From c71448664658234ea1af32fe7ca61bb1d77dce72 Mon Sep 17 00:00:00 2001
From: Mike Taylor <mike@indexdata.com>
Date: Tue, 14 Nov 2006 16:23:11 +0000
Subject: [PATCH] Defensive use of xml_encode()

---
 web/htdocs/details/found.mc |   12 ++++++------
 web/htdocs/details/full.mc  |    4 ++--
 2 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/web/htdocs/details/found.mc b/web/htdocs/details/found.mc
index da1e53e..5c8993f 100644
--- a/web/htdocs/details/found.mc
+++ b/web/htdocs/details/found.mc
@@ -1,4 +1,4 @@
-%# $Id: found.mc,v 1.17 2006-10-27 00:47:05 mike Exp $
+%# $Id: found.mc,v 1.18 2006-11-14 16:23:11 mike Exp $
 <%once>
 sub print_navlink {
     my($params, $cond, $caption, $skip) = @_;
@@ -125,11 +125,11 @@ push @ids, $id;
       <tr style="background: <% ($i % 2) ? '#ffffc0' : 'white' %>">
        <td><% $i %></td>
        <td><a href="<% xml_encode("/full.html?id=" . uri_escape($id))
-		%>"><% xml_encode($title) %></a></td>
-       <td><% xml_encode($author) %></td>
-       <td><% xml_encode($host) %></td>
-       <td><% xml_encode($port) %></td>
-       <td><% xml_encode($db) %></td>
+		%>"><% xml_encode($title, "[untitled]") %></a></td>
+       <td><% xml_encode($author, "") %></td>
+       <td><% xml_encode($host, "") %></td>
+       <td><% xml_encode($port, "") %></td>
+       <td><% xml_encode($db, "") %></td>
        <td>
 	<a href="<% xml_encode("/check.html?id=" . uri_escape($id))
 		%>" title="Test this target">Test</a
diff --git a/web/htdocs/details/full.mc b/web/htdocs/details/full.mc
index 5f7ac19..2ce16c3 100644
--- a/web/htdocs/details/full.mc
+++ b/web/htdocs/details/full.mc
@@ -1,4 +1,4 @@
-%# $Id: full.mc,v 1.13 2006-11-06 17:43:29 mike Exp $
+%# $Id: full.mc,v 1.14 2006-11-14 16:24:39 mike Exp $
 <%args>
 $id
 </%args>
@@ -58,7 +58,7 @@ the Init Response.
 		  [ "Explain" => \&calc_explain, $xc ],
 		  );
 </%perl>
-     <h2><% xml_encode($xc->find("e:databaseInfo/e:title")) %></h2>
+     <h2><% xml_encode($xc->find("e:databaseInfo/e:title"), "") %></h2>
      <table class="fullrecord" border="1" cellspacing="0" cellpadding="5" width="100%">
 <%perl>
     foreach my $ref (@fields) {
-- 
1.7.10.4