) ?> </corpname>
+ <corpname role="<?php echo $event->getType()->getRole() ?>"><?php echo
htmlspecialchars(render_title($event->getActor())) ?> </corpname>
<?php endif; ?>
<?php endforeach; ?>
<?php foreach ($materialtypes as $materialtype): ?>
- <genreform><?php echo $materialtype->getTerm() ?></genreform>
+ <genreform><?php echo htmlspecialchars($materialtype->getTerm())
?></genreform>
<?php endforeach; ?>
<?php foreach ($subjects as $subject): ?>
- <subject><?php echo $subject->getTerm() ?></subject>
+ <subject><?php echo htmlspecialchars($subject->getTerm()) ?></subject>
<?php endforeach; ?>
<?php foreach ($places as $place): ?>
- <geogname><?php echo $place->getTerm() ?></geogname>
+ <geogname><?php echo htmlspecialchars($place->getTerm()) ?></geogname>
<?php endforeach; ?>
</controlaccess><?php endif; ?>
- <?php if (0 < strlen($phystech =
$descendant->getPhysicalCharacteristics())): ?>
- <phystech><p><?php echo $phystech ?></p></phystech><?php endif; ?>
+ <?php if (0 < strlen($value = $descendant->getPhysicalCharacteristics())):
?>
+ <phystech><p><?php echo htmlspecialchars($value) ?></p></phystech><?php
endif; ?>
<?php if (0 < strlen($value = $descendant->getAppraisal())): ?>
- <appraisal><p><?php echo $value ?></p></appraisal><?php endif; ?>
+ <appraisal><p><?php echo htmlspecialchars($value) ?></p></appraisal><?php
endif; ?>
<?php if (0 < strlen($value = $descendant->getAcquisition())): ?>
- <acqinfo><p><?php echo $value ?></p></acqinfo><?php endif; ?>
+ <acqinfo><p><?php echo htmlspecialchars($value) ?></p></acqinfo><?php
endif; ?>
<?php if (0 < strlen($value = $descendant->getAccruals())): ?>
- <accruals><p><?php echo $value ?></p></accruals><?php endif; ?>
+ <accruals><p><?php echo htmlspecialchars($value) ?></p></accruals><?php
endif; ?>
<?php if (0 < strlen($value = $descendant->getArchivalHistory())): ?>
- <custodhist><p><?php echo $value ?></p></custodhist><?php endif; ?>
+ <custodhist><p><?php echo htmlspecialchars($value)
?></p></custodhist><?php endif; ?>
<?php if (0 < strlen($value = $descendant->getRevisionHistory())): ?>
- <processinfo><p><?php echo $value ?></p></processinfo><?php endif; ?>
+ <processinfo><p><?php echo htmlspecialchars($value)
?></p></processinfo><?php endif; ?>
<?php if (0 < strlen($value = $descendant->getLocationOfOriginals())): ?>
- <originalsloc><p><?php echo $value ?></p></originalsloc><?php endif; ?>
+ <originalsloc><p><?php echo htmlspecialchars($value)
?></p></originalsloc><?php endif; ?>
<?php if (0 < strlen($value = $descendant->getLocationOfCopies())): ?>
- <altformavail><p><?php echo $value ?></p></altformavail><?php endif; ?>
+ <altformavail><p><?php echo htmlspecialchars($value)
?></p></altformavail><?php endif; ?>
<?php if (0 < strlen($value =
$descendant->getRelatedUnitsOfDescription())): ?>
- <relatedmaterial><p><?php echo $value ?></p></relatedmaterial><?php endif;
?>
+ <relatedmaterial><p><?php echo htmlspecialchars($value)
?></p></relatedmaterial><?php endif; ?>
<?php if (0 < strlen($value = $descendant->getAccessConditions())): ?>
- <accessrestrict><p><?php echo $value ?></p></accessrestrict><?php endif;
?>
+ <accessrestrict><p><?php echo htmlspecialchars($value)
?></p></accessrestrict><?php endif; ?>
<?php if (0 < strlen($value = $descendant->getReproductionConditions())):
?>
- <userestrict><p><?php echo $value ?></p></userestrict><?php endif; ?>
+ <userestrict><p><?php echo htmlspecialchars($value)
?></p></userestrict><?php endif; ?>
<?php if (0 < strlen($value = $descendant->getFindingAids())): ?>
- <otherfindaid><p><?php echo $value ?></p></otherfindaid><?php endif; ?>
+ <otherfindaid><p><?php echo htmlspecialchars($value)
?></p></otherfindaid><?php endif; ?>
<?php if ($descendant->getRgt() == $descendant->getLft() + 1): ?>
</c>
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Qubit Toolkit Commits" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.ca/group/qubit-commits?hl=en
-~----------~----~----~----~------~----~------~--~---
